运行平台:
Windows 10
Python 3.7.3
MT8788 ARM64
1.安装frIDA运行依赖库及frida-tools
pip install -i https://mirrors.aliyun.com/pypi/simple/ numpy matplotlib pip install -i https://mirrors.aliyun.com/pypi/simple/ frida-tools
2.安装frida
pip install -i https://mirrors.aliyun.com/pypi/simple/ frida
3.下载安装frida-server 查看安卓手机内核
adb shell getpropro.product.cpu.abi MT8788s对应arm64-v8a > frida-server-14.2.8-android-arm64
4.运行frida-server
adb push frida-server-14.2.8-android-arm64 /data/local/ chmod 777 /data/local/frida-server-14.2.8-android-arm64 ./data/local/frida-server-14.2.8-android-arm64
5.转发android TCP端口到本地
adb forward tcp:27042 tcp:27042 adb forward tcp:27043 tcp:27043
6.windows 启动python服务
Spawn 模式: python r0capture.py -U com.aligames.sgzzlb:channel -v -p com.aligames.sgzzlb.pcap Attach 模式,抓包内容保存成pcap文件供后续Wireshark分析: python r0capture.py -U -f com.videogo
7.检查命令 在windows cmd 敲
frida-ps -U 命令检查Frida是否正常运行,如果正常运行则会列出Android设备上当前正在运行的进程.参数-U 代表USB,意思让Frida检查USB设备
8.使用WiresharkPortable查看抓到的内容
9.异常情况:
如果启动第4点出现这个问题 重启android主板 windows 启动程序端口被占用Address already in use: bind解决方案 netstat -ano | grep 31696 taskkill -pid 31696 -f
