1.9.0

new

• Add the --inline flag to the ios heap execute js command, allowing for inline JavaScript evaluation on iOS heap objects. (956056a)
• Add a new --unzip-unicode flag to the iOS IPA patcher to treat the IPA name as unicode. Thanks @Fabiano1107 (#309)
• Add the ability to patch in a gadget configuration and script to Android APK's, making it possible to eternalise scripts without needing a computer. Note: This is an Android only feature for now and needs porting for iOS. For more information, please see: https://frida.re/docs/gadget/. Thanks @gergesh (#329)
• Improve the Android method watcher by dumping information about objects instead of simply showing [object, object] for the argument. Thanks @arielmiki (#334)
• Improve anti-frida evasion by using a different prefix for .dex files generated by Java.registerClass(). An example patch to recompile the Android frida-server with the name frida renamed to freeda can be seen here. (d1035e5)
• Add a new android keystore watch command. This command will report usages of the java.security.KeyStore class, revealing the password used when accessing items. (0513b2d)

fixes

• Fix android hooking set return_value crashing when no optional overload is set. Thanks @root-intruder (#307)
• Fix suggested package name for jarsigner on Linux. Thanks @RomainL972 (#327)
• Update the iOS biometrics bypass script to handle cases where applications check for an error rather than if a success status was returned. Thanks @gagnonca (#333)
• Android patcher improvements. This comes mostly by enforcing the use of apktool version 2.4.1 and up, as well as by automatically running the empty-framework-dir command before patching. Information about upgrading apktool can be found in the wiki here. (46288b5)
• Fix Android root detection scripts that were pretty horribly broken 😂 (539fc30)

other

• Bump Python dependencies (e09e7bd)
• Bump agent dependencies (326b28e, ae91da0, 1b78cb3, d672f1a, 2ee2dda, 5583264)
• Remove support for Python 3.5 (1b198e8)
• Code cleanups. (be95b60, b63f6fb)

Code Changes Since v1.8.4

1.8.4

other

• Temporarily pin the frida-tools version, pending upstream upgrades.

Code Changes Since v1.8.3

v1.8.3

fixes

• Improve Kotlin app repackaging support (thanks @dnet via #299)
• Improve iOS 13 SSL pinning bypass support (thanks @tmm1 via #301)

other

• Bump agent dependencies

Code Changes Since v1.8.2

1.8.2

fixes

• Fix Android overload filter (thanks @jpacg via #293)

Code Changes Since v1.8.1

1.8.1

fixes

• Improve plugin loading when specifying a folder with multiple plugins

Code Changes Since v1.8.0

1.8.0

new

• Add a libboringssl SSL pinning bypass for iOS 11+ (thanks @NickstaDB via #281)
• Multiple Android APK patcher improvements which include better support for Kotlin coroutines, a flag to use aapt2 with apktool and better error handling. (thanks @dnet via #282, #283 and #284)
• Add the ability to watch a specific Java method overload, or set a return value for a specific method overload (thanks @aph3rson via #239)
• Add a new iOS command to dump raw, unparsed and unformatted data from the keychain. This is available as the ios keychain dump_raw command and should be used in conjunction with the original dump command to make sure no parsing errors have occurred.
• Add a new file cat command that will perform cat-like activities, added for convenience. Only ASCII printable characters in the target file will be echoed to screen. For any other processing, files should still be downloaded and processed locally.
• Add new Frida hook generator commands to quickly get ready to use, boilerplate code for your own Frida hooks. Two flavours are available; a simple and class version. The version you choose will depend on your use case, so feel free to experiment!
• Completely refactor SQLite database interactions, removing the old implementation and replacing it with LiteCli. Running the sqlite connect database.sqlite command will now automatically drop you into a litecli REPL. If you want to make changed to the target database, add the --sync flag. This way, once you quit from the litecli REPL, the modified database will be synchronized back to the device.

fixes

• Improve RPC messaging from the JavaScript agent to the Python environment.

other

• Update the Frida agent's dependencies, bumping @types/frida-gum to version 14.

Code Changes Since v1.7.5

1.7.5

new

• Add the plugins directory with some sample plugins.

fixes

• Improve the iOS keychain dumper to handle entries with empty data.

other

• Update the Frida agent's dependencies.

Code Changes Since v1.7.4

1.7.4

fixes

• Change the iOS patcher shorthand flag used when specifying a provisioning profile to an upper case P. Lower case was conflicting with the --pause / -p flag.

Code Changes Since v1.7.3

1.7.3

new

• Add an Android Cordova SSL pinning bypass for applications that make use of SSLCertificateChecker-PhoneGap-Plugin. Thanks @clviper.

other

• Bump agent dependencies.

Code Changes Since v1.7.2

v1.7.2

fixes

• Escape APK package names causing parsing errors for the Android patcher.
• Stop the iOS IPA patcher if a valid provisioning profile was not found.

other

• Bump agent dependencies.

Code Changes Since v1.7.1