new

• Add the ability to pause iOS IPA patching to allow for manual changes before repackaging and code signing. This is done by adding a --pause flag to the patchipa command.

Code Changes Since v1.7.0

new

• Add new iOS and Android heap interaction methods. These new commands allow you to performs various tasks under the <target> heap command context.
• Add a small JavaScript editor for simple scripts using the evaluate command.
• Add an iOS binary protections enumeration module.
• Add an on device HTTP server.

fixes

• Fix Android Activity launching
• Complete the iOS file delete feature.
• Fix duplicate entries created when adding the Android debuggable flag or a Network Security Config.
• Fix iOS keychain data hex string conversions.

other

• Upgrade frida-compile to v9.

Code Changes Since v1.6.6

fixes

• Fix ascii art 💥
• Improve iOS SSL pinning bypass stability.
• Improve internal jobs cleanup logic.

other

• Cleanup agent TSConfig and replace frida-gum-types with @types/frida-gum.

Code Changes Since v1.6.5

new

• The iOS keychain dumper will now add a key called dataHex when dumping entries with the --json flag. This key is a hex string of the raw data from the keychain.
• The iOS keychain dumper has a new --smart flag to trigger automatic decoding of data fields. Without this flag (the default), entries are UTF8 encoded.

fixes

• Improve the iOS keychain dumper's reliability.

other

• Bump agent dependencies

Code Changes Since v1.6.4

new

• Add the ability to enumerate an iOS apps' included frameworks observable by NSBundle. This is available as the new ios bundles list_frameworks command.
• Add a new --target-class flag to the Android patcher to inject a loadLibrary call for a Frida gadget in any arbitrary class' constructor (for example, to run before an applications onCreate()). The default is still to use the apps main launchable activity.
• Add a new SSL Pinning bypass hook for iOS Cordova applications making use of this plugin. Thanks @aph3rson.

fixes

• Improve application stability for the Android patcher when injecting a loadLibrary call into an existing class constructor by correctly incrementing the .locals count.

other

• Bump agent dependencies

Code Changes Since v1.6.3

new

• Add the ability to enumerate the currently active Android activity. This can be done with the new android hooking get current_activity command.
• Add a new R class helper to the agent for Android hooks.

fixes

• Fix networked Frida connections. The the --host and --network flags will work again as intended.
• Fix spawning on iOS (using a jailbroken environment) (thanks @aph3rson)

Code Changes Since v1.6.2

new

• Add the ability to save modules and module exports as json.

fixes

• Improve error handling when downloading Frida gadgets.

thanks

This release contains commits primarily contributed by @AV-IO 🎉

Code Changes Since v1.6.1

fixes

• Fix Frida remote connection capability. Specifying a host and port will be done in a future release.
• Small typing fixes in the agent

Code Changes Since v1.6.0

new

• Implement Frida crash reporting.
• Add warnings before clearing the iOS keychain or the Android Keystore.
• Report the Frida runtime in use as part of the frida command.
• Add inspection of live instances of Java objects. This feature is available as a new command: android heap print_instances <class>.
• Add an Android method searcher. This is available as a new command: android hooking search methods <search string>.
• Add plugin support (thanks @SpeedyFireCyclone). For more information, see the wiki article here. Sample plugins can be seen here (Sample plugin used in tests), here (Stetho sideloader) and here (Objections clipboard monitor as a plugin).
• Add the ability to delete files on an Android device. This is implemented as the rm command.

fixes

• Fix class enumeration in the Android class watcher where methods with generics broke parsing.
• Fix a cache key invalidation issue when uploading files.

Code Changes Since v1.5.4

fixes

• Enumerate writable pages when searching memory with the memory search command

new

• Improve the visual feedback of the memory search command. Small hexdump snippets will now be returned unless the --offsets-only flag is provided.

other

• Bump the Frida agents' dependencies.

Code Changes Since v1.5.3

fixes

• Various path related fixes. #200
• Reintroduce the import command to load external Frida scripts #196

other

Upgrade node dependencies for the agent, primarily bumping the frida-gum-types version to ^4. https://github.com/sensepost/objection/commit/613be5a8c66e2c498a4d951046d877465fc8a783

Code Changes Since v1.5.2

fixes

• Fix the iOS generic method return value override module. #193
• Fix agent loading on operating systems that don't use UTF-8 encoding by default. #191

Thanks goes to @aph3rson for the fixes in this release.

Code Changes Since v1.5.1

fixes

• Fix an agent error condition when iOS AFNetworking was not available. #189
• Small flow control and code simplification changes in the agent.
• Fix various typos.

Code Changes Since v1.5.0

new

• Completely rewritten Frida agent using TypeScript. All of the old hooks have been ported into this agent, replacing the old method of constantly loading and unloading Frida scripts with a single instance exposing methods via the Frida RPC.
• An API! Read more about that here.
• Support spawning Android applications when running on a rooted Android device.
• Job output is no longer a single, random colour, but instead contains a job ID and more useful colouring of the overall output.
• Include new SSL pinning disabling hooks.
• Add command fuzzy completion.
• Upgrade dependencies, most notably, prompt-toolkit to version 2.

fixes

• A crazy amount of hook specific bug fixes (no really). This is primarily thanks to the TypeScript agent port work together with the help of the frida-gum TypeScript type definitions.
• Vastly improved filesystem interactions for both Android and iOS, primarily when uploading/downloading files.
• Better error reporting when the Frida server (both in a Gadget mode and server mode) goes away/crashes.
• Improved data decoding for the iOS keychain dumping module.
• Added a check when using --skip-resources flag for the APK builder to not try and inject the Internet permission.
• Fix the directory separator when using on Windows.
• Improve error handling when dumping memory regions.

Code Changes Since v1.4.1

new

• Improved exception error reporting to the terminal to help debug errors.

fixes

• Android class watcher command will now correctly report invoked methods.
• Fix the memory dumping commands to support Frida 12.

Code Changes Since v1.4.0

new

• Add the ios nsurlcredentialstorage dump command to dump credentials stored using NSURLCredentialStorage.

fixes

• Improve class Objective-C selection for the ios hooking watch* commands.
• Add warnings about existing memory dumps before overriding an existing dump.
• Include frida-tools as dependency as required since Frida 12.
• Other small fixes.

Code Changes since v1.3.0

v1.3.0

This release updates the license for objection to GPL v3.

new

• Add support for multiple devices by specifying a target device serial with the new --serial flag.
• Add the ability to add new text kSecClassGenericPassword keychain entries.

fixes

• Small fixes to the iOS keychain dumper.
• Fix the update checker to improve support for Windows.

changes

This version simply pins the version of python-prompt-toolkit in use as a major update of the library is imminent. (thanks @jonathanslenders)

v1.2.8

changes

• The Android patcher defaulted to not decode resources by default. This has now been inverted, with the flags long name changed to --skip-resources to skip the decoding if needed.

v1.2.7

new

• Add --network-security-config / -N flag to the patchapk command. This flag will add a network security config to the APK as well as the required android:networkSecurityConfig tag to the AndroidManifest.xml's <application> tag. This helps for Android 7+ and the changes to CA certificates that were introduced.
• Add a hook on the verifyChain() method in the com.android.org.conscrypt.TrustManagerImpl class to suppress exceptions that could get thrown if a certificate with a non-trusted CA is presented. This hook is available in the android sslpinning disable command and should take preference over --network-security-config flag in the patchapk command.

fixes

• The patchapk command used to strip all .'s from the resultant APK's name. This should no longer happen.