macOS:10.13.5
python3.7
frida: 12.0.8
frida-tools: 1.1.0
ios: iPhone7plus 11.3.1
frida-server: 12.0.8
iPhone7p:~ root# lsof -i :27042
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
frida-ser 419 root 5u IPv4 0xf4c60ab784ee7fd7 0t0 TCP localhost:27042 (LISTEN)
iPhone7p:~ root# ps -e | grep frida
419 ?? 0:00.01 /usr/sbin/frida-server
2257 ttys000 0:00.00 grep frida
iPhone7p:~ root#
macOS:
oooo:~ oooo$ iproxy 27042 27042
waiting for connection
accepted connection, fd = 4
waiting for connection
Number of available devices == 0
No connected device found, terminating.
oooo:~ oooo$ frida-ps -H 192.168.1.4
Failed to enumerate processes: unable to connect to remote frida-server
oooo:~ oooo$ frida-ps -R
Failed to enumerate processes: unable to connect to remote frida-server: Error receiving data: Connection reset by peer
oooo:~ oooo$
@cvt126 ios
@ooszero Make sure that your iPhone is paired/trusted to the macos.
server side:
/usr/bin/frida-server -l 192.168.1.4
client side:
frida-ps -H 192.168.1.4
Just tried with latest frida 12.1.0 and everything works fine.
@in7egral
My frida-server is installed on /usr/sbin by default, and it starts automatically.
Then I killed the process and he restarted it. Then I moved him to /usr/bin/.
Then I'll /usr/bin/frida-server -l 192.168.1.4 again.
iPhone7p:~ root# /usr/bin/frida-server -l 192.168.1.4
2018-08-28 22:01:08.706 frida-server[2628:94693] Frida: Unable to check in with launchd: are we running standalone?
frida-ps -H 192.168.1.4
Connection success
You can check launchd plist that starts frida and change command line /usr/bin/frida-server with specifying IP. If you don't care about security (but change password from alpine to something strong!) you can just leave /usr/bin/frida-server -l 0.0.0.0.
Step by step guide.
Locate file re.frida.server.plist (it's not bplist, just simple xml)
Edit it:
From:
<key>Program</key>
<string>/usr/sbin/frida-server</string>
<key>ProgramArguments</key>
<array>
<string>/usr/sbin/frida-server</string>
</array>
To:
<key>Program</key>
<string>/usr/sbin/frida-server</string>
<key>ProgramArguments</key>
<array>
<string>/usr/sbin/frida-server -l 192.168.1.4</string>
</array>
@in7egral
<key>Program</key>
<string>/usr/sbin/frida-server</string>
<key>ProgramArguments</key>
<array>
<string>/usr/sbin/frida-server -l 0.0.0.0</string>
</array>
<key>Program</key>
<string>/usr/sbin/frida-server</string>
<key>ProgramArguments</key>
<array>
<string>/usr/sbin/frida-server -l 192.168.1.4</string>
</array>
Reboot device and activate jb
ssh [email protected]
ps -e | grep frida-server
408 ?? 0:00.08 /usr/sbin/frida-server -l 192.168.1.4
connection failed
It is necessary to manually call /usr/sbin/frida-server -l 0.0.0.0 once.
connection success
Have no idea why this happens (it maybe be due to services startup sequence). But at least you can run it manually and this works.
P.S. It doesn't matter where frida-server is located - /usr/sbin or /usr/bin. But avoid to use '/var/' or '/tmp/' and all sub catalogs (due to sandbox policies).
I also had this issue and used the workaround by adding -l 0.0.0.0 when starting frida-server. Does someone know why it does not work without this parameter? A fix would be nice.
@in7egral @baptx @ooszero
I think we can solve this issue via the next way.
use launchctl unload -w /Library/LaunchDaemons/re.frida.server.plist command to stop the process.
Then modity file "/Library/LaunchDaemons/re.frida.server.plist" from
<key>Program</key>
<string>/usr/sbin/frida-server</string>
<key>ProgramArguments</key>
<array>
<string>/usr/sbin/frida-server</string>
</array>
to
<key>Program</key>
<string>/usr/sbin/frida-server</string>
<key>ProgramArguments</key>
<array>
<string>/usr/sbin/frida-server</string>
<string>-l</string>
<string>0.0.0.0</string>
</array>.
3.use launchctl load -w /Library/LaunchDaemons/re.frida.server.plist command to start the process.
hello world
Are you using any proxy in Android?
I had the same issue because i was using iptables on Android to redirect all traffict to burp suite. To exclude Frida traffic (ports 27042 and 27043) you must add the following rules to iptables (in the same order):
iptables -t nat -A OUTPUT -p tcp --dport 27042 -j REDIRECT --to-ports 27042
iptables -t nat -A OUTPUT -p tcp --dport 27043 -j REDIRECT --to-ports 27043
iptables -t nat -A OUTPUT -p tcp -j DNAT --to-destination IP_BURP:PORT_BURP
@xiaomiwang
Did you actually do it? I'm curious about the result. : )
can't locate frida-server on my Catalina. It's not part of frida-tools.
Most helpful comment
server side:
client side:
Just tried with latest frida 12.1.0 and everything works fine.