!AEatyzGubGqsvtlrKC:matrix.org

frida

73 Members
1 Servers

Load older messages


Timestamp Message
24 Jan 2020
17:57:56@freenode_fridatg:matrix.orgfridatg <P> 4287944 ms 0x56536dd0
17:57:57@freenode_fridatg:matrix.orgfridatg <P> 4287944 ms 0x168
17:57:57@freenode_fridatg:matrix.orgfridatg <P> 4287944 ms 0x80b00001
17:57:58@freenode_fridatg:matrix.orgfridatg <P> 4287944 ms 0x168
17:57:59@freenode_fridatg:matrix.orgfridatg <P> 4287944 ms 0x4db00005
17:57:59@freenode_fridatg:matrix.orgfridatg <P> 4287944 ms 0x3b300009
17:58:00@freenode_fridatg:matrix.orgfridatg <P> 4287944 ms 0x1
17:58:00@freenode_fridatg:matrix.orgfridatg <P> 4287944 ms 0x0
17:58:00@freenode_fridatg:matrix.orgfridatg <P> 4287944 ms 0x0
17:58:00@freenode_fridatg:matrix.orgfridatg <P> /* TID
17:58:35@freenode_fridatg:matrix.orgfridatg <P> im checking the method on ghidra, seems that it has 9 arguments most of them integers
17:58:52@freenode_fridatg:matrix.orgfridatg <P> should I do something like logs(args[0].toInt());
17:59:04@freenode_fridatg:matrix.orgfridatg <P> or theres a better way that i can get more information about the arguments?
17:59:46@freenode_c0mrade:matrix.orgc0mrade What's happening in this channel
17:59:51@freenode_c0mrade:matrix.orgc0mrade Who's talking with awho
17:59:53@freenode_c0mrade:matrix.orgc0mradewho*
18:00:34@freenode_fridatg:matrix.orgfridatg <P> the args look like this on ghidra
18:00:35@freenode_fridatg:matrix.orgfridatg <P> (int *param_1,undefined4 param_2,undefined4 param_3,int param_4,int param_5,
18:00:36@freenode_fridatg:matrix.orgfridatg <P> undefined4 param_6,int param_7,int param_8,int param_9
18:15:51@freenode_fridatg:matrix.orgfridatg <oleavr> c0mrade: The latest unless you want to run into bugs already fixed. If latest doesn't work well it typically means you're running it on an unsupported system (e.g. some Android ROM we never tested on and that just worked by luck in the past)
18:45:15@freenode_fridatg:matrix.orgfridatg <P> @oleavr some thoughts pls?
22:07:20@freenode_fridatg:matrix.orgfridatg <pilferz> It is with great sadness that I am informing you all that @oleavr, the creator of Frida, was just diagnosed with Nerd Syndrome. Please keep him in your thoughts and prayers while he works through this trying time. If you notice him doing nerd stuff, just know that he can't help it. We'll all get through this together. 🙏
22:21:58@freenode_fridatg:matrix.orgfridatg <oleavr> Interceptor doesn't know anything about the function you're asking it to hook, so the args virtual array is only applicable for functions that use the platform's default C calling convention, only accept parameters that fit in register sized registers/slots, etc. When this isn't the case, you need to access registers/memory yourself using this.context.eax, this.context.sp, etc.
22:23:43@freenode_fridatg:matrix.orgfridatg <oleavr> @pilferz 🤦‍♂️🤣
22:51:53@freenode_fridatg:matrix.orgfridatg <dave0x1337> could you report what bugs you're running into? Even if you don't have a lot of information, it's still good to have a report in case somebody else is running into the same issue.
25 Jan 2020
16:43:33@freenode_fridatg:matrix.orgfridatg <P> how can i read whats inside a pointer? I tried Memory.readPointer(args[1])
16:44:27@freenode_fridatg:matrix.orgfridatg <P> for example I have a readlink call, such as readlink(pathname="/storage/go.jpg", buf="", bufsiz=0x1000)
16:44:51@freenode_fridatg:matrix.orgfridatg <P> i would like to analyze buf, as it seems weird the buffer is empty
16:45:23@freenode_fridatg:matrix.orgfridatg <P> or does the buf point to the pathname and the bufsiz is indeed the length allowed for the pathname ?
17:19:50@freenode_fridatg:matrix.orgfridatg <esanfelix> If you check at the calling site it's normal, buf is where the resolved path goes on return ( man readlink ...)

There are no newer messages yet.


Back to Room List