frida icon indicating copy to clipboard operation
frida copied to clipboard

Published 20 hours ago verified publisher icon frida

unable to connect to remote frida-server

Open ghost opened this issue 6 years ago • 17 comments

macOS:10.13.5 python3.7 frida: 12.0.8 frida-tools: 1.1.0 ios: iPhone7plus 11.3.1 frida-server: 12.0.8

iPhone7p:~ root# lsof -i :27042 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME frida-ser 419 root 5u IPv4 0xf4c60ab784ee7fd7 0t0 TCP localhost:27042 (LISTEN)

iPhone7p:~ root# ps -e | grep frida 419 ?? 0:00.01 /usr/sbin/frida-server 2257 ttys000 0:00.00 grep frida iPhone7p:~ root#

macOS: oooo:~ oooo$ iproxy 27042 27042 waiting for connection accepted connection, fd = 4 waiting for connection Number of available devices == 0 No connected device found, terminating.

oooo:~ oooo$ frida-ps -H 192.168.1.4 Failed to enumerate processes: unable to connect to remote frida-server oooo:~ oooo$ frida-ps -R Failed to enumerate processes: unable to connect to remote frida-server: Error receiving data: Connection reset by peer oooo:~ oooo$

ghost avatar Aug 02 '18 14:08 ghost

you can do this:

adb forward tcp:27042 tcp:27042 adb forward tcp:27043 tcp:27043

cvt126 avatar Aug 17 '18 04:08 cvt126

@cvt126 ios

ghost avatar Aug 28 '18 10:08 ghost

@ooszero Make sure that your iPhone is paired/trusted to the macos.

llamaonsecurity avatar Aug 28 '18 13:08 llamaonsecurity

server side:

/usr/bin/frida-server -l 192.168.1.4

client side:

frida-ps -H 192.168.1.4

Just tried with latest frida 12.1.0 and everything works fine.

in7egral avatar Aug 28 '18 13:08 in7egral

@in7egral

My frida-server is installed on /usr/sbin by default, and it starts automatically. Then I killed the process and he restarted it. Then I moved him to /usr/bin/. Then I'll /usr/bin/frida-server -l 192.168.1.4 again.

iPhone7p:~ root# /usr/bin/frida-server -l 192.168.1.4 2018-08-28 22:01:08.706 frida-server[2628:94693] Frida: Unable to check in with launchd: are we running standalone?

frida-ps -H 192.168.1.4 Connection success

ghost avatar Aug 28 '18 14:08 ghost

You can check launchd plist that starts frida and change command line /usr/bin/frida-server with specifying IP. If you don't care about security (but change password from alpine to something strong!) you can just leave /usr/bin/frida-server -l 0.0.0.0.

Step by step guide.

  1. Locate file re.frida.server.plist (it's not bplist, just simple xml)

  2. Edit it:

From:

<key>Program</key>
	<string>/usr/sbin/frida-server</string>
	<key>ProgramArguments</key>
	<array>
		<string>/usr/sbin/frida-server</string>
	</array>

To:

<key>Program</key>
	<string>/usr/sbin/frida-server</string>
	<key>ProgramArguments</key>
	<array>
		<string>/usr/sbin/frida-server -l 192.168.1.4</string>
	</array>
  1. Reboot device and activate your jb

in7egral avatar Aug 28 '18 15:08 in7egral

@in7egral

<key>Program</key>
<string>/usr/sbin/frida-server</string>
<key>ProgramArguments</key>
<array>
	<string>/usr/sbin/frida-server -l 0.0.0.0</string>
</array>

or

<key>Program</key>
<string>/usr/sbin/frida-server</string>
<key>ProgramArguments</key>
<array>
	<string>/usr/sbin/frida-server -l 192.168.1.4</string>
</array>

Reboot device and activate jb ssh [email protected] ps -e | grep frida-server

408 ??         0:00.08 /usr/sbin/frida-server -l 192.168.1.4

connection failed

It is necessary to manually call /usr/sbin/frida-server -l 0.0.0.0 once.

connection success

ghost avatar Aug 28 '18 17:08 ghost

Have no idea why this happens (it maybe be due to services startup sequence). But at least you can run it manually and this works.

P.S. It doesn't matter where frida-server is located - /usr/sbin or /usr/bin. But avoid to use '/var/' or '/tmp/' and all sub catalogs (due to sandbox policies).

in7egral avatar Aug 28 '18 19:08 in7egral

@in7egral


COMMAND   PID USER   FD   TYPE             DEVICE SIZE/OFF NODE NAME
frida-ser 901 root    5u  IPv4 0x792515c1a9a3a581      0t0  TCP localhost:27042 (LISTEN)
frida-ser 909 root    6u  IPv4 0x792515c1aa799c31      0t0  TCP 192.168.1.4:27042 (LISTEN)

PID:901 launchd PID:909 run it manually

ghost avatar Aug 28 '18 20:08 ghost

I also had this issue and used the workaround by adding -l 0.0.0.0 when starting frida-server. Does someone know why it does not work without this parameter? A fix would be nice.

baptx avatar Nov 25 '18 22:11 baptx

@in7egral @baptx @ooszero I think we can solve this issue via the next way.

  1. use launchctl unload -w /Library/LaunchDaemons/re.frida.server.plist command to stop the process.

  2. Then modity file "/Library/LaunchDaemons/re.frida.server.plist" from <key>Program</key> <string>/usr/sbin/frida-server</string> <key>ProgramArguments</key> <array> <string>/usr/sbin/frida-server</string> </array>

to

<key>Program</key> <string>/usr/sbin/frida-server</string> <key>ProgramArguments</key> <array> <string>/usr/sbin/frida-server</string> <string>-l</string> <string>0.0.0.0</string> </array>.

3.use launchctl load -w /Library/LaunchDaemons/re.frida.server.plist command to start the process.

xiaomiwang avatar Jan 07 '19 15:01 xiaomiwang

hello world

zheng66666 avatar May 16 '19 06:05 zheng66666

Are you using any proxy in Android? I had the same issue because i was using iptables on Android to redirect all traffict to burp suite. To exclude Frida traffic (ports 27042 and 27043) you must add the following rules to iptables (in the same order): iptables -t nat -A OUTPUT -p tcp --dport 27042 -j REDIRECT --to-ports 27042 iptables -t nat -A OUTPUT -p tcp --dport 27043 -j REDIRECT --to-ports 27043 iptables -t nat -A OUTPUT -p tcp -j DNAT --to-destination IP_BURP:PORT_BURP

dragonxtek avatar Jun 27 '19 17:06 dragonxtek

@xiaomiwang Did you actually do it? I'm curious about the result. : )

hahwul avatar Dec 06 '19 07:12 hahwul

can't locate frida-server on my Catalina. It's not part of frida-tools.

Foxtrod89 avatar Oct 01 '20 21:10 Foxtrod89

macOS:10.13.5 python3.7 frida: 12.0.8 frida-tools: 1.1.0 ios: iPhone7plus 11.3.1 frida-server: 12.0.8

iPhone7p:~ root# lsof -i :27042 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME frida-ser 419 root 5u IPv4 0xf4c60ab784ee7fd7 0t0 TCP localhost:27042 (LISTEN)

iPhone7p:~ root# ps -e | grep frida 419 ?? 0:00.01 /usr/sbin/frida-server 2257 ttys000 0:00.00 grep frida iPhone7p:~ root#

macOS: oooo:~ oooo$ iproxy 27042 27042 waiting for connection accepted connection, fd = 4 waiting for connection Number of available devices == 0 No connected device found, terminating.

oooo:~ oooo$ frida-ps -H 192.168.1.4 Failed to enumerate processes: unable to connect to remote frida-server oooo:~ oooo$ frida-ps -R Failed to enumerate processes: unable to connect to remote frida-server: Error receiving data: Connection reset by peer oooo:~ oooo$

hi. I hade the same problem, and finally I solve that: please change your version of frida on both android device and PC. in my situation I had version 4.2.17 which I changed them to 4.2.18 and fortunately worked! for change in PC use command pip upgrade frida and in android, download new version and push it to data/local/tmp as before

amahmoodi181188 avatar Jun 23 '21 07:06 amahmoodi181188

server side:

/usr/bin/frida-server -l 192.168.1.4

client side:

frida-ps -H 192.168.1.4

Just tried with latest frida 12.1.0 and everything works fine.

this is help to me, nice

wengxianxun avatar Sep 08 '22 02:09 wengxianxun

Encountered similar but not same error

Failed to enumerate applications: unable to communicate with remote frida-server; please ensure that major versions match and that the remote Frida has the feature you are trying to use

Reason:

  • Frida version not match:
    • Mac: 16.0.2
    • iPhone: 15.1.27

Fixed by:

  • iPhone -> Cydia -> upgrade Frida to latest version 16.0.2

crifan avatar Nov 16 '22 02:11 crifan