In frida-trace there is a -W option that can be used to await spawn, i.e. one can specify API filter with -j flag for a Android APK and use -W to have frida wait for the app to be started.
In python, I see the following APIs:
- device.spawn(package name) and device.resume(pid) --> spawn process to attachable state, resume process from attachable state
- device.attach(pid) --> attach to a process to give session
- session.create_script() --> create a new script
So based on the above, it appears the app has to be started before JS scripts can be added to monitor APIs.
My questions are as follows:
- How is attachable state defined ? Does it mean process has started executing ?
- Is there a way in python to match behavior of the -W flag, i.e. mention which scripts need to be loaded before app process is started, and then start the app process ?
- Does spawn / resume by default starts the main activity of the specified app ?
In
frida-tracethere is a -W option that can be used to await spawn, i.e. one can specify API filter with -j flag for a Android APK and use -W to have frida wait for the app to be started.In python, I see the following APIs:
frida-python/frida/core.py
Line 821 in ebd797e
frida-python/frida/core.py
Line 571 in ebd797e
So based on the above, it appears the app has to be started before JS scripts can be added to monitor APIs.
My questions are as follows: