FRIDA.md

Frida Installation Guide (For Beginners)

🧰 Prerequisites

Before using loader script, make sure you have the following installed:

• Python 3.x installed on your PC
• pip to install Python packages
• ADB (Android Debug Bridge)
• Frida (frida, frida-trace, etc.)
• An Android device (preferably rooted)
• frida-server running on the device

🛠️ Installing Frida

🪟 Windows

1. Download and install Python from https://www.python.org/downloads/windows

2. Open PowerShell or CMD and run:

pip install frida-tools

3. Verify that Frida is installed:

frida --version

🍎 MacOS

1. Open Terminal.

2. Install Python and Pip using Homebrew:

brew install python

3. Install Frida:

pip3 install frida-tools

4. Verify:

frida --version

🔧 Installing ADB (Android Debug Bridge)

🪟 Windows

1. Download Platform Tools from https://developer.android.com/studio/releases/platform-tools

2. Extract the ZIP into a folder.

3. Add that folder to your system PATH.

4. Verify installation:

adb devices

🍎 MacOS

1. Install Platform Tools:

brew install android-platform-tools

📲 Installing frida-server on Android device

1. Download frida-server from https://github.com/frida/frida/releases

Look for a file like:

frida-server-<version>-android-arm64.xz

2. Extract the file:

🪟 Windows

Uncompress the XZ into a folder.

🍎 MacOS

unxz frida-server-*.xz

or

xz -d frida-server-*.xz

3. Push frida-server to the Android device:

adb root # Might be required
adb push frida-server /data/local/tmp/

It is recommended not to use the name frida-server and use a random name instead. i.e. android-pen-server.

4. Init the shell (from the device's shell):

adb shell
su # Might be required if you are doing this on a rooted device. You might see `#` instead of `$`

5. Give it executable permissions:

cd /data/local/tmp
chmod +x frida-server
chmod 755 frida-server

6. Start frida-server:

./frida-server &

📦 Automated installation

If you want to save the lines of code and automate the whole process above, follow the steps below:

🪟Windows

1. Open PowerShell in the folder where frida-server and install_frida_server.ps1 are located.

2. Allow script execution (temporary):

Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass

3. Run the script:

./install_frida_server.ps1

🍎 MacOS

1. Open Terminal in the folder where frida-server and install_frida_server.sh are located.

./install_frida_server.sh

💀 Kill the process manually

adb shell
su
ps | grep frida

This shows something like:

u0_a123   1234  567   ...  /data/local/tmp/frida-server

Now kill it (replace 1234 with the actual PID):

kill -9 1234

Or if you want to kill all frida-server processes automatically use:

adb shell pkill frida-server

⚠️ Notes

• Never leave frida-server running in production or on a real device without protection, as it opens a dangerous door.

• Be sure to kill the process when you are done.

• If you get something like Failed to enumerate processes: unable to access process with pid <number> due to system restrictions; try 'sudo sysctl kernel.yama.ptrace_scope=0', run Frida as root

• SELinux might still show as enforcing if the kernel is locked down — but this usually works on custom ROMs or rooted stock ROMs.

• If you get adbd cannot run as root in production builds after running adb root you need to prefix each shell command with su -c. For example: adb shell "su -c chmod 755 /data/local/tmp/frida-server"

💡 Extra Tips

• Use frida-ps -U to list running processes on the device. It may help you to find the name of the target application.

• Use frida-trace -U -n com.package.name -i nativeCheck to auto-generate hooks.

• Some apps might be able to detect the frida-server location. Renaming the frida-server binary to a random name, or moving it to another location such as /dev may do the trick.

• Make sure the app is in the foreground before hooking.

• Modify the script to hook other methods as needed.

For more information you can consult Frida's documentation