Frida: Difference between revisions

Frida is a dynamic binary instrumentation framework.

Getting it work on NixOS

The project provides pre-compiled binaries that almost work out of the box (when installed via pip install frida) However at runtime it unpacks a helper called frida-helper-64 that uses /lib64/ld-linux-x86-64.so.2 as its link-loader. The error message will be similar to this one:

$ frida-trace -i "recv*" 1
"/run/user/1000/frida-ea4a59ca62f7c8d1d49bd898ec313eeb/frida-helper-64": No such file or directory (os error 2)

Since the helper is not accessible on the filesystem it cannot patched with patchelf. A simple hack is to symlink an arbitrary link loader to this directory:

$ ldd /bin/sh
...
/nix/store/83lrbvbmxrgv7iz49mgd42yvhi473xp6-glibc-2.27/lib/ld-linux-x86-64.so.2 => /nix/store/83lrbvbmxrgv7iz49mgd42yvhi473xp6-glibc-2.27/lib64/ld-linux-x86-64.so.2 (0x00007fa78b289000)
$ ln -s /nix/store/83lrbvbmxrgv7iz49mgd42yvhi473xp6-glibc-2.27/lib/ld-linux-x86-64.so.2 /lib64/ld-linux-x86-64.so.2

Compile from source

Frida provides a pre-compiled SDK. Since it assumes many binaries in /usr/bin/, the best option is to use buildFHSUserEnv:

with import <nixpkgs> {};
let
  fhs = pkgs.buildFHSUserEnv {
    name = "frida-env";
    targetPkgs = pkgs: with pkgs; [
      gcc_multi
      binutils
      gnumake
      which
      git
      python3
      nodejs
      perl
      curl
      glibc_multi
    ];
  };
in fhs.env

For some reason frida-gum/bindings/gumjs/ does automatically install its node modules:

$ cd frida-gum/bindings/gumjs/
$ nix-shell -p yarn --command "yarn install"

Afterwards the build system can be used as documented:

$  make python-64

The python egg can be build then like this:

$ export FRIDA_VERSION=11.0.13
$ export FRIDA_EXTENSION=$(realpath build/frida-linux-x86_64/lib/python3.6/site-packages/_frida.so)
$ cd frida-python/src/
$ python setup.py bdist_egg
$ easy_install dist/frida-*.egg