Sunday, April 16, 2017

Dynamic Binary Instrumentation aka DBI (pt1)

Ok hear me out, i kid you not ... my dad actually calls me a lazy genius, 90% of the time, i only do 'what i want, at my own convenience in a time frame that is under my desire' now reason for this is because my curiosity and work related incidences have led me to bug hunting ... i know, i reverse binaries/files/protocols etc... so lets see i handle this :)

what is DBI: 

So simply put:

peeking under the hood while the car is running... and making changes, adding fuel/gas , adding passengers/disembarking while again still in movement/running

so why do DBI kind of things?

well, catch bugs
dump memory
really cool debugger (yes imagine running it on pretty much every platform, using the same scripting language)
memory hooking
API hooking

alrighty, so what tools are we using?

enter ----> FRIDA

so who is FRIDA and why do i like her so much to blog and use her... instead of other girls i mean frameworks

So FRIDA is a DBI tool, that uses Javascript as its core scripting language (V8/DuckTape/JavaScriptCore) you inject the code into a binary (running or otherwise) Its Multi-Arch (name them) it also has bindings meaning :) ... python, C, Node.js , .NET and of course our favorite bit.... OpenSource

so install?

pip install frida

theres a sudo if you get stuck on the easy bit hehe

now pt2 covers how to use FRIDA

3 comments:

gyaresu said...
This comment has been removed by the author.
gyaresu said...

Link to Frida is broken, it needs the "www" for https://www.frida.re Apparently they're good at languages but bad at DNS ;) Cheers.

Unknown said...

that website have a forum, want to talk at somebody

Post a Comment

ARCHIVED

:) No longer posting, all articles should be treated as archived and outdated