Frida is an Open Source and dynamic instrumentation toolkit, that allows developers, reverse-engineers, and security researchers to inject code into existing running processes.
Unlike other static tools used for reverse-engineering, it allows online patching operations, modifying the code of a program during its execution.
Why FRIDA?
Frida is compatible with different operating systems, not only Linux, cross-platform, based on Javascript and scriptable.
The possible areas of use are:
– reverse engineering
– live & “race-condition” debugging (custom scripts to modify live the behavior of the program by tracing the information I need)
– live and ephemeral patching (temporary program changes)
With Frida you can trace one or more specific functions and interact with the process by changing its behavior in a transparent way.
The toolkit provides a series of tools to facilitate interaction with the target application and the creation of scripts to be injected.
Cesare Pizzi, Security Analyst, showed step by step, during a technical session at Download Innovation, how to go and modify live an Android application with Frida.
Live-demo and references are available on floatingpoint.sorint.it.