Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
M
M
Maxim2017-10-15 22:39:37
reverse engineering
Maxim, 2017-10-15 22:39:37

How to find function address in radare2 with r2frida plugin?

Let's say I know the address of the function when I run radare2 in normal mode and in the debugger, it is the same and has a value of 0x0009F170. When I launch radare2 with the r2drida plugin, this function has a different address, how can I find it?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
M
Maxim, 2017-11-12
@khrisanfov

To do this, you need to find out the address of the module through frida, then add the address of the function to the address of the module and subtract the offset of the module.

var offset = 0x00001000;
var base = Module.findBaseAddress('some_app');

Interceptor.attach(base.add(0x0009F170 - offset), { 

});

Similar questions
T
Troodi Larson2018-12-18 18:27:37
How to find where the key is checked? 2Reply
A
AHEHEHEHEHEH2022-03-02 01:39:11
Asm level debug x86 apps on m1 mac? 0Reply
M
moriokii2022-04-05 08:30:48
How to make multiplayer for game without source code? 0Reply
T
tester13372016-10-15 22:06:12
What do angle brackets "" mean in disassembler output? 2Reply
Z
ZhGhost2019-03-21 10:32:32
Dump, what is it? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question