Feature Request: Resume Aborted Submissions

[esoteric-programmer]

bagbak is a very nice tool. To make it even better for me, I would appreciate if it were possible to resume dumping in the case that the process has been canceled or aborted in an earlier run.

The reason for this feature request is that I try to dump an application that has a very aggressive jailbreak detection. Using advanced anti-jailbreak-detection tools, I managed to get the application run for about 10 seconds (without anti-jb-detection tools, the app exists within a few milliseconds!), allowing bagbak to dump roughly 20% of the app. If I could repeat the process multiple times in order to dump the entire application, this would be great.

Alternatively, bagbak could suspend the main thread of the app during dumping, but I'm not sure if this is possible with frida.

[ChiChou]

bagbak could suspend the main thread of the app during dumping, but I'm not sure if this is possible with frida.

Implemented here: https://github.com/ChiChou/bagbak/blob/44d11c6/agent/threads.ts#L13

[ChiChou]

For aggressive jailbreak detection like this, I'm planning to migrate to mremap_encrypted approach by FlexDecrypt which doesn't need to run the app at all.

[esoteric-programmer]

bagbak could suspend the main thread of the app during dumping, but I'm not sure if this is possible with frida.

Implemented here: https://github.com/ChiChou/bagbak/blob/44d11c6/agent/threads.ts#L13

Oh, and the app managed to quit during dumping nonetheless. Impressive, I wonder how the devs of the app managed to implement that.

[esoteric-programmer]

For aggressive jailbreak detection like this, I'm planning to migrate to mremap_encrypted approach by FlexDecrypt which doesn't need to run the app at all.

I didn't know flexdecrypt. Thank you for your answer. You already helped me a lot. It would be great if bagbak could support decryption like this.