Master Frida: Hook Android Apps with Python – Step‑by‑Step Guide

What is Frida?

Frida is a framework for hooking native Android apps (and also iOS, Windows, etc.). It works on apps written in Java for Android and can intercept function calls at runtime.

What is Hooking?

Hooking means inserting a custom operation into a program’s execution flow, similar to creating a hole in a water pipe to modify or observe the flow.

Creating a Python Virtual Environment

You can use a simple Python environment manager to create a virtual environment, for example frida_env.

My Environment

pixel 2 Android 8 (rooted) via USB
Magisk 23.0
Xposed 3.1.5
Python 3.8.6

Frida Versions, Android Versions, and Python Versions

frida12.3.6  Android5-6  Python3.7
frida12.8.0  Android7-8  Python3.8
frida14+      Android9+   Python3.8

These tables are for reference only; actual compatibility may vary.

Frida Installation

Install Frida with a scientific internet connection to avoid slow downloads.

Dependencies

Install the required packages inside the virtual environment:

frida==14.2.18
frida-tools==9.2.5

Verification

After installation, run:

frida --version
frida

If no errors appear, the installation succeeded.

frida‑server Installation

Download frida‑server from the official releases page.

Important Notes

frida‑server version must match the pip‑installed Frida version.

Select the correct platform (Android vs iOS, arm32 vs arm64, emulator, etc.).

For an arm64 device, download the matching server.

Pushing frida‑server to the Device

adb push <xx>/frida-server-14.2.18-android-arm64 /data/local/tmp

Set Permissions

chmod 777 frida-server-14.2.18-android-arm64

Run frida‑server

./frida-server-14.2.18-android-arm64

Keep the terminal window open; the server will wait for connections.

Verification

Activate the virtual environment and run:

frida-ps -U

If device information appears, the connection is successful.

Summary of the process:

Install Frida on the PC.

Run frida‑server on the phone.

Older Versions Note

For Frida ≤12, port forwarding is required:

adb forward tcp:27042 tcp:27042

Summary of frida and frida‑server

On the PC, create a virtual environment and install Frida. On the phone, copy frida‑server to /data/local/tmp, set executable permissions with chmod, and run it.

adb shell
su
cd /data/local/tmp
./frida-server-14.2.18-android-arm64

After this, you can reuse the same steps for future sessions.

WebStorm Installation

Download WebStorm, follow the installer steps, and install Node.js.

WebStorm Frida Configuration

Create an empty project, open the terminal, and run:

npm i @types/frida-gum

This provides code auto‑completion for Frida scripts.

Sample Hook Script

Java.perform(function () {
    console.log("开始hook");
    // Find the class to hook
    let loginActivity = Java.use("com.dodonew.online.ui.LoginActivity");
    // Override the login method
    loginActivity.login.implementation = function (userName, pwd) {
        console.log("login函数执行");
        console.log("userName:", userName);
        console.log("pwd:", pwd);
        // Call the original method to keep the app functional
        return this.login(userName, pwd);
    };
});

Running Frida

Use the following command to inject the script into the target app:

frida -U -F -l xx牛.js
# -U connects to USB device
# -F attaches to the frontmost app
# -l loads the JavaScript file

Press the login button on the phone and observe the console output to confirm the hook.

Final Summary

To master hooking with Frida, follow these steps:

Create a Python virtual environment on the PC and install Frida.

Push frida‑server to the Android device, set executable permissions, and run it.

Write and inject JavaScript hook code to intercept target functions.

Happy hacking!