QBDI is quite easy to use when it comes to embedding it inside a binary at compile time (see
but we had no easy way to instrument an already compiled binary. Even if multiple ways can be used to inject QBDI
in a process (from a simple LD_PRELOAD to a tailored injector), we can also rely on Frida core to inject our framework
into an existing process and manipulate QBDI from Frida interface.
Frida already supports various platforms (iOS, Android, Windows, macOS) making it a good choice for any cross platform tool.
frida-qbdi.js that makes all QBDI bindings available through Frida.
How to use Frida / QBDI?¶
To use QBDI on an already existing process you can use the following syntax:
frida -n processName -l frida-qbdi.js
You can also spawn the process using Frida to instrument it with QBDI as soon as it starts:
frida -f binaryPath Arguments -l frida-qbdi.js
If you want to get started using QBDI bindings, you can create a new default project doing:
make NewProject cd NewProject qbdi-frida-template # If you want to build the demo binary mkdir build && cd build cmake .. make # If frida-compile is not installed npm install frida-compile babelify ./node_modules/.bin/frida-compile ../FridaQBDI_sample.js -o RunMe.js # else frida-compile ../FridaQBDI_sample.js -o RunMe.js frida ./demo.bin -l ./RunMe.js
You can find all the information about QBDI bindings in the next section along with a writeup that demonstrates what can be achieved using QBDI with Frida injection.