Skip to content

Instantly share code, notes, and snippets.

@alexey-v-paramonov

alexey-v-paramonov/child_gating_example.c

Last active November 2, 2018 09:15
Show Gist options
  • Save alexey-v-paramonov/14d801388bad97e96e98576b37a62ac2 to your computer and use it in GitHub Desktop.
Save alexey-v-paramonov/14d801388bad97e96e98576b37a62ac2 to your computer and use it in GitHub Desktop.
Download ZIP
Simple examples to demonstrate Frida issue
Raw
child_gating_example.c
#include "frida-core.h"
#include <stdlib.h>
#include <string.h>
#include <gnu/libc-version.h>
#include <iostream>
static void on_message (FridaScript * script, const gchar * message, GBytes * data, gpointer user_data);
static void on_child_added ();
static void on_signal (int signo);
static gboolean stop (gpointer user_data);
static GMainLoop * loop = NULL;
FridaDevice * local_device;
using namespace std;
int
main (int argc, char * argv[])
{
guint target_pid;
FridaDeviceManager * manager;
GError * error = NULL;
FridaDeviceList * devices;
gint num_devices, i;
FridaSession * session;
frida_init ();
if (argc != 2 || (target_pid = atoi (argv[1])) == 0)
{
g_printerr ("Usage: %s <pid>\n", argv[0]);
return 1;
}
loop = g_main_loop_new (NULL, TRUE);
signal (SIGINT, on_signal);
signal (SIGTERM, on_signal);
manager = frida_device_manager_new ();
devices = frida_device_manager_enumerate_devices_sync (manager, &error);
g_assert (error == NULL);
local_device = NULL;
num_devices = frida_device_list_size (devices);
for (i = 0; i != num_devices; i++)
{
FridaDevice * device = frida_device_list_get (devices, i);
g_print ("[*] Found device: \"%s\"\n", frida_device_get_name (device));
if (frida_device_get_dtype (device) == FRIDA_DEVICE_TYPE_LOCAL)
local_device = g_object_ref (device);
g_object_unref (device);
}
g_assert (local_device != NULL);
g_assert (error == NULL);
g_assert (local_device != NULL);
g_print ("[*] Device = %u\n", local_device);
g_signal_connect (local_device, "child-added", G_CALLBACK (on_child_added), NULL);
g_print ("[*] Trying to connect.... \n");
session = frida_device_attach_sync (local_device, target_pid, &error);
if (session == NULL)
{
g_print("Session is NULL\n");
}
if (error == NULL)
{
FridaScript * script;
g_print ("[*] Attached\n");
frida_session_enable_child_gating_sync (session, &error);
script = frida_session_create_script_sync (session, "example",
"Interceptor.attach(Module.findExportByName(null, 'open'), {\n"
" onEnter: function (args) {\n"
" console.log('[*] open(\"' + Memory.readUtf8String(args[0]) + '\")');\n"
" }\n"
"});\n",
&error);
if(error != NULL){
g_printerr ("Failed to open the session: %s\n", error->message);
}
g_assert (error == NULL);
g_signal_connect (script, "message", G_CALLBACK (on_message), NULL);
frida_script_load_sync (script, &error);
g_assert (error == NULL);
g_print ("[*] Script loaded\n");
if (g_main_loop_is_running (loop)){
g_main_loop_run (loop);
}
g_print ("[*] Stopped\n");
frida_script_unload_sync (script, NULL);
frida_unref (script);
g_print ("[*] Unloaded\n");
frida_session_detach_sync (session);
frida_unref (session);
g_print ("[*] Detached\n");
}
else
{
g_printerr ("Failed to attach: %s\n", error->message);
g_error_free (error);
}
frida_unref (local_device);
frida_device_manager_close_sync (manager);
frida_unref (manager);
g_print ("[*] Closed\n");
g_main_loop_unref (loop);
return 0;
}
static void on_child_added()
{
GError * error = NULL;
FridaChildList * ChildList;
FridaChild * Child;
guint child_pid;
ChildList = frida_device_enumerate_pending_children_sync(local_device, &error);
Child = frida_child_list_get(ChildList,0);
child_pid = frida_child_get_pid(Child);
g_print ("[*] Child added with PID = %d \n",child_pid);
if (child_pid > 0)
{
g_print ("Enabling child gating for the child\n");
GError * childSessionError = NULL;
FridaSession * childSession = frida_device_attach_sync (local_device, child_pid, &childSessionError);
if (childSessionError == NULL){
if (childSessionError == NULL){
frida_session_enable_child_gating_sync (childSession, &childSessionError);
if(childSessionError == NULL){
g_print ("Child gating for child enabled \n");
}
else {
g_printerr ("Failed to enable child gating for child process: %s\n", childSessionError->message);
g_error_free (childSessionError);
}
}
}
else{
g_printerr ("Failed to open child session: %s\n", childSessionError->message);
g_error_free (childSessionError);
}
g_print ("Resuming Child\n");
frida_device_resume_sync(local_device, child_pid, &error);
g_print ("Child Resumed \n");
}
}
static void
on_message (FridaScript * script,
const gchar * message,
GBytes * data,
gpointer user_data)
{
g_print ("on_message: %s\n", message);
}
static void
on_signal (int signo)
{
g_idle_add (stop, NULL);
}
static gboolean
stop (gpointer user_data)
{
g_main_loop_quit (loop);
return FALSE;
}
Raw
forkexample.c
#include <stdlib.h>
#include <stdio.h>
#include <unistd.h>
#include <sys/wait.h>
void forkexec_example()
{
printf("Calling fork & exec in 10 seconds\n");
sleep(10);
char *argv[] = {"watch", "date", NULL};
int status;
pid_t pid = fork();
if (pid == 0) {
int ret = execv("/bin/not_existing", argv);
printf("Child ret: %i\n", ret);
if(ret == -1){
int ret2 = execv("/usr/bin/watch", argv);
printf("Child ret2: %i\n", ret2);
}
} else {
printf("Child pid: %i\n", pid);
waitpid(pid, &status, 0);
}
}
int main()
{
printf("Current process ID: %d\n", getpid());
forkexec_example();
return 0;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment