You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
However, some programs deliberately make it hard to reverse engineer (eg: obfuscation), calling linux system calls manually instead of using the libc wrappers
MOV W8, #0x38
...
SVC 0
(btw this is calling openat in ARM64)
I understand that it is possible to hook the code location above using the Interceptor to examine the arguments, but I don't know any way to examine the return value (ie: I want to examine whether openat returned a valid file descriptor).
How could I do this?
The text was updated successfully, but these errors were encountered:
Hello, I have a question about the Frida interceptor in the context of an ARM64 machine.
Normally, the Frida Interceptor allows a programmer to examine both the input values and return values of a function call, which is simply done by:
However, some programs deliberately make it hard to reverse engineer (eg: obfuscation), calling linux system calls manually instead of using the libc wrappers
(btw this is calling
openat
in ARM64)I understand that it is possible to hook the code location above using the Interceptor to examine the arguments, but I don't know any way to examine the return value (ie: I want to examine whether
openat
returned a valid file descriptor).How could I do this?
The text was updated successfully, but these errors were encountered: