Frida: Putting the 'Open' Back into Closed Software

Speaker: Ole André V. Ravnås

Abstract

Have this black box process that you're just dying to peek inside of? Is this process perhaps running on your cell phone, or on a closed-source OS, and you just got to interoperate with it? Is the company behind this proprietary software being less than forthcoming with APIs and docs? Well, if you know a little JavaScript and have a little persistence, perhaps we can help... In this talk, we show what you can do with Frida, a scriptable dynamic binary instrumentation toolkit for Windows, Mac, Linux, iOS, Android, and QNX. We show by example how to write snippets of custom debugging code in JavaScript, and then dynamically insert these scripts into running processes. Hook any function, spy on crypto APIs or trace private application code. No source code, no permission needed!

Biography

Ole André Vadla Ravnås (@oleavr) is a NowSecure Security Researcher and creator of the Frida project. It was his younger days as a die-hard Linux user that made him feel the pain of vendor lock-in and lead him to discover his true passion. He reverse-engineered Microsoft's MSN webcam codec, allowing their webcam chat to be used across different platforms. He brought HD video conferencing to the iPhone before Apple themselves did it, and made it possible for the XBMC team to bring their media center to Apple TV. These days you'll find him injecting JavaScript into mobile apps and dynamically rewriting functions in memory, often even on a Saturday evening. His goal is to make reversing easier and more fun across all the modern platforms.