objection icon indicating copy to clipboard operation
objection copied to clipboard

Published 20 hours ago verified publisher icon sensepost

[bug] objection explore fails with Frida 14.2.14 to 14.2.17 - "Unable to connect to the frida server"

Open NickstaDB opened this issue 3 years ago • 12 comments

Describe the bug On a freshly built Ubuntu 18.04 VM, the objection explore command failed with the following output:

Using USB device `Pixel 2`
Unable to connect to the frida server: need Gadget to attach on jailed Android; its default location is: /home/nick/.cache/frida/gadget-android-arm64.so

For clarity, the target device was rooted with a patched APK installed.

If I run frida-ps -U then I see a list of processes on the device, but none with the name Gadget.

$ frida-ps -U
 PID  Name
----  ------------------------------------------------------------------------------------------
2187  .dataservices
1092  adbd --root_seclabel=u:r:su:s0
 991  adsprpcd
 618  [email protected]
 856  [email protected]
1065  [email protected]
[truncated]

However, if I run frida-ps -Ua, then I see the Gadget process:

$ frida-ps -Ua
 PID  Name                                      Identifier                              
----  ----------------------------------------  ----------------------------------------
6902  Gadget                                    re.frida.Gadget                         
1833  com.android.bluetooth                     com.android.bluetooth                   
6601  com.android.cellbroadcastreceiver         com.android.cellbroadcastreceiver       
6333  com.android.keychain                      com.android.keychain                    
[truncated]

I'm unable to attach to the process with frida -U Gadget, but I can attach with frida -U -p [pid].

After some messing about, I found that downgrading Frida with pip3 install frida==14.2.9 resolved the issue. The objection explore command worked again, and the output of frida-ps -U showed the following (output not truncated this time):

$ frida-ps -U
  PID  Name
-----  ------
25347  Gadget

I stepped through Frida versions testing this and the issue occurred when I installed Frida version 14.2.14 through to 14.2.17. Versions up to 14.2.13 worked fine.

To Reproduce Steps to reproduce the behavior:

  1. Run pip3 install frida==14.2.17
  2. Run objection explore

Environment (please complete the following information):

  • Device: Google Pixel 2
  • OS: Android 10
  • Frida Version: 14.2.14 to 14.2.17
  • Objection Version 1.11.0

NickstaDB avatar Apr 29 '21 09:04 NickstaDB

Yeah there were changes to how things spawn in more recent versions of Frida where it supports injecting Frida in a debuggable app (in a jailed env). The launcher/spawning logic in objection needs a major overhaul to be honest, to the point where all we might need to do it toggle debuggable flags in apps and have Frida deal with the gadget injection (instead of us messing with application structures).

leonjza avatar Apr 29 '21 09:04 leonjza

How do I get around this error?

Snuffy4 avatar May 26 '21 18:05 Snuffy4

How do I get around this error?

frida-server, frida version, Is it consistent

dly667 avatar Aug 18 '21 02:08 dly667

image

This may be due to version inconsistency. I encountered this problem in version 12.11.18 and it disappeared when I upgraded to version 15.0.17.

frida-server 15.0.17 frida 15.0.17 objection 1.11.0

mrzhouxu avatar Aug 23 '21 11:08 mrzhouxu

image

This may be due to version inconsistency. I encountered this problem in version 12.11.18 and it disappeared when I upgraded to version 15.0.17.

frida-server 15.0.17 frida 15.0.17 objection 1.11.0

Thank you a lot for the answer. It solved my problem. Installing exactly the same version on mobile and desktop removes the error.

darorck avatar Sep 05 '21 01:09 darorck

Below things helped me to get rid of this shit!

Everytime you're going to explore application using objection command, run below command to re-start frida server.

Command adb shell /data/local/tmp/frida-server &

Config: frida-server 15.0.17 frida 15.0.17 objection 1.11.0

bugdisclose avatar Mar 09 '22 06:03 bugdisclose

I have a similar problem, but can't manage to solve it.

makovez avatar Nov 20 '22 18:11 makovez

15.0.17

THERE IS NO FRIDA-SERVER 15.0.17????

subvert0r avatar Apr 02 '23 18:04 subvert0r

How can I fix this shit?

subvert0r avatar Apr 02 '23 19:04 subvert0r

@subvert0r For anyone struggling with installing 15.0.7:

python3 -m pip uninstall frida-tools -y
python3 -m pip uninstall frida -y
python3 -m pip uninstall objection -y
python3 -m pip install frida==15.0.7 --force-reinstall --no-cache-dir --force
python3 -m pip install objection==1.11.0 --force-reinstall --no-cache-dir --no-deps
python3 -m pip install --no-cache-dir frida-tools==10.2.1 --force-reinstall

Get frida-server from here: frida-server-15.0.7-android-arm.xz frida-server-15.0.7-android-arm64.xz frida-server-15.0.7-android-x86.xz frida-server-15.0.7-android-x86_64.xz

n0kovo avatar May 01 '23 11:05 n0kovo

Unfortunately it doesn't work anything both on my root phone and android emulator. Instead, for me these exact commands of the official documentation works:

$ adb root # might be required
$ adb push frida-server /data/local/tmp/
$ adb shell "chmod 755 /data/local/tmp/frida-server"
$ adb shell "/data/local/tmp/frida-server &"

if you give the last command from the phone. In this way I am using the last version of frida and frida-tools without issue.

DarkSkull91 avatar Aug 28 '23 14:08 DarkSkull91