Frida detection implemented

Author: Anandbotq

app/build.gradle

@@ -28,7 +28,7 @@ android {
         targetCompatibility JavaVersion.VERSION_17
     }
     kotlinOptions {
-        jvmTarget = '11'
+        jvmTarget = '17'
     }
     buildFeatures {
         viewBinding true

gradle/wrapper/gradle-wrapper.jar

@@ -1,6 +1,7 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-7.5-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.9-bin.zip
 networkTimeout=10000
+validateDistributionUrl=true
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists

gradle/wrapper/gradle-wrapper.properties

@@ -15,6 +15,8 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
+# SPDX-License-Identifier: Apache-2.0
+#
 
 ##############################################################################
 #
@@ -55,7 +57,7 @@
 #       Darwin, MinGW, and NonStop.
 #
 #   (3) This script is generated from the Groovy template
-#       https://github.com/gradle/gradle/blob/HEAD/subprojects/plugins/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
+#       https://github.com/gradle/gradle/blob/HEAD/platforms/jvm/plugins-application/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
 #       within the Gradle project.
 #
 #       You can find Gradle at https://github.com/gradle/gradle/.
@@ -83,10 +85,9 @@ done
 # This is normally unused
 # shellcheck disable=SC2034
 APP_BASE_NAME=${0##*/}
-APP_HOME=$( cd "${APP_HOME:-./}" && pwd -P ) || exit
-
-# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
-DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
+# Discard cd standard output in case $CDPATH is set (https://github.com/gradle/gradle/issues/25036)
+APP_HOME=$( cd -P "${APP_HOME:-./}" > /dev/null && printf '%s
+' "$PWD" ) || exit
 
 # Use the maximum available, or set MAX_FD != -1 to use that value.
 MAX_FD=maximum
@@ -133,26 +134,29 @@ location of your Java installation."
     fi
 else
     JAVACMD=java
-    which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
+    if ! command -v java >/dev/null 2>&1
+    then
+        die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
 
 Please set the JAVA_HOME variable in your environment to match the
 location of your Java installation."
+    fi
 fi
 
 # Increase the maximum file descriptors if we can.
 if ! "$cygwin" && ! "$darwin" && ! "$nonstop" ; then
     case $MAX_FD in #(
       max*)
         # In POSIX sh, ulimit -H is undefined. That's why the result is checked to see if it worked.
-        # shellcheck disable=SC3045
+        # shellcheck disable=SC2039,SC3045
         MAX_FD=$( ulimit -H -n ) ||
             warn "Could not query maximum file descriptor limit"
     esac
     case $MAX_FD in  #(
       '' | soft) :;; #(
       *)
         # In POSIX sh, ulimit -n is undefined. That's why the result is checked to see if it worked.
-        # shellcheck disable=SC3045
+        # shellcheck disable=SC2039,SC3045
         ulimit -n "$MAX_FD" ||
             warn "Could not set maximum file descriptor limit to $MAX_FD"
     esac
@@ -197,11 +201,15 @@ if "$cygwin" || "$msys" ; then
     done
 fi
 
-# Collect all arguments for the java command;
-#   * $DEFAULT_JVM_OPTS, $JAVA_OPTS, and $GRADLE_OPTS can contain fragments of
-#     shell script including quotes and variable substitutions, so put them in
-#     double quotes to make sure that they get re-expanded; and
-#   * put everything else in single quotes, so that it's not re-expanded.
+
+# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
+DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
+
+# Collect all arguments for the java command:
+#   * DEFAULT_JVM_OPTS, JAVA_OPTS, JAVA_OPTS, and optsEnvironmentVar are not allowed to contain shell fragments,
+#     and any embedded shellness will be escaped.
+#   * For example: A user cannot expect ${Hostname} to be expanded, as it is an environment variable and will be
+#     treated as '${Hostname}' itself on the command line.
 
 set -- \
         "-Dorg.gradle.appname=$APP_BASE_NAME" \

gradlew

@@ -13,6 +13,8 @@
 @rem See the License for the specific language governing permissions and
 @rem limitations under the License.
 @rem
+@rem SPDX-License-Identifier: Apache-2.0
+@rem
 
 @if "%DEBUG%"=="" @echo off
 @rem ##########################################################################
@@ -43,11 +45,11 @@ set JAVA_EXE=java.exe
 %JAVA_EXE% -version >NUL 2>&1
 if %ERRORLEVEL% equ 0 goto execute
 
-echo.
-echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
-echo.
-echo Please set the JAVA_HOME variable in your environment to match the
-echo location of your Java installation.
+echo. 1>&2
+echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. 1>&2
+echo. 1>&2
+echo Please set the JAVA_HOME variable in your environment to match the 1>&2
+echo location of your Java installation. 1>&2
 
 goto fail
 
@@ -57,11 +59,11 @@ set JAVA_EXE=%JAVA_HOME%/bin/java.exe
 
 if exist "%JAVA_EXE%" goto execute
 
-echo.
-echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME%
-echo.
-echo Please set the JAVA_HOME variable in your environment to match the
-echo location of your Java installation.
+echo. 1>&2
+echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% 1>&2
+echo. 1>&2
+echo Please set the JAVA_HOME variable in your environment to match the 1>&2
+echo location of your Java installation. 1>&2
 
 goto fail
 

gradlew.bat

@@ -0,0 +1,90 @@
+package com.webileapps.safeguard;
+
+import android.util.Log;
+
+import java.io.BufferedReader;
+import java.io.File;
+import java.io.InputStreamReader;
+import java.util.Arrays;
+import java.util.List;
+
+public class FridaDetection {
+
+    public boolean detectFridaServer() {
+        List<String> suspiciousProcesses = Arrays.asList("frida", "gum-js-loop", "frida-agent", "frida-server");
+
+        try {
+            File[] files = new File("/proc").listFiles();
+            if (files == null) return false;
+
+            for (File file : files) {
+                if (file.getName().matches("\\d+")) {  // Check only PID directories
+                    String cmdline = new String(java.nio.file.Files.readAllBytes(new File("/proc/" + file.getName() + "/cmdline").toPath()));
+                    for (String suspiciousProcess : suspiciousProcesses) {
+                        if (cmdline.contains(suspiciousProcess)) {
+                            Log.e("Security", "Frida detected: " + cmdline);
+                            return true;
+                        }
+                    }
+                }
+            }
+            return false;
+        } catch (Exception e) {
+            e.printStackTrace();
+            return false;
+        }
+    }
+
+    public boolean detectFridaPort() {
+        try {
+            Process process = Runtime.getRuntime().exec("netstat -an");
+            BufferedReader reader = new BufferedReader(new InputStreamReader(process.getInputStream()));
+            return reader.lines().anyMatch(line -> line.contains("27042") || line.contains("frida"));
+        } catch (Exception e) {
+            e.printStackTrace();
+            return false;
+        }
+    }
+
+    public boolean detectFridaLibrary() {
+        try {
+            String maps = new String(java.nio.file.Files.readAllBytes(new File("/proc/self/maps").toPath()));
+            if (maps.contains("frida") || maps.contains("gum-js")) {
+                Log.e("Security", "Frida detected in memory!");
+                return true;
+            }
+            return false;
+        } catch (Exception e) {
+            e.printStackTrace();
+            return false;
+        }
+    }
+
+    public boolean detectFridaTracer() {
+        try {
+            List<String> statusLines = java.nio.file.Files.readAllLines(new File("/proc/self/status").toPath());
+            for (String line : statusLines) {
+                if (line.startsWith("TracerPid")) {
+                    int tracerPid = Integer.parseInt(line.split("\t")[1].trim());
+                    return tracerPid > 0;
+                }
+            }
+            return false;
+        } catch (Exception e) {
+            e.printStackTrace();
+            return false;
+        }
+    }
+
+    public boolean detectFridaDebugging() {
+        boolean fridaServer = detectFridaServer();
+        boolean fridaPort = detectFridaPort();
+        boolean fridaLibrary = detectFridaLibrary();
+        boolean fridaTracer = detectFridaTracer();
+
+        boolean detected = fridaServer || fridaPort || fridaLibrary || fridaTracer;
+        Log.e("Security>>>", "Frida detection result: Server=" + fridaServer + ", Port=" + fridaPort + ", Library=" + fridaLibrary + ", Tracer=" + fridaTracer);
+
+        return detected;
+    }
+}

protect/src/main/java/com/webileapps/safeguard/FridaDetection.java

@@ -1,6 +1,7 @@
 package com.webileapps.safeguard;
 
 import android.Manifest;
+import android.app.ActivityManager;
 import android.app.AlertDialog;
 import android.content.Context;
 import android.content.pm.PackageManager;
@@ -12,6 +13,8 @@
 import android.net.NetworkRequest;
 import android.net.LinkProperties;
 import android.os.Build;
+import android.os.Handler;
+import android.os.Looper;
 import android.provider.Settings;
 import android.telephony.PhoneStateListener;
 import android.telephony.TelephonyCallback;
@@ -45,6 +48,7 @@ public class SecurityChecker {
     private ComponentActivity activity;
     private Runnable permissionGrantedCallback;
     private ActivityResultLauncher<String> permissionLauncher;
+    private Handler handler = new Handler(Looper.getMainLooper());
 
     public static class SecurityConfig {
         private final SecurityCheckState rootCheck;
@@ -755,4 +759,29 @@ public void checkFileIntegrity(String filePath, String expectedChecksum) {
             Log.e("ChecksumValidation", "File does not exist: " + filePath);
         }
     }
+
+    public void startFridaDetection(){
+
+        handler.post(new Runnable() {
+            @Override
+            public void run() {
+                FridaDetection fridaDetection = new FridaDetection();
+                if(fridaDetection.detectFridaDebugging()){
+                    exitApp();
+                }
+                handler.postDelayed(this,5000);
+            }
+        });
+    }
+
+    public void exitApp(){
+        ActivityManager activityManager= (ActivityManager) context.getSystemService(Context.ACTIVITY_SERVICE);
+        if (activityManager != null) {
+            for (ActivityManager.AppTask task : activityManager.getAppTasks()) {
+                task.finishAndRemoveTask(); // Finish and remove each task
+            }
+        }
+        System.exit(0);
+    }
+
 }

protect/src/main/java/com/webileapps/safeguard/SecurityChecker.java

@@ -9,6 +9,7 @@ public class SecurityConfigManager {
     public static void initialize(Context context, SecurityChecker.SecurityConfig configuration) {
         config = configuration;
         securityChecker = new SecurityChecker(context, configuration);
+        new SecurityChecker(context).startFridaDetection();
     }
 
     public static SecurityChecker getSecurityChecker() {

protect/src/main/java/com/webileapps/safeguard/SecurityConfigManager.java

@@ -16,5 +16,5 @@ dependencyResolutionManagement {
 }
 
 rootProject.name = "protect"
-include ':protect'
+include ':protect',':app'
 // include ':app'