win10安裝frida的坑和總結

1.環境

frida現在支持python3.8，請去官網看支持的版本，可能會更新

官網：https://pypi.org/project/frida/#files

2.pip安裝

pip install frida

pip install frida-tools

3.如安裝frida失敗

  ERROR: Command errored out with exit status 1:
   command: 'D:\Anaconda3\envs\python38\python.exe' -u -c 'import sys, setuptools, tokenize; sys.argv[0] = '"'"'C:\\Users\\Administrator\\AppData\\Local\\Temp\\pip-install-qzxic_yu\\frida\\setup.py'"'"'; __file__='"'"'C:\\Users\\Administrator\\AppData\\Local\\Temp\\pip-install-qzxic_yu\\frida\\setup.py'"'"';f=getattr(tokenize, '"'"'open'"'"', open)(__file__);code=f.read().replace('"'"'\r\n'"'"', '"'"'\n'"'"');f.close();exec(compile(code, __file__, '"'"'exec'"'"'))' bdist_wheel -d 'C:\Users\Administrator\AppData\Local\Temp\pip-wheel-ytrbuf0a'
       cwd: C:\Users\Administrator\AppData\Local\Temp\pip-install-qzxic_yu\frida\
  Complete output (13 lines):
  running bdist_wheel
  running build
  running build_py
  creating build
  creating build\lib.win-amd64-3.8
  creating build\lib.win-amd64-3.8\frida
  copying frida\core.py -> build\lib.win-amd64-3.8\frida
  copying frida\__init__.py -> build\lib.win-amd64-3.8\frida
  running build_ext
  error: <urlopen error unknown url type: https>
  looking for prebuilt extension in home directory, i.e. C:\Users\Administrator/frida-12.11.17-py3.8-win-amd64.egg
  prebuilt extension not found in home directory, will try downloading it
  querying pypi for available prebuilds
  ----------------------------------------
  ERROR: Failed building wheel for frida
  Running setup.py clean for frida
Failed to build frida
Installing collected packages: frida
    Running setup.py install for frida ... error
    ERROR: Command errored out with exit status 1:
     command: 'D:\Anaconda3\envs\python38\python.exe' -u -c 'import sys, setuptools, tokenize; sys.argv[0] = '"'"'C:\\Users\\Administrator\\AppData\\Local\\Temp\\pip-install-qzxic_yu\\frida\\setup.py'"'"'; __file__='"'"'C:\\Users\\Administrator\\AppData\\Local\\Temp\\pip-install-qzxic_yu\\frida\\setup.py'"'"';f=getattr(tokenize, '"'"'open'"'"', open)(__file__);code=f.read().replace('"'"'\r\n'"'"', '"'"'\n'"'"');f.close();exec(compile(code, __file__, '"'"'exec'"'"'))' install --record 'C:\Users\Administrator\AppData\Local\Temp\pip-record-z0eujt4e\install-record.txt' --single-version-externally-managed --compile --install-headers 'D:\Anaconda3\envs\python38\Include\frida'
         cwd: C:\Users\Administrator\AppData\Local\Temp\pip-install-qzxic_yu\frida\
    Complete output (13 lines):
    running install
    running build
    running build_py
    creating build
    creating build\lib.win-amd64-3.8
    creating build\lib.win-amd64-3.8\frida
    copying frida\core.py -> build\lib.win-amd64-3.8\frida
    copying frida\__init__.py -> build\lib.win-amd64-3.8\frida
    running build_ext
    error: <urlopen error unknown url type: https>
    looking for prebuilt extension in home directory, i.e. C:\Users\Administrator/frida-12.11.17-py3.8-win-amd64.egg
    prebuilt extension not found in home directory, will try downloading it
    querying pypi for available prebuilds
    ----------------------------------------
ERROR: Command errored out with exit status 1: 'D:\Anaconda3\envs\python38\python.exe' -u -c 'import sys, setuptools, tokenize; sys.argv[0] = '"'"'C:\\Users\\Administrator\\AppData\\Local\\Temp\\pip-install-qzxic_yu\\frida\\setup.py'"'"'; __file__='"'"'C:\\Users\\Administrator\\AppData\\Local\\Temp\\pip-install-qzxic_yu\\frida\\setup.py'"'"';f=getattr(tokenize, '"'"'open'"'"', open)(__file__);code=f.read().replace('"'"'\r\n'"'"', '"'"'\n'"'"');f.close();exec(compile(code, __file__, '"'"'exec'"'"'))' install --record 'C:\Users\Administrator\AppData\Local\Temp\pip-record-z0eujt4e\install-record.txt' --single-version-externally-managed --compile --install-headers 'D:\Anaconda3\envs\python38\Include\frida' Check the logs for full command output.

 

官網下載文件：frida-12.11.17-py3.8-win-amd64.egg（查看你自己對應的版本）

將下載文件保存到C:\User\Adminstrator

重新執行pip安裝

4.Frida Server 安裝

連接手機使用usb調試模式

Releases 版本地址：https://github.com/frida/frida/releases，將相應的版本下載下來，復制到手機

注意一點：frida-server版本要和frida版本一致

查看手機版本

adb shell cat /system/build.prop

找到
ro.product.cpu.abi=x86

frida-server-12.11.17-android-x86.xz（我這里使用的夜神模擬器）

下載后解壓文件，並將文件重命名為: frida-server, 重命名完成后使用adb push命令推送到手機中

下載安裝adb並加入環境變量

https://androidmtk.com/download-minimal-adb-and-fastboot-tool

adb devices #查看是否連接成功

List of devices attached
fcd9eb98       device

# 上傳文件到手機
adb push frida-server /data/local/tmp/

推送完成后將frida-sever賦予執行的權限，並運行Frida-server，使用以下命令:

adb shell
cd /data/local/tmp/ 
chmod 777 frida-server 
./frida-server &

另一起個cmd查看手機上運行的進程

frida-ps -U

或使用frida-ps -R也可以，但是需要進行轉發

adb forward tcp:27042 tcp:27042

frida-ps -R

如果出現失敗就是frida-server版本出問題了，還有需要root權限，建議使用夜神模擬器

5.代碼測試

import frida
import pprint

def on_message(message,data):
    print("[on_message] message:",message,"data:",data)


rdev =frida.get_usb_device()
process = rdev .enumerate_processes()#獲取手機所有進程
pprint.pprint(process)
session=rdev.attach("com.dianping.v1") #frida-ps -U 查看到的app名字
print(session)

script=session.create_script("""
rpc.exports.enumerateModules=function(){
return Process.enumerateModules();
};
""")

script.on("message",on_message)
script.load()
# 獲取進程使用的所有模塊
pprint.pprint([m["name"] for m in script.exports.enumerate_modules()])