Awesome

Fried Apple Framework (FRAPL)

FRAPL is a reverse engineering framework created to simplify dynamic instrumentation with Frida.

The core of FRAPL is FridaLink - TCP/JSON based protocol and IDA plugin for establishing a bridge between Frida client and IDA Pro. It brings runtime information to IDA disassembly and allows monitoring dynamic changes by controlling Frida directly from IDA.

FRAPL requires just three simple steps to actually start reverse engineering. Without a single line of code.

This is a new way of combining static and dynamic analysis.

<center>__FridaLink Overall View__</center> ![FRAPL](./Resources/screenshots/frapl_overall_view.png?raw=true "FRAPL") <center>You can find old FridaLink User Manual [here](./Resources/documents/FridaLinkUserManual_160412.pdf)</center>

Publications

Ruxcon 12 (October 2016)

Presentation

[Slides](./Publications/2016 Ruxon 12/Ruxcon_12_FRAPL.pdf)

iOS Demo
macOS Demo

Design and Structure

FRAPL

iOS/* - iOS specific FRAPL headers (classes, helpers, UI)
macOS/* - macOS specific FRAPL headers (classes, helpers, UI)
FrAClientCore.js - Node.js Frida client core
- Client script (with include() command support)
- Executing server script on target
- Frida RPC client/server message handling (client side)
- FridaLink message handling (from Frida server and from/to IDA)
- Shortcut handling
FrAServerCore.js - JS Frida server core
- Frida RPC client/server message handling (server side)
FrAHelperLib.js - JS code to communicate with FRAPL Helper Library
FrAFridaLink.js - JS Frida server functions for FridaLink
FrACommon.js - Node.js/JS code to share between Frida client and server
FrAGCD.js - JS code to add Grand Central Dispatch support to Frida server
FrAdlfcn.js - JS code to add dl* funtions support from libdyld.dylib
FrAUtils.js - Node.js/JS utility functions to share between Frida client and server
- Algorithms
- Output formatting
- Dumpers (like memory and ObjC)
- Other helper functions

FridaLink

FridaLink/ - FridaLink Source Code
FridaLink.py - IDA Pro script (will be a plugin eventually) to implement FridaLink server

Misc

package.json - nmp package description to install all dependencies
create_project.sh - Script for generating minimal scripts for FRAPL and FridaLink
README.md - this readme file

Architecture

Getting Started

Prerequisites

To install required nmp modules run following command in FRAPL folder:
$ nmp install

FridaLink

FridaLink setup is as simple as 1-2-3 and requires just three steps to attach to app and actually start reverse engineering your target. Without a single line of code.

In IDA press ALT+F7 and load FridaLink.py
In terminal run $ ./create_project.sh -f ~/Projects/TargetApp ; cd ~/Projects/TargetApp to create project
In terminal to attach to target and establish FridaLink run
$ node ./client.js -c theme.json -l -n TargetApp server.js for macOS target
$ node ./client.js -c theme.json -l -r -p $(frida-ps -U | grep TargetApp | awk '{print $1}') ./server.js for iOS target

Setup connection to your iDevice over USB

Get jailbroken device and serial cable
Install usbmuxd - brew install usbmuxd
Grab usbmux.py script here
Grab tcprelay.py script here
Drop these files into your path someplace and make executable.
Now connect your device and run the following command. tcprelay.py -t 22:4222