A beginner’s introduction to reverse engineering Android and windows applications using the Frida toolkit
What you will learn
Listing process libraries
Reversing Android apps
Hooking Classes and Functions
Examining and modifying function parameters and return values
Reversing windows app
Hooking process functions
Memory scanning
Process injection
Hacking memory
Decompiling apps
Bypassing root detection
Intercepting http and https traffic
Bypassing basic security mechanism for android and windows apps
Enumerating libraries and imported functions
and more….
Description
Frida is a dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers. It allows you to inject your own scripts into black box processes. Hook any function, spy on crypto APIs or trace private application code, no source code needed. Edit, hit save, and instantly see the results. All without compilation steps or program restarts. Itβs the swiss army knife for process injections for native apps and is a popular dynamic code instrumentation toolkit. It lets you inject snippets of JavaScript or your own library into native apps on Windows and Android.Β It is the go-to tool you use for API tracing.
At the end of this course you will be able to:
- learn how to reverse engineer and perform process injection into android and windows applications
- hook functions and modify its behaviour
- perform basic bypass of security restrictions on android and windows apps
Features of this course:
- Designed with beginners in mind.
- Simple android apps and windows crackme’s designed to learn process injection and function hooking
- Practical and hands-on
- Using free tools only
Suitable for:
- Reverse Engineering and Malware Analysis Students
- Students planning on entering Malware Analysis and Reverse Engineering, or Penetration Testers as a Career Path
- Security researchers
Prerequisite:
- Windows PC
- Basic Java/Javascript would be helpful but not mandatory
- Preferably have an Android phone (non-rooted)
Enroll now and I will see you inside!
English
language
Content
Introduction
Intro to Frida
Intro to Frida Injection
Setting up lab and rooted android emulator
Installing LD-player emulator
Installing platform tools
Installing frida-server on the android emulator
Installing objection and frida tools on the pc
Testing objection and frida
Setting up lab for non-rooted android phone
Installing Android-studio build-tools
Installing the apktool
Patching the target apk file with the frida-gadget (frida-server)
Enabling developer-mode on the android phone
Installing the patched-apk file to the android phone and testing it
Decompiling apk files
Reverse engineering using the apktool
Installing dex2jar and jd-gui
Decompiling an apk file using dex2jar and jd-gui
Understanding the Frida CLI
Understanding the Frida CLI
Simple Frida hello-world script
Simple Frida hello-world script
Frida script to list classes
Frida script to list classes
Frida scripts to list methods and properties
Frida scripts to list methods and properties
Hooking functions and bypassing root detection
Intro to hooking functions
Decompiling apk to identify target function to hook
Hooking functions and modifying them
Dumping function parameters
Dumping function parameters
Re-using app functions in Frida scripts and decrypting passwords
Analyzing app functions and creating skeleton script
Implementing app functions in frida and decrypting password
Frida and Windows: listing modules
Listing windows modules (DLL libraries) using Frida
Hooking windows MessageBox function
Hooking windows MessageBox function
Modifying the windows MessageBox API
Modifying the windows MessageBox API
Listing windows process functions
Listing windows process functions
Hooking file reading functions
Hooking file reading functions
Memory scanning and hacking
Memory scanning and hacking
Supplementary lessons – Android ethical hacking
Additional lessons on android ethical hacking
Intercepting http traffic
Installing Burpsuite
Setting Burpsuite proxy for LDplayer emulator
Installing the Insecure Banking app
Intercepting HTTPs traffic
Installing burpsuite CA cert
Modifying network-security-config
Creating keystore signing and intercepting https
Local data storage vulnerabilities
Local data storage vulnerabilities
Exported application component vulnerabilities
Exported application component vulnerabilities
Insecure logging vulnerability
Insecure logging vulnerability
Bypassing root detection using objection
Bypassing root detection using objection
Running Frida scripts after objection root bypass
Resources for further study
Bonus Lecture