win10安装frida的坑和总结

1.环境

frida现在支持python3.8，请去官网看支持的版本，可能会更新

官网：https://pypi.org/project/frida/#files

2.pip安装

pip install frida

pip install frida-tools

3.如安装frida失败

  ERROR: Command errored out with exit status 1:
   command: 'D:Anaconda3envspython38python.exe' -u -c 'import sys, setuptools, tokenize; sys.argv[0] = '"'"'C:\Users\Administrator\AppData\Local\Temp\pip-install-qzxic_yu\frida\setup.py'"'"'; __file__='"'"'C:\Users\Administrator\AppData\Local\Temp\pip-install-qzxic_yu\frida\setup.py'"'"';f=getattr(tokenize, '"'"'open'"'"', open)(__file__);code=f.read().replace('"'"'
'"'"', '"'"'
'"'"');f.close();exec(compile(code, __file__, '"'"'exec'"'"'))' bdist_wheel -d 'C:UsersAdministratorAppDataLocalTemppip-wheel-ytrbuf0a'
       cwd: C:UsersAdministratorAppDataLocalTemppip-install-qzxic_yufrida
  Complete output (13 lines):
  running bdist_wheel
  running build
  running build_py
  creating build
  creating buildlib.win-amd64-3.8
  creating buildlib.win-amd64-3.8frida
  copying fridacore.py -> buildlib.win-amd64-3.8frida
  copying frida__init__.py -> buildlib.win-amd64-3.8frida
  running build_ext
  error: <urlopen error unknown url type: https>
  looking for prebuilt extension in home directory, i.e. C:UsersAdministrator/frida-12.11.17-py3.8-win-amd64.egg
  prebuilt extension not found in home directory, will try downloading it
  querying pypi for available prebuilds
  ----------------------------------------
  ERROR: Failed building wheel for frida
  Running setup.py clean for frida
Failed to build frida
Installing collected packages: frida
    Running setup.py install for frida ... error
    ERROR: Command errored out with exit status 1:
     command: 'D:Anaconda3envspython38python.exe' -u -c 'import sys, setuptools, tokenize; sys.argv[0] = '"'"'C:\Users\Administrator\AppData\Local\Temp\pip-install-qzxic_yu\frida\setup.py'"'"'; __file__='"'"'C:\Users\Administrator\AppData\Local\Temp\pip-install-qzxic_yu\frida\setup.py'"'"';f=getattr(tokenize, '"'"'open'"'"', open)(__file__);code=f.read().replace('"'"'
'"'"', '"'"'
'"'"');f.close();exec(compile(code, __file__, '"'"'exec'"'"'))' install --record 'C:UsersAdministratorAppDataLocalTemppip-record-z0eujt4einstall-record.txt' --single-version-externally-managed --compile --install-headers 'D:Anaconda3envspython38Includefrida'
         cwd: C:UsersAdministratorAppDataLocalTemppip-install-qzxic_yufrida
    Complete output (13 lines):
    running install
    running build
    running build_py
    creating build
    creating buildlib.win-amd64-3.8
    creating buildlib.win-amd64-3.8frida
    copying fridacore.py -> buildlib.win-amd64-3.8frida
    copying frida__init__.py -> buildlib.win-amd64-3.8frida
    running build_ext
    error: <urlopen error unknown url type: https>
    looking for prebuilt extension in home directory, i.e. C:UsersAdministrator/frida-12.11.17-py3.8-win-amd64.egg
    prebuilt extension not found in home directory, will try downloading it
    querying pypi for available prebuilds
    ----------------------------------------
ERROR: Command errored out with exit status 1: 'D:Anaconda3envspython38python.exe' -u -c 'import sys, setuptools, tokenize; sys.argv[0] = '"'"'C:\Users\Administrator\AppData\Local\Temp\pip-install-qzxic_yu\frida\setup.py'"'"'; __file__='"'"'C:\Users\Administrator\AppData\Local\Temp\pip-install-qzxic_yu\frida\setup.py'"'"';f=getattr(tokenize, '"'"'open'"'"', open)(__file__);code=f.read().replace('"'"'
'"'"', '"'"'
'"'"');f.close();exec(compile(code, __file__, '"'"'exec'"'"'))' install --record 'C:UsersAdministratorAppDataLocalTemppip-record-z0eujt4einstall-record.txt' --single-version-externally-managed --compile --install-headers 'D:Anaconda3envspython38Includefrida' Check the logs for full command output.

官网下载文件：frida-12.11.17-py3.8-win-amd64.egg（查看你自己对应的版本）

将下载文件保存到C:UserAdminstrator

重新执行pip安装

4.Frida Server 安装

连接手机使用usb调试模式

Releases 版本地址：https://github.com/frida/frida/releases，将相应的版本下载下来，复制到手机

注意一点：frida-server版本要和frida版本一致

查看手机版本

adb shell cat /system/build.prop

找到
ro.product.cpu.abi=x86

frida-server-12.11.17-android-x86.xz（我这里使用的夜神模拟器）

下载后解压文件，并将文件重命名为: frida-server, 重命名完成后使用adb push命令推送到手机中

下载安装adb并加入环境变量

https://androidmtk.com/download-minimal-adb-and-fastboot-tool

adb devices #查看是否连接成功

List of devices attached
fcd9eb98        device

# 上传文件到手机
adb push frida-server /data/local/tmp/

推送完成后将frida-sever赋予执行的权限，并运行Frida-server，使用以下命令:

adb shell
cd /data/local/tmp/ 
chmod 777 frida-server 
./frida-server &

另一起个cmd查看手机上运行的进程

frida-ps -U

或使用frida-ps -R也可以，但是需要进行转发

adb forward tcp:27042 tcp:27042

frida-ps -R

如果出现失败就是frida-server版本出问题了，还有需要root权限，建议使用夜神模拟器

5.代码测试

import frida
import pprint

def on_message(message,data):
    print("[on_message] message:",message,"data:",data)


rdev =frida.get_usb_device()
process = rdev .enumerate_processes()#获取手机所有进程
pprint.pprint(process)
session=rdev.attach("com.dianping.v1") #frida-ps -U 查看到的app名字
print(session)

script=session.create_script("""
rpc.exports.enumerateModules=function(){
return Process.enumerateModules();
};
""")

script.on("message",on_message)
script.load()
# 获取进程使用的所有模块
pprint.pprint([m["name"] for m in script.exports.enumerate_modules()])