Mobile Security Tools part 2: Frida

Mobile Security Tools-series:

Part 1: scrcpy

Part 2: Frida

What is Frida?

Frida is a free and open-source instrumentation toolkit that can be used to test and evaluate Android apps.

It can technically be used without rooting a phone, but to make things easier, you should have a rooted phone. Frida allows users to modify and inject code into running applications in order to analyze their behavior.

It can be used for tasks such as reverse engineering, debugging, and security testing.

There are many features, such as:

modifying original binary images
bypassing SSL pinning
decrypting encrypted traffic
analyzing applications
runtime manipulation

Tutorial

Let’s install and use Frida next. Note that you will need a rooted phone for this.

Prerequisites

You need a rooted Android phone to follow this tutorial. I used Magisk for that, but this tutorial won’t go through the process of rooting your phone.

My setup:
A rooted Pixel 6a
Android 13
Ubuntu 22.04.3 LTS
Android Platform Tools downloaded

If you are new to adb, I recommend you first read what it is.

Install Frida

We will use pip, a package manager for Python packages, to install Frida. If you don’t have pip, install it by running:

sudo apt install python3-pip

You can ensure the installation was successful by checking the version of pip:

pip –version

Install Frida using pip:

sudo pip install frida-tools

Check the version of Frida:

frida –version

Find processor version of your phone

To install the correct version of the Frida server on your phone, you need to know the processor version.

Plug your phone into your computer, navigate to the platform-tools folder, and open a device shell:

./adb shell

Run the following command to get the version:

getprop ro.product.cpu.abi

Download Frida server

Go to Frida Github and find the link to a Frida server that matches both the Frida version installed and the processor version of your phone.

Click Show all assets to find Frida server.

So for example in my case, Frida version was 16.1.4 and the processor version was arm64-v8a. So I chose frida-server-16.1.4-android-arm64.xz from the list.

Open another tab in the terminal and download the chosen Frida server:

wget https://github.com/frida/frida/releases/download/[YOUR-VERSION]/frida-server-[YOUR-VERSION]-android-arm64.xz

Extract the downloaded package:

xz -d frida-server-[YOUR-VERSION]-android-arm64.xz

Lastly, push the extracted binary to the device. Navigate to the platform-tools folder and push the file to the /data/local/tmp folder on your phone:

./adb push /path-to-file/frida-server-[YOUR-VERSION]-android-arm64 /data/local/tmp

If you don’t know the path, you can use the pwd command in the terminal to find the current folder’s path.

Execute Frida server on the device

In the adb shell tab on the terminal, switch to the root user on the device:

Navigate to the folder where you pushed the Frida server file:

cd /data/local/tmp

Give the file execute permission:

chmod +x frida-server-[YOUR-VERSION]-android-arm64

Run Frida server:

./frida-server-[YOUR-VERSION]-android-arm64 &

That’s it!

This was a tutorial on how to set up Frida on your Android phone. Next time I will show you what you can use Frida for, but this was all for now!

You can also follow my Instagram @whatminjahacks if you are interested to see more about my days as a Cyber Security consultant and learn more about cyber security with me!