[HES2013] Frida IRE – a tool for scriptable dyn...

May 03, 2013

Research

250

[HES2013] Frida IRE – a tool for scriptable dynamic instrumentation in userland by Ole André Vadla Ravnås

Frida IRE (Interactive Reverse-engineering Environment) is an open source reversing tool focusing on scriptable dynamic instrumentation in userland. It runs on Windows, Mac, Linux and iOS.
In this talk, I will focus on live demos showing you how to use Frida’s scripting capabilities to explore live processes both locally and remote. I will also show how Frida potentially can be used to do stealthy instrumentation of paranoid processes protected by anti-debugging.

Audio available here : http://2013.hackitoergosum.org/presentations/Day2-02.Frida%20IRE%20-%20a%20tool%20for%20scriptable%20dynamic%20instrumentation%20in%20userland%20and%20evading%20anti-debugging%20techniques%20by%20Ole%20Andr%c3%a9%20Vadla%20Ravn%c3%a5s.mp3
More information about the conference :
https://www.hackitoergosum.org

HackitoErgoSum

May 03, 2013

Tweet

More Decks by HackitoErgoSum

See All by HackitoErgoSum

[HES2014] Vaccinating APK’s by Milan Gabor & Danijel Grah

0

190

[HES2014] WMI Shell: A new way to get shells on remote Windows machines using only the WMI service by Andrei Dumitrescu

2

4.9k

[HES2014] LTE vs. Darwin: The Evolution Strikes Back? by Hendrik Schmidt & Brian Butterly

0

130

[HES2014] Applying science to eliminate 100% of buffer overflows by Andreas Bogk

0

290

[HES2013] Hacking apple accessories to pown iDevices – Wake up Neo! Your phone got pwnd ! by Mathieu ‘GoToHack’ RENARD

1

240

[HES2013] Paparazzi over ip by Daniel Mende

0

64

[HES2014] HackRF A Low Cost Software Defined Radio Platform by Benjamin Vernoux

0

430

[HES2013] Information Warfare: mistakes from the MoDs by Raoul “Nobody” Chiesa

0

170

[HES2013] The reality about Red October by Paul “RootBSD” Rascagneres

0

110

Other Decks in Research

See All in Research

文化が形作る音楽推薦の消費と、その逆

0

130

snlp2024_multiheadMoE

0

410

Matching 2D Images in 3D: Metric Relative Pose from Metric Correspondences

1

300

DevGPT: Studying Developer-ChatGPT Conversations

0

120

ヘルプデスクの事例で学ぶAIエージェント

14

8.4k

2024/10/30 産総研AIセミナー発表資料

1

280

ニュースメディアにおける事前学習済みモデルの可能性と課題 / IBIS2024

2

370

ミニ四駆AI用制御装置の事例紹介

0

160

説明可能AIの基礎と研究動向

0

130

Active Adaptive Experimental Design for Treatment Effect Estimation with Covariate Choices

0

210

RCEへの近道

1

800

テキストマイニングことはじめー基本的な考え方からメディアディスコース研究への応用まで

1

120

Featured

See All Featured

GraphQLの誤解/rethinking-graphql

67

10k

Performance Is Good for Brains [We Love Speed 2024]

4

380

YesSQL, Process and Tooling at Scale

167

14k

Why You Should Never Use an ORM

53

9k

Designing on Purpose - Digital PM Summit 2013

115

6.9k

Art, The Web, and Tiny UX

297

20k

Being A Developer After 40

86

590k

Reflections from 52 weeks, 52 projects

346

20k

Optimizing for Happiness

376

69k

Creating an realtime collaboration tool: Agile Flush - .NET Oxford

25

1.8k

Java REST API Framework Comparison - PWX 2021

28

8k

29

880

Transcript

Frida h(p://frida.github.io/
Demo: screencast
Nomenclature •  Debugger •  Agent •  Target
Architecture Python hackito.py hackito.js frida-‐python
frida-‐core Skype frida-‐agent frida-‐gum hackito.js
Demo: a(ach()
Demo: enumerate_modules()
Demo: inspecFng and manipulaFng funcFon calls
Demo: communicaFng with a target process
Example: .NET binding
Example: browser plugin
QuesFons?
Thanks! •  DocumentaFon: h(p://frida.github.io/ •  Code: h(p://github.com/frida
•  Chat: #frida @ FreeNode