Beginning Frida: by example

Román Ramírez
5 min readMay 25, 2021
Frida Codeshare!

Frida, https://frida.re/, is one of those awesome tools that you think to youself is a must know, and never find time to invest to learn.

The moment I invested more than five minutes I got caught. Oh-my-god, what a solution. Thanks Ole (Frida’s creator) because this is magic :)

Hooking and instrumentation

Not going to provide a detailed description about hooking or instrumentation. If you don’t know what these terms mean, please do check this and this.

But what is really important, related to Frida, is that instrumenting a binary is EASY. The learning curve to be able to perform productive and effective stuff is really short, so if I have to mention the most relevant capability in Frida is giving a completely ignorant user the opportunity of doing magic.

Hooking is the technique that allows us to intercept a function (typically a syscall) and do stuff, finally invoking the real function or syscall.

In this post we will an easy hook of the “write” function. But when dealing with complex applications, instrumentation (as the art and technique of instrumenting an application from outside) evolves to a difficult discipline that requires a deep knowledge in the guts of the application and, potentially, the operating system.

--

--

Román Ramírez

Cybersecurity and technology expert. Looking for challenges on changing society and hacking minds and attitudes.