New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Unable to access process: Frida should provide a better error-message when trying to attach to Apple-protected processes on El Capitan #83

Closed
0x00-0xFF opened this Issue Nov 28, 2015 · 14 comments

Comments

Projects
None yet
7 participants
@0x00-0xFF

0x00-0xFF commented Nov 28, 2015

After installing frida on OSX using easy_install I'm getting the following error when I try to run the example.py (as described on http://www.frida.re/docs/installation/):

sudo python frida_example.py
Password:
Traceback (most recent call last):
File "frida_example.py", line 5, in
session = frida.attach("cat")
File "build/bdist.macosx-10.11-x86_64/egg/frida/init.py", line 55, in attach
File "build/bdist.macosx-10.11-x86_64/egg/frida/core.py", line 87, in attach
frida.PermissionDeniedError: unable to access process with pid 1992 from the current user account

@oleavr

This comment has been minimized.

Contributor

oleavr commented Nov 28, 2015

Hi,

That error means you're on El Capitan trying to attach to a system binary, which /bin/cat technically is (being signed by Apple), so there's not much we can do about that for now except provide a better error-message, and suggest a better example target in the docs.

Cheers!

@oleavr oleavr changed the title from Unable to access process to Unable to access process: Frida should provide a better error-message when trying to attach to Apple-protected processes on El Capitan Nov 29, 2015

@dpnishant

This comment has been minimized.

dpnishant commented Mar 8, 2016

Or may be disable SIP (System Integrity Protection) for test purposes? Reference: http://osxdaily.com/2015/10/05/disable-rootless-system-integrity-protection-mac-os-x/

@brandonros

This comment has been minimized.

brandonros commented Jul 10, 2016

Just to clarify, there are no options available to hook onto Messages, etc.?

@IgorGanapolsky

This comment has been minimized.

IgorGanapolsky commented Nov 10, 2016

I am following installation instructions on http://www.frida.re/docs/installation/. Upon executing session = frida.attach("cat"), I get this error:

frida.PermissionDeniedError: unable to access process with pid 67947 from the current user account

Is there a way to make these instructions clearer for Mac OS users?

@oleavr

This comment has been minimized.

Contributor

oleavr commented Nov 10, 2016

Hi @IgorGanapolsky,

Is there a way to make these instructions clearer for Mac OS users?

Yes, they were written before SIP entered the picture. Would appreciate a PR improving that guide if any of you feel like it. :-)

@IgorGanapolsky

This comment has been minimized.

IgorGanapolsky commented Nov 10, 2016

@oleavr What should the PR entail? How to forego SIP? What if users have no knowledge of SIP, and just want to try Frida for the first time. This gets a little complicated...

@oleavr

This comment has been minimized.

Contributor

oleavr commented Nov 10, 2016

@IgorGanapolsky Good point. Might be easier to ask the user to compile a “Hello World”-style program, like we do in the tutorials. (The alternative would be to suggest different programs depending on the OS, but that quickly becomes messy too.)

@dweinstein

This comment has been minimized.

Member

dweinstein commented Nov 10, 2016

what if you copy the cat binary first to /tmp/cat then try the example?

@dweinstein

This comment has been minimized.

Member

dweinstein commented Nov 10, 2016

ah I think this only would have worked for I think the prev mac os version (not sierra)

it did't work cause I was stupid and still typed cat instead of the copied version :-)

@dweinstein

This comment has been minimized.

Member

dweinstein commented Nov 10, 2016

I lied, it still works :-)

$ cp /bin/cat .
$ ./cat &

$ python test-frida.py
[u'cat', u'libSystem.B.dylib', u'libcache.dylib', u'libcommonCrypto.dylib', u'libcompiler_rt.dylib', u'libcopyfile.dylib', u'libcorecrypto.dylib', u'libdispatch.dylib', u'libdyld.dylib', u'libkeymgr.dylib', u'liblaunch.dylib', u'libmacho.dylib', u'libquarantine.dylib', u'libremovefile.dylib', u'libsystem_asl.dylib', u'libsystem_blocks.dylib', u'libsystem_c.dylib', u'libsystem_configuration.dylib', u'libsystem_coreservices.dylib', u'libsystem_coretls.dylib', u'libsystem_dnssd.dylib', u'libsystem_info.dylib', u'libsystem_kernel.dylib', u'libsystem_m.dylib', u'libsystem_malloc.dylib', u'libsystem_network.dylib', u'libsystem_networkextension.dylib', u'libsystem_notify.dylib', u'libsystem_platform.dylib', u'libsystem_pthread.dylib', u'libsystem_sandbox.dylib', u'libsystem_secinit.dylib', u'libsystem_symptoms.dylib', u'libsystem_trace.dylib', u'libunwind.dylib', u'libxpc.dylib', u'libobjc.A.dylib', u'libauto.dylib', u'libc++abi.dylib', u'libc++.1.dylib', u'frida-agent.dylib', u'libresolv.9.dylib']

opened PR to docs here

@oleavr

This comment has been minimized.

Contributor

oleavr commented Nov 10, 2016

@dweinstein Thanks! That's definitely the simplest solution! :-)

@IgorGanapolsky

This comment has been minimized.

IgorGanapolsky commented Nov 11, 2016

@dweinstein When I do frida.attach("cat"), I get this error now:

raise _frida.ProcessNotFoundError("ambiguous name; it matches: %s" % ", ".join(["%s (pid: %d)" % (process.name, process.pid) for process in matching]))
frida.ProcessNotFoundError: ambiguous name; it matches: cat (pid: 29755), cat (pid: 29752)

I am on Sierra.

@dweinstein

This comment has been minimized.

Member

dweinstein commented Nov 12, 2016

sounds like you have two cat binaries running. Try killing both of those PIDs first and trying again. Or try the PIDs individually until you find the right one by passing the PID (number) to attach instead (frida.attach(29755))

To kill all the running cat processes you can run pkill cat then try again.

@oleavr oleavr closed this Jan 19, 2017

@langrenfengzi

This comment has been minimized.

langrenfengzi commented Aug 6, 2017

Another way was to write a simple execute program, and attach it without disable SIP.

  1. Write a simple "hello.c":
#include <stdio.h>
int main() {
     printf("Hello World\n");
     getchar();
     return 0;
}
  1. Compile and run it
$ gcc hello.c -o hello
$ ./hello
  1. Modify the "example.py"
import sys
import frida
session = frida.attach("cat" if len(sys.argv)<=1 else int(sys.argv[1]))
print([x.name for x in session.enumerate_modules()])
  1. Get the hello process id and attach it
$ ps aux|grep hello
lang             62676   0.0  0.0  2432780    728 s000  S+    1:56AM   0:00.00 ./hello
$ python example.py 62676
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment