[HES2013] Frida IRE – a tool for scriptable dynamic instrumentation in userland by Ole André Vadla Ravnås

May 03, 2013

Research

240

[HES2013] Frida IRE – a tool for scriptable dynamic instrumentation in userland by Ole André Vadla Ravnås

Frida IRE (Interactive Reverse-engineering Environment) is an open source reversing tool focusing on scriptable dynamic instrumentation in userland. It runs on Windows, Mac, Linux and iOS.
In this talk, I will focus on live demos showing you how to use Frida’s scripting capabilities to explore live processes both locally and remote. I will also show how Frida potentially can be used to do stealthy instrumentation of paranoid processes protected by anti-debugging.

Audio available here : http://2013.hackitoergosum.org/presentations/Day2-02.Frida%20IRE%20-%20a%20tool%20for%20scriptable%20dynamic%20instrumentation%20in%20userland%20and%20evading%20anti-debugging%20techniques%20by%20Ole%20Andr%c3%a9%20Vadla%20Ravn%c3%a5s.mp3
More information about the conference :
https://www.hackitoergosum.org

HackitoErgoSum

May 03, 2013

Tweet

More Decks by HackitoErgoSum

See All by HackitoErgoSum

[HES2014] Vaccinating APK’s by Milan Gabor & Danijel Grah

0

190

[HES2014] WMI Shell: A new way to get shells on remote Windows machines using only the WMI service by Andrei Dumitrescu

2

4.8k

[HES2014] LTE vs. Darwin: The Evolution Strikes Back? by Hendrik Schmidt & Brian Butterly

0

120

[HES2014] Applying science to eliminate 100% of buffer overflows by Andreas Bogk

0

280

[HES2013] Hacking apple accessories to pown iDevices – Wake up Neo! Your phone got pwnd ! by Mathieu ‘GoToHack’ RENARD

1

210

[HES2013] Paparazzi over ip by Daniel Mende

0

63

[HES2014] HackRF A Low Cost Software Defined Radio Platform by Benjamin Vernoux

0

350

[HES2013] Information Warfare: mistakes from the MoDs by Raoul “Nobody” Chiesa

0

110

[HES2013] The reality about Red October by Paul “RootBSD” Rascagneres

0

92

Other Decks in Research

See All in Research

20240127_熊本から今いちど真面目に都市交通～めざせ「車1割削減、渋滞半減、公共交通2倍」～全国路面電車サミット2024宇都宮

1

660

SCOPE-RL: オフライン強化学習とオフ方策評価のライブラリ

0

120

メタ動画データセットによる動作認識の現状と可能性

0

180

デフスポーツにおける支援技術〜競技特性・ルールと技術との関係〜

0

210

1

740

言語間転移学習で大規模言語モデルを賢くする

6

2.6k

サウナでのプロジェクションマッピングの可能性の検討 / EC71koizumi

0

170

論文紹介 DISN: Deep Implicit Surface Network for High quality Single-view 3D Reconstruction / DISN: Deep Implicit Surface Network for High quality Single-view 3D Reconstruction

0

110

眠眠ガチャ：ガチャを活用した睡眠意欲向上アプリの開発 / EC71inui

0

150

訓練データ作成のためのCloudCompareを利用した点群の手動ラベリング

0

530

My Journey as a UX Researcher

0

1.1k

Introduction of NII S. Koyama's Lab (AY2024)

0

100

Featured

See All Featured

The Straight Up "How To Draw Better" Workshop

227

130k

21

2.6k

Embracing the Ebb and Flow

80

4.1k

How STYLIGHT went responsive

92

4.8k

Clear Off the Table

84

310k

Typedesign – Prime Four

36

2.1k

GraphQLの誤解/rethinking-graphql

50

9.2k

It's Worth the Effort

180

27k

The Language of Interfaces

151

23k

Building Your Own Lightsaber

99

5.7k

Facilitating Awesome Meetings

42

5.6k

Product Roadmaps are Hard

44

9.7k

Transcript

Frida h(p://frida.github.io/
Demo: screencast
Nomenclature •  Debugger •  Agent •  Target
Architecture Python hackito.py hackito.js frida-‐python
frida-‐core Skype frida-‐agent frida-‐gum hackito.js
Demo: a(ach()
Demo: enumerate_modules()
Demo: inspecFng and manipulaFng funcFon calls
Demo: communicaFng with a target process
Example: .NET binding
Example: browser plugin
QuesFons?
Thanks! •  DocumentaFon: h(p://frida.github.io/ •  Code: h(p://github.com/frida
•  Chat: #frida @ FreeNode