To use it on a running process, first pip install frida
to grab Frida's python bindings and CLI tools, then:
$ frida FooApp -l gvariant-leak-tracker.js
Then in the REPL you can call count()
and list()
to inspect the values currently alive:
'use strict'; | |
Module.enumerateExports('libssl.so', { | |
onMatch(e) { | |
if (e.type === 'function') | |
Interceptor.attach(e.address, createHook(e.name, e.address)); | |
}, | |
onComplete() { | |
} | |
}); |
To use it on a running process, first pip install frida
to grab Frida's python bindings and CLI tools, then:
$ frida FooApp -l gvariant-leak-tracker.js
Then in the REPL you can call count()
and list()
to inspect the values currently alive:
'use strict'; | |
/* | |
* Usage: | |
* $ frida -U -n Twitter -l load-cycript.js | |
*/ | |
var PORT = 27060; | |
dlopen('/usr/lib/libcycript.dylib'); |
To use it on a running process, first pip install frida
to grab Frida's python bindings and CLI tools, then:
$ frida FooApp -l gobject-leak-tracker.js
Then in the REPL you can call count()
and list()
to inspect the instances currently alive:
/* | |
* Try it on a running process like this: | |
* | |
* $ frida gimp-2.10 -l hello.js | |
* | |
* This uses the Frida REPL, which supports live-reload. | |
*/ | |
Interceptor.attach(Module.getExportByName(null, 'open'), { | |
onEnter: function (args) { |
setImmediate(function () { | |
var NSAutoreleasePool = ObjC.classes.NSAutoreleasePool; | |
var NSSpeechSynthesizer = ObjC.classes.NSSpeechSynthesizer; | |
var pool = NSAutoreleasePool.alloc().init(); | |
try { | |
var synth = NSSpeechSynthesizer.alloc().init(); | |
var voices = NSSpeechSynthesizer.availableVoices(); |
const pendingBlocks = new Set(); | |
Interceptor.attach(..., { | |
onEnter(args) { | |
const block = new ObjC.Block(args[4]); | |
pendingBlocks.add(block); // Keep it alive | |
const appCallback = block.implementation; | |
block.implementation = (success, error) => { | |
// Do your logging here | |
appCallback(success, error); |
var frida = require('frida'); | |
frida.attach('cat') | |
.then(function (session) { | |
console.log('attached:', session); | |
return session.createScript( | |
'function onMessage(message) {' + | |
'send({ name: "pong", payload: message });' + | |
'recv(onMessage);' + | |
'}' + |
const vice = Process.getModuleByName('/usr/lib/c64emu.rgl'); | |
const mainloopOuterLoop = vice.getExportByName('maincpu_mainloop').add(0xf4); | |
const memStore = new NativeFunction(vice.getExportByName('mem_store'), 'void', ['uint16', 'uint8'], { exceptions: 'propagate' }); | |
const ioPending = Memory.alloc(4); | |
const ioCallbacks = []; | |
function poke(address, value) { | |
schedule(() => { memStore(address, value); }); | |
} |