Frida server not enough privileges

Question

Im running Android within an Anbox setup, I downloaded the frida-server version for Anbox the android-x86_64.

I followed this steps

adb push frida-server-12.11.18-android-x86_64
 /data/local/tmp/
adb shell "chmod 755 /data/local/tmp/frida-server-12.11.18-android-x86_64
"
adb shell "/data/local/tmp/frida-server-12.11.18-android-x86_64
 &"

Ok now comes my issue if I try to

# frida-ps -Uai
Failed to enumerate applications: unable to find process with name 'system_server'

But without the ai works, the problem is that does not have visibility of running applications

frida-ps -U
 PID  Name
----  ------------------------------------
2333  frida-server-12.11.18-android-x86_64
1571  logcat
2335  logcat
  48  sh

My guess is that this is related to permissions of the frida-server running inside the Anbox, I have tried to launch it as root but it crashes the whole environment.

x86_64:/data/local/tmp $ ls -ll                                                                                                                       
total 110648
-rwxr-xr-x 1 u1_root u1_root 56645256 2020-10-15 16:11 frida-server-12.11.18-android-x86_64
drwxr-xr-x 2 root    root        4096 2020-10-17 07:41 re.frida.server

Any clue on how to give visibility to the frida-server ?

As you are using a non-Google-certified Android system another possibility can be that the process `system_server` has just been renamed and therefore frida can't find it. — Robert, Oct 17 '20 at 10:52
Sounds like an Anbox issue. I haven't run into an issue like with using AVD or x86. Only thing would be to double check you're using the correct version of frida-server. — MitchHS, Nov 05 '20 at 05:08
In this release notes https://frida.re/news/releases/, said Anbox is supported. Hmm, but I still don't manage to make it works. — fsevenm, May 30 '21 at 00:55
Exactly in sub title `Changes in 14.2.15`, just search that term. — fsevenm, May 30 '21 at 00:56
Need to run frida-server in root shell, means `su` need to be called before. — fsevenm, May 30 '21 at 03:33

Mohamed Farouk · Answer 1 · 2020-11-30T10:17:51.830

3

You have to be a sudo user

Note: Make sure Frida-Server is the same version as your Frida install. You can safely run a newer version on the host side though, as long as the major version is the same.

Tested

user@user:~$ adb push frida-server /data/local/tmp/frida-server
user@user:~$ adb shell
x86_64:/ $ su
x86_64:/ # chmod 777 ./data/local/tmp/frida-server
x86_64:/ # ./data/local/tmp/frida-server

edited Nov 30 '20 at 10:17

answered Nov 30 '20 at 09:35

Mohamed Farouk

957
1
13
29

score 0 · Answer 2 · answered Dec 31 '20 at 19:57

After debugging this issue today I have discovered that frida-agent-32.so causes zygote to crash for some reason. After zygote crashes Anbox immediately crashes as well.

Because I am lazy, I have decided to look for a workaround instead of fixing this bug. After trial and error I have found that this bug is not present in the 64 bit version of the agent (frida-agent-64.so). Therefore, after disabling 32 bit agent Frida can still inject and execute every 64 bit or libhoudini (arm/arm64) app.

In order to prevent frida-server from injecting the agent to zygote (32 bit) I have simply modified two lines, see the last commit.

If you want to avoid the hassle of compiling frida-server yourself you can just use my compiled version.

I was trying your workaround, but seems not working. `frida-ps -U` does not display the android app process. — fsevenm, May 29 '21 at 16:10

Frida server not enough privileges

2 Answers2