
FridaGuard-Mobile - is a solution that protects your frida script from unauthorized use

Primary LanguageKotlinMIT LicenseMIT


FridaGuard-Mobile is a solution that protects your frida script from unauthorized use. The solution involves two main components: an Android authentication application and the target application containing the Frida script. Disclaimer: I am not responsible for any damage to third party applications. This project is voluntary in nature and should be used with respect for applications developed by other professionals.

Main Components:

Android Authentication App:

  • Secure Login Screen: Users must log in to the Android app to obtain an authentication token generated by the server.
  • Unique Identifiers: On the first access, the Android app generates custom identifiers for the device and build, which are stored locally and sent to the server for validation.
  • Access Protection: The token generated during login expires quickly, forcing the user to perform authentication and use the Frida script within a limited time window.

Target App with Frida Script:

  • Conditional Execution: The Frida script integrated into the target app can only be executed after receiving a valid token from the Android authentication app.
  • Secure Connection: The target app establishes a TCP connection with the Frida script and then receives the JWT token via TCP, ensuring that execution only occurs if the token is valid.
  • Frida Identification: The Frida script sends the token to the server in all requests, along with a special header that identifies the use of the script, allowing the server to control and monitor these operations.
  • Automatic Termination: If the token expires or is invalidated, the Frida script is automatically terminated, preventing unauthorized use.

How It Works:

  1. Login on Android App: The user logs into the Android app, which generates a JWT token based on the unique device identifiers.
  2. Connection with Target App: After login, the user opens the target app containing the Frida script. The target app connects to the Frida script and transmits the received JWT token.
  3. Validation and Execution: The Frida script uses the token to authenticate with the server. If the token is valid and the device is authorized, script execution is permitted.
  4. Monitoring and Control: During execution, the server monitors the Frida script requests, ensuring that only authorized operations are performed.
  5. Termination on Failure: If login is not completed in time or the token is invalid, the Frida script is terminated, preventing misuse.

Setup and Configuration:

Node.js Server

  • Dependencies: The Node.js server requires Express.js and MongoDB. You can find the server code here (if you use another server, and post this fork on your github, replace it with the link to your real repository).
  • Setup Instructions:
    1. Clone the repository.
    2. Install dependencies using npm install.
    3. Set up MongoDB and configure the database connection in the server code.
    4. Start the server with npm start.

Script Frida

  • Configuration script.js: The frida script is in the /assets folder of this project, it will contain the logic to be placed in the target app, without it the project has no meaning.

Android App

  • Configuration File: You need to configure the Android app with the server details and public token in the config.json file.
  • AndroidManifest: In addition to config.json, you also need to add the app's package to for the openApp() function to work.
      "splashTextSequence": true,
      "loginApp": [
          "title": "Login FridaGuard",
          "titleInfo": "Welcome FridaGuard!"
      "timeExperienceForUsers": 2000,
      "configs": [
          "public-token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJyb2xlIjoicHVibGljIiwicGVybWlzc2lvbnMiOlsicmVhZCJdLCJpYXQiOjE3MjQ2NDMxOTV9.BRV8NuejKLC0vlOEdpPxpzX-aT4Q8AjYIZYdlwjdK24"
          "package-app": "PACKAGE_APP"
          "url-server": "https://fridaguard-js.onrender.com"

Use Cases:

  • Protection of Sensitive Applications: Ideal for companies wanting to protect their applications from unauthorized analysis, ensuring that only authorized pentesters can perform security tests.
  • Control Access to Analysis Tools: Facilitates the management and control of who can use Frida scripts, preventing misuse.
  • Advanced Security for Developers: Allows developers to add an extra layer of security to their applications, protecting against unauthorized use of tools like Frida.

Workflow Diagram:

+-------------------+    +------------------+    +--------------------+
|   Android App     |    |   Node Server    |    |  Frida Script       |
|                   |    |   (Express.js)   |    |  (App X)            |
+--------+----------+    +--------+---------+    +--------+-----------+
         |                        |                        |
  1. Public Token                 |                        |
  GET /get-app-id                 |                        |
+---------------------->          |                        |
         |                        |                        |
  2. Generate customDeviceId and customBuildId             |
         |                        |                        |
  3. Return IDs                   |                        |
<----------------------           |                        |
         |                        |                        |
  4. Store IDs in                 |                        |
     SharedPreferences            |                        |
         |                        |                        |
  5. Login Request                |                        |
  POST /login-user                |                        |
  with customDeviceId,            |                        |
  customBuildId,                  |                        |
  deviceId, buildId               |                        |
+---------------------->          |                        |
         |                        |                        |
  6. Validate IDs and Credentials |                        |
         |                        |                        |
  7. Generate JWT with 10s expiry |                        |
         |                        |                        |
  8. Return JWT                   |                        |
<----------------------           |                        |
         |                        |                        |
  9. Show Popup                   |                        |
         |                        |                        |
 10. User Confirmation            |                        |
         |                        |                        |
 11. Establish TCP connection with Frida Script and send JWT |
+---------------------->          |                        |
         |                        |                        |
                                  | 12. Receives JWT       |
                                  |  and makes request     |
                                  |  with Bearer Token     |
                                  |  and 'X-Frida-Identifier'|
+----------------------------------------------->          |
                                  |                        |
                                  | 13. Validate JWT and header|
                                  |                        |
                                  | 14. Valid JWT ->       |
                                  |     Executes Frida Script|
                                  |                        |
                                  | 15. If JWT expires or  |
                                  |     header is invalid, |
                                  |     Frida Script terminates|
                                  |     Android App        |