frida-il2cpp-bridge: Doesn't play well woth grida-gadget

Wow I butchered that title. Eek.

Hello! I recently created a frida-gadget modded APK using this and it doesn’t seem to play well at all. I’ve had 2 users who happen to be using Android 12 tell me that this library causes their graphics to look like this on load.

I went through basic tests. Extracted an APK and repacked it then told them to run it. No problems. Injected frida-gadget with an empty script. No problems. Gave them a script that looked like:

import "frida-il2cpp-bridge"; Il2Cpp.perform(() => {});

Graphics looked awful.

I asked them what architecture they’re running and all of ours match. The biggest difference I can see is I run Android 10 and they both run 12. This app doesn’t want to open in any form of emulator be it Android Studio or Bluestacks so I can’t really test it.

Something in this library or a dependency is causing some kind of issue and I don’t know what. I figured I’d come here first to see if you have any idea what might be causing this before I explore other avenues.

EDIT: I’m not actually running the latest version. Trying that right now first.

EDIT2: I’ve gotten them to try a version with the latest frida-il2cpp-bridge and the issue still occurs.

About this issue

  • Original URL
  • State: closed
  • Created 2 years ago
  • Comments: 28 (16 by maintainers)

Commits related to this issue

Most upvoted comments

Well I gave the user experiencing issues a version with the return [null, ["__loader_dlopen", "utf8"]]; replacement and my awful resolve() fix and they’re reporting that it works now. No graphical issues and the script runs successfully.

+1
falconman44 on Feb 15, 2022

So the app freezes on the pi instead of garbled graphics but I can still play around with this.

If I run that script the output is

02-15 05:38:13.901  4888  4888 V frida-lief: dlopen loading /data/app/~~KM_bkKS16D6oJVMNpHRh2A==/com.spaceapegames.beatstar-kvXWBVE4QaOeHhlt1i1_tg==/lib/arm64/libunity.so
02-15 05:38:13.996  4888  4888 V frida-lief: dlopen loading /vendor/lib64/gbm/v3d_gbm.so
02-15 05:38:13.999  4888  4888 V frida-lief: dlopen loading libglapi.so.0
02-15 05:38:14.002  4888  4888 V frida-lief: dlopen loading /vendor/lib64/dri/v3d_dri.so
02-15 05:38:14.004  4888  4888 V frida-lief: dlopen loading libglapi.so.0
02-15 05:38:14.007  4888  4888 V frida-lief: dlopen loading /vendor/lib64/dri/kms_swrast_dri.so
02-15 05:38:14.008  4888  4888 V frida-lief: dlopen loading libglapi.so.0
02-15 05:38:14.011  4888  4888 V frida-lief: dlopen loading /vendor/lib64/dri/swrast_dri.so

(I’ve adapted the script here to print it out as a gadget script)

Commenting out https://github.com/vfsfitvnm/frida-il2cpp-bridge/blob/master/src/il2cpp/base.ts#L117 eliminates the crash so it does look like it originates from native-wait somewhere.

+1
falconman44 on Feb 15, 2022
Read more comments on GitHub
← frida-il2cpp-bridge: dlopen hook fails on Android 12 (gadget)
frida-il2cpp-bridge: Struct methods may be invoked incorrectly  →