[bug] Objection explore freezes #469
Comments
|
Can you connect the vanilla frida client? |
leonjza
added
apps
and removed
freshissue
How can i check this? |
|
Command frida --usb Gadget also freezes |
|
Try and use the full bundle identifier of your app instead of |
|
objection --debug -g "ru.invest.mobilebanking" explore |
|
Right, you will have to debug this locally. Could be some security feature of the application preventing Frida from working. |
|
I also have the same issue for a couple of apps. Ideas? |
|
We've run into this internally as well. For now, downgrading frida-server (or gadget by patching with the --gadget-version flag) and local |
|
Interestingly I am doing this with objection |
|
Right. Only other thing I can suggest now is to check your local frida package version. |
|
@leonjza hmmmm gotcha, but stays at connecting now: % pip3 freeze | grep frida
WARNING: Could not find setup.py for directory /opt/homebrew/lib/python3.9/site-packages (tried all parent directories)
frida==14.2.18
frida-tools==9.2.5 |
|
Stale issue, feel free to reopen. Suspect this has likely been resolved in newer Frida versions. |
Describe the bug
Hello! We encountered obscure objection behavior with iOS.
At first, the utility worked correctly, the application started up. Then at some point the objection explore command just started to freeze at the "Attempting to attach to process: Gadget" stage.
Tell me what could be the problem?
To Reproduce
Steps to reproduce the behavior:
I run any application via xcode on the device to get embedded.mobileprovision. At the same time, in the DerivedData folder, I only have one application
Run objection patchipa:
objection patchipa --source MobileBanking.ipa --codesign-signature 719BFDXXXXXX
Using latest Github gadget version: 15.0.6
Remote FridaGadget version is v15.0.6, local is v15.0.4. Downloading...
Downloading from: https://github.com/frida/frida/releases/download/15.0.6/frida-gadget-15.0.6-ios-universal.dylib.xz
Downloading iOS dylib to /Users/developonecentrinvest/.objection/ios/FridaGadget.dylib.xz...
Unpacking /Users/developonecentrinvest/.objection/ios/FridaGadget.dylib.xz...
Cleaning up downloaded archives...
Patcher will be using Gadget version: 15.0.6
No provision file specified, searching for one...
Found provision file /Users/developonecentrinvest/Library/Developer/Xcode/DerivedData/MobileBanking-hgxjaybwbnlqhrgjszukifylppsk/Build/Products/Debug-iphoneos/MobileBanking.app/embedded.mobileprovision expiring in 269 days, 4:49:16.997176
Found a valid provisioning profile
Mobile provision bundle identifier is: ru.invest.mobilebanking
Working with app: MobileBanking.app
Bundle identifier is: ru.invest.mobilebanking
Codesigning 22 .dylib's with signature 719BFDXXXXXX
Code signing: libswiftMapKit.dylib
Code signing: libswiftPhotos.dylib
Code signing: libswiftCoreImage.dylib
Code signing: libswiftObjectiveC.dylib
Code signing: libswiftCore.dylib
Code signing: libswiftCoreGraphics.dylib
Code signing: libswiftUIKit.dylib
Code signing: libswiftMetal.dylib
Code signing: libswiftCoreData.dylib
Code signing: libswiftDispatch.dylib
Code signing: libswiftos.dylib
Code signing: libswiftCoreFoundation.dylib
Code signing: FridaGadget.dylib
Code signing: libswiftDarwin.dylib
Code signing: libswiftContacts.dylib
Code signing: libswiftQuartzCore.dylib
Code signing: libswiftCoreAudio.dylib
Code signing: libswiftAVFoundation.dylib
Code signing: libswiftFoundation.dylib
Code signing: libswiftCoreMedia.dylib
Code signing: libswiftCoreLocation.dylib
Code signing: libswiftsimd.dylib
Creating new archive with patched contents...
Codesigning patched IPA...
Copying final ipa from /var/folders/s7/7lptcrdx2xs38mctj_lm36b40000gn/T/MobileBanking-frida-codesigned.ipa to current directory...
Cleaning up temp files...
unzip MobileBanking-frida-codesigned.ipa
ios-deploy --bundle Payload/MobileBanking.app/ -W -d
[....] Waiting for iOS device to be connected
[....] Using 65a58436864dbcf0eb1700eca2226e0a6301c044 (D101AP, iPhone 7, iphoneos, arm64, 14.4, 18D52) a.k.a. 'iPhone'.
------ Install phase ------
[ 0%] Found 65a58436864dbcf0eb1700eca2226e0a6301c044 (D101AP, iPhone 7, iphoneos, arm64, 14.4, 18D52) a.k.a. 'iPhone' connected through USB, beginning install
[ 5%] Copying /Users/developonecentrinvest/objection/Payload/MobileBanking.app/META-INF/ to device
...
[ 52%] CreatingStagingDirectory
[ 57%] ExtractingPackage
[ 60%] InspectingPackage
[ 60%] TakingInstallLock
[ 65%] PreflightingApplication
[ 65%] InstallingEmbeddedProfile
[ 70%] VerifyingApplication
[ 75%] CreatingContainer
[ 80%] InstallingApplication
[ 85%] PostflightingApplication
[ 90%] SandboxingApplication
[ 95%] GeneratingApplicationMap
[100%] Installed package Payload/MobileBanking.app/
------ Debug phase ------
Starting debug of 65a58436864dbcf0eb1700eca2226e0a6301c044 (D101AP, iPhone 7, iphoneos, arm64, 14.4, 18D52) a.k.a. 'iPhone' connected through USB...
[ 0%] Looking up developer disk image
[ 95%] Developer disk image mounted successfully
Symbol Path: /Users/developonecentrinvest/Library/Developer/Xcode/iOS DeviceSupport/14.4 (18D52)/Symbols
[100%] Connecting to remote debug server
(lldb) command source -s 0 '/tmp/191169CD-6766-457B-B1F4-ABB16AB6C5B9/fruitstrap-lldb-prep-cmds-65a58436864dbcf0eb1700eca2226e0a6301c044'
Executing commands in '/tmp/191169CD-6766-457B-B1F4-ABB16AB6C5B9/fruitstrap-lldb-prep-cmds-65a58436864dbcf0eb1700eca2226e0a6301c044'.
(lldb) platform select remote-ios --sysroot '/Users/developonecentrinvest/Library/Developer/Xcode/iOS DeviceSupport/14.4 (18D52)/Symbols'
Platform: remote-ios
Connected: no
SDK Path: "/Users/developonecentrinvest/Library/Developer/Xcode/iOS DeviceSupport/14.4 (18D52)/Symbols"
(lldb) target create "/Users/developonecentrinvest/objection/Payload/MobileBanking.app"
Current executable set to '/Users/developonecentrinvest/objection/Payload/MobileBanking.app' (arm64).
(lldb) script fruitstrap_device_app="/private/var/containers/Bundle/Application/F3C548AA-06A1-4E31-B9CA-7DF51F024C64/MobileBanking.app"
(lldb) script fruitstrap_connect_url="connect://127.0.0.1:52073"
(lldb) script fruitstrap_output_path=""
(lldb) script fruitstrap_error_path=""
(lldb) target modules search-paths add /usr "/Users/developonecentrinvest/Library/Developer/Xcode/iOS DeviceSupport/14.4 (18D52)/Symbols/usr" /System "/Users/developonecentrinvest/Library/Developer/Xcode/iOS DeviceSupport/14.4 (18D52)/Symbols/System" "/private/var/containers/Bundle/Application/F3C548AA-06A1-4E31-B9CA-7DF51F024C64" "/Users/developonecentrinvest/objection/Payload" "/var/containers/Bundle/Application/F3C548AA-06A1-4E31-B9CA-7DF51F024C64" "/Users/developonecentrinvest/objection/Payload" /Developer "/Users/developonecentrinvest/Library/Developer/Xcode/iOS DeviceSupport/14.4 (18D52)/Symbols/Developer"
(lldb) command script import "/tmp/191169CD-6766-457B-B1F4-ABB16AB6C5B9/fruitstrap_65a58436864dbcf0eb1700eca2226e0a6301c044.py"
(lldb) command script add -f fruitstrap_65a58436864dbcf0eb1700eca2226e0a6301c044.connect_command connect
(lldb) command script add -s asynchronous -f fruitstrap_65a58436864dbcf0eb1700eca2226e0a6301c044.run_command run
(lldb) command script add -s asynchronous -f fruitstrap_65a58436864dbcf0eb1700eca2226e0a6301c044.autoexit_command autoexit
(lldb) command script add -s asynchronous -f fruitstrap_65a58436864dbcf0eb1700eca2226e0a6301c044.safequit_command safequit
(lldb) connect
(lldb) run
success
2021-07-14 10:11:34.258650+0300 MobileBanking[5902:1834240] Frida: Listening on 127.0.0.1 TCP port 27042
(lldb)
[debug] Agent path is: /usr/local/lib/python3.9/site-packages/objection/agent.js
[debug] Injecting agent...
Using USB device
iPhone[debug] Attempting to attach to process:
GadgetAnd that's it, at this step the objection just freezes and nothing else happens.
Expected behavior
objection explore not freezes
Environment (please complete the following information):
The text was updated successfully, but these errors were encountered: