Frida: Difference between revisions

From NixOS Wiki
← Older edit
VisualWikitext
imported>Mic92
improve automation of fhsuserenv
imported>Nix
m add Software/Applications subcategory
 
(5 intermediate revisions by 2 users not shown)
Line 1: Line 1:
[https://www.frida.re Frida] is a dynamic binary instrumentation framework.
[https://www.frida.re Frida] is a dynamic binary instrumentation framework.


== Getting it work on NixOS ==
== Using the genesis's NUR package ==
The project provides pre-compiled binaries that almost work out of the box (when installed via <code> pip install frida</code>)
 
Setup [https://github.com/nix-community/NUR NUR] as described.
Then install frida from genesis's repository:
 
<syntaxHighlight lang=console>
$ nix-shell -p nur.repos.genesis.frida-tools
nix-shell> frida-trace -i "recv*" firefox
</syntaxHighlight>
 
The python bindings are available via <code>nur.repos.genesis.python3Packages.frida</code>
Both frida and frida-tools packages are based on pypi, feel free to post a PR to add support for your platform to them.
 
== Using frida's own binaries ==
The project provides pre-compiled binaries that almost work out of the box (when installed via <code> pip install frida-tools</code>)
However at runtime it unpacks a helper called <code>frida-helper-64</code> that uses <code>/lib64/ld-linux-x86-64.so.2</code> as its link-loader.
However at runtime it unpacks a helper called <code>frida-helper-64</code> that uses <code>/lib64/ld-linux-x86-64.so.2</code> as its link-loader.
The error message will be similar to this one:
The error message will be similar to this one:
Line 37: Line 50:
       which
       which
       git
       git
       (python3.withPackages (p: [ p.setuptools ]))
       (python3.withPackages (p: [ p.setuptools p.wheel ]))
       nodejs
       nodejs
       perl
       perl
Line 46: Line 59:
     profile = ''
     profile = ''
       export hardeningDisable=all
       export hardeningDisable=all
      export SSL_CERT_FILE="${cacert}/etc/ssl/certs/ca-bundle.crt"
       # initialize sdk
       # initialize sdk
       make
       make
Line 51: Line 65:
       (cd frida-gum/bindings/gumjs && yarn install)
       (cd frida-gum/bindings/gumjs && yarn install)


       # for frida-python egg
       # for frida-python wheel
       export FRIDA_VERSION=$(git describe --tags)
       export FRIDA_VERSION=$(git describe --tags)
       export FRIDA_EXTENSION=$(realpath build/frida-linux-x86_64/${python3.sitePackages}/_frida.so)
       export FRIDA_EXTENSION=$(realpath build/frida-linux-x86_64/${python3.sitePackages}/_frida.so)
      export SOURCE_DATE_EPOCH="315532800"
     '';
     '';
   };
   };
Line 62: Line 77:


<syntaxHighlight lang=console>
<syntaxHighlight lang=console>
$  make python-64
$  make python-linux-x86_64
</syntaxHighlight>
</syntaxHighlight>


Line 68: Line 83:


<syntaxHighlight lang=console>
<syntaxHighlight lang=console>
$ cd frida-python/src/
$ cd frida-python
$ python setup.py bdist_egg
$ python setup.py bdist_wheel
$ easy_install dist/frida-*.egg
$ pip install dist/frida-*.whl
</syntaxHighlight>
</syntaxHighlight>


Mic92 has an [https://github.com/Mic92/nur-packages/blob/master/frida-python/default.nix expression] that provides a pre-compiled version of frida using the compiled egg as shown.
[[Category:Applications]]

Latest revision as of 05:49, 20 September 2021

Frida is a dynamic binary instrumentation framework.

Using the genesis's NUR package

Setup NUR as described. Then install frida from genesis's repository: 

$ nix-shell -p nur.repos.genesis.frida-tools
nix-shell> frida-trace -i "recv*" firefox

The python bindings are available via nur.repos.genesis.python3Packages.frida Both frida and frida-tools packages are based on pypi, feel free to post a PR to add support for your platform to them.

Using frida's own binaries

The project provides pre-compiled binaries that almost work out of the box (when installed via pip install frida-tools) However at runtime it unpacks a helper called frida-helper-64 that uses /lib64/ld-linux-x86-64.so.2 as its link-loader. The error message will be similar to this one: 

$ frida-trace -i "recv*" 1
"/run/user/1000/frida-ea4a59ca62f7c8d1d49bd898ec313eeb/frida-helper-64": No such file or directory (os error 2)

Since the helper is not accessible on the filesystem it cannot patched with patchelf. A simple hack is to symlink an arbitrary link loader to this directory: 

$ ldd /bin/sh
...
/nix/store/83lrbvbmxrgv7iz49mgd42yvhi473xp6-glibc-2.27/lib/ld-linux-x86-64.so.2 => /nix/store/83lrbvbmxrgv7iz49mgd42yvhi473xp6-glibc-2.27/lib64/ld-linux-x86-64.so.2 (0x00007fa78b289000)
$ ln -s /nix/store/83lrbvbmxrgv7iz49mgd42yvhi473xp6-glibc-2.27/lib/ld-linux-x86-64.so.2 /lib64/ld-linux-x86-64.so.2

Compile from source

Frida provides a pre-compiled SDK. Since it assumes many binaries in /usr/bin/, the best option is to use buildFHSUserEnv: 

with import <nixpkgs> {};
let
  fhs = pkgs.buildFHSUserEnv {
    name = "frida-env";
    targetPkgs = pkgs: with pkgs; [
      gcc_multi
      binutils
      gnumake
      which
      git
      (python3.withPackages (p: [ p.setuptools p.wheel ]))
      nodejs
      perl
      curl
      glibc_multi
      yarn
    ];
    profile = ''
      export hardeningDisable=all
      export SSL_CERT_FILE="${cacert}/etc/ssl/certs/ca-bundle.crt"
      # initialize sdk
      make
      # npm does not frida-gum/bindings/gumjs/node_modules -> bug?
      (cd frida-gum/bindings/gumjs && yarn install)

      # for frida-python wheel
      export FRIDA_VERSION=$(git describe --tags)
      export FRIDA_EXTENSION=$(realpath build/frida-linux-x86_64/${python3.sitePackages}/_frida.so)
      export SOURCE_DATE_EPOCH="315532800"
    '';
  };
in fhs.env

Afterwards the build system can be used as documented: 

$  make python-linux-x86_64

The python egg can be build then like this: 

$ cd frida-python
$ python setup.py bdist_wheel
$ pip install dist/frida-*.whl
Retrieved from "https://wiki.nixos.org/w/index.php?title=Frida&oldid=6107"