Frida usage & Interceptor

Make sure you connected from your machine to an Android device, via adb connect and open the 'webview browser tester' app.

Get a list of active and installed applications via frida-ps

frida-ps -Ua

frida-ps -Uai

Use frida-trace to trace the app:

frida-trace -i "open" -U <PID>

Use frida (CLI) to hook to the app or spawn a new instance (via the -f flag), and run a command inside the frida shell:

frida -U -f org.chromium.webview_shell

Java.androidVersion

Paste a javascript snippet in the javascript console to print all URLS:

Java.use("android.webkit.WebView").loadUrl.overload("java.lang.String").implementation = function (s) {
   send(s.toString());
   this.loadUrl.overload("java.lang.String").call(this, s);
   };

Create a file 'webview.js' where you replace the url parameter with a fixed value 'mobilehackinglab.com' (by extending above snippet), and test it via:

frida -U -l webview.js -f org.chromium.webview_shell

If you have difficulties creating this script, please check the last part of the video matching this exercise (3.9), and look into the Frida documentation: https://frida.re/docs/javascript-api/#java

PreviousFrida Setup NextFrida CodeShare

Last updated 7 months ago