Hey!
As many probably have encountered similar issues - getting frida to run on emulators - especially if u want to use tools like the il2cpp-bridge - things turn out quite complicated and volatile.
I have tested somewhat extensively though I'm still encountering a few critical issues.
On most emulators and their respective versions you will end up not being able to see all critical libraries - including libil2cpp.so. To circumvent this issue I specifically use ldplayer 7.1 32 bit with a few specific frida versions like 16.5.2.
This enabled me to run --realm=emulated which seems to be unavoidable if you want to have access to these libs while running on an emulator.
The issue with this is - > this leads to the java vm bricking, meaning all java related functions will not be available anymore. On itself this isnt too bad (native functions all work, il2cpp-bridge will also work), but it does limit the potency of frida by a good bit.
Getting into more protected games, injecting into the process will turn out being impossible (no matter if by pid or name), tampering the apk or using frida gadget would also not work out to be the solution.
So now I'm stuck in a rather annoying spot. The only way I can aim to use the il2cpp-bridge is by SPAWNING the process with --realm=emulated directly. Spawning the app makes it a lot more subsceptible for anti-frida detections. Additionally as mentioned prior - I will also not be able to use the java vm for easier bypassing.
As if it wasn't hard enough already - this particular emulator setup seems to be incapable of using magisk - which further complicates a lot of things.
Inevitably, I'm currently trying to effectively brute-force my way in using frida - > spawning the process and immediately running scripts to bypass a lot of things, including root, emulator, frida-tools etc detections. It certainly is possible and I think im getting pretty close, but the frida specific detections are quite annoying so I'd really appreciate any help.
TLDR:
Is it possible to restore/use the java vm while --realm=emulated?
Is it possible to install magisk on this setup - or are others setups that can use magisk able to achieve the same as mine?
As many probably have encountered similar issues - getting frida to run on emulators - especially if u want to use tools like the il2cpp-bridge - things turn out quite complicated and volatile.
I have tested somewhat extensively though I'm still encountering a few critical issues.
On most emulators and their respective versions you will end up not being able to see all critical libraries - including libil2cpp.so. To circumvent this issue I specifically use ldplayer 7.1 32 bit with a few specific frida versions like 16.5.2.
This enabled me to run --realm=emulated which seems to be unavoidable if you want to have access to these libs while running on an emulator.
The issue with this is - > this leads to the java vm bricking, meaning all java related functions will not be available anymore. On itself this isnt too bad (native functions all work, il2cpp-bridge will also work), but it does limit the potency of frida by a good bit.
Getting into more protected games, injecting into the process will turn out being impossible (no matter if by pid or name), tampering the apk or using frida gadget would also not work out to be the solution.
So now I'm stuck in a rather annoying spot. The only way I can aim to use the il2cpp-bridge is by SPAWNING the process with --realm=emulated directly. Spawning the app makes it a lot more subsceptible for anti-frida detections. Additionally as mentioned prior - I will also not be able to use the java vm for easier bypassing.
As if it wasn't hard enough already - this particular emulator setup seems to be incapable of using magisk - which further complicates a lot of things.
Inevitably, I'm currently trying to effectively brute-force my way in using frida - > spawning the process and immediately running scripts to bypass a lot of things, including root, emulator, frida-tools etc detections. It certainly is possible and I think im getting pretty close, but the frida specific detections are quite annoying so I'd really appreciate any help.
TLDR:
Is it possible to restore/use the java vm while --realm=emulated?
Is it possible to install magisk on this setup - or are others setups that can use magisk able to achieve the same as mine?