Extend Android Frida caching to iOS

Author: pimterry

src/interceptors/frida/frida-android-integration.ts

@@ -20,7 +20,10 @@ import {
     getFridaServer,
     killProcess,
     launchScript,
-    testAndSelectProxyAddress
+    testAndSelectProxyAddress,
+    createFridaSessionCache,
+    clearFridaSessionCache,
+    getOrCreateFridaSession
 } from './frida-integration';
 
 const ANDROID_DEVICE_HTK_PATH = '/data/local/tmp/.httptoolkit';
@@ -181,47 +184,15 @@ const getFridaStream = (hostId: string, deviceClient: DeviceClient) =>
         });
     });
 
-const fridaSessionCache: Record<string, {
-    fridaSession: FridaJs.FridaSession,
-    cleanup: () => void,
-    timeout: NodeJS.Timeout
-}> = {};
+// Frida session cache for Android hosts
+const fridaSessionCache = createFridaSessionCache();
 
-const FRIDA_SESSION_IDLE_TIMEOUT = 30_000;
-
-function clearFridaSessionCache(hostId: string) {
-    const cached = fridaSessionCache[hostId];
-    if (cached) {
-        clearTimeout(cached.timeout);
-        cached.cleanup();
-        delete fridaSessionCache[hostId];
-    }
-}
-
-async function getOrCreateFridaSession(hostId: string, deviceClient: DeviceClient) {
-    let cached = fridaSessionCache[hostId];
-    if (cached) {
-        clearTimeout(cached.timeout);
-        cached.timeout = setTimeout(() => clearFridaSessionCache(hostId), FRIDA_SESSION_IDLE_TIMEOUT);
-        return { fridaSession: cached.fridaSession, wasCached: true };
-    }
-
-    const fridaStream = await getFridaStream(hostId, deviceClient);
-    const fridaSession = await FridaJs.connect({ stream: fridaStream });
-
-    const timeout = setTimeout(() => clearFridaSessionCache(hostId), FRIDA_SESSION_IDLE_TIMEOUT);
-    const cleanup = () => fridaSession.disconnect()
-        .catch(() => {})
-        .finally(() => fridaStream.destroy());
-
-    fridaSessionCache[hostId] = {
-        fridaSession,
-        cleanup,
-        timeout
-    };
-
-    fridaStream.on('error', cleanup);
-    return { fridaSession, wasCached: false };
+async function getOrCreateAndroidFridaSession(hostId: string, deviceClient: DeviceClient) {
+    return getOrCreateFridaSession(
+        fridaSessionCache,
+        hostId,
+        () => getFridaStream(hostId, deviceClient)
+    );
 }
 
 export async function getAndroidFridaTargets(adbClient: AdbClient, hostId: string): Promise<Array<{
@@ -235,11 +206,10 @@ export async function getAndroidFridaTargets(adbClient: AdbClient, hostId: strin
     let wasCached: boolean = false;
 
     try {
-        ({ fridaSession, wasCached } = await getOrCreateFridaSession(hostId, deviceClient));
-        const apps = await fridaSession.enumerateApplications();
-        return apps;
+        ({ fridaSession, wasCached } = await getOrCreateAndroidFridaSession(hostId, deviceClient));
+        return await fridaSession.enumerateApplications();
     } catch (e) {
-        clearFridaSessionCache(hostId);
+        clearFridaSessionCache(fridaSessionCache, hostId);
         if (wasCached) {
             // When a cached session fails, we retry with a fresh one:
             return getAndroidFridaTargets(adbClient, hostId);

src/interceptors/frida/frida-integration.ts

@@ -202,4 +202,56 @@ export async function launchScript(targetName: string, session: FridaJs.FridaAge
     });
 
     scriptLoaded = true;
+}
+
+// Common Frida session cache logic for Android & iOS
+export interface FridaSessionCache {
+    fridaSession: FridaJs.FridaSession;
+    cleanup: () => void;
+    timeout: NodeJS.Timeout;
+}
+
+export const FRIDA_SESSION_IDLE_TIMEOUT = 30_000;
+
+export function createFridaSessionCache() {
+    return {} as Record<string, FridaSessionCache>;
+}
+
+export function clearFridaSessionCache(cache: Record<string, FridaSessionCache>, hostId: string) {
+    const cached = cache[hostId];
+    if (cached) {
+        clearTimeout(cached.timeout);
+        cached.cleanup();
+        delete cache[hostId];
+    }
+}
+
+export async function getOrCreateFridaSession(
+    cache: Record<string, FridaSessionCache>,
+    hostId: string,
+    getStream: () => Promise<any>
+): Promise<{ fridaSession: FridaJs.FridaSession; wasCached: boolean }> {
+    let cached = cache[hostId];
+    if (cached) {
+        clearTimeout(cached.timeout);
+        cached.timeout = setTimeout(() => clearFridaSessionCache(cache, hostId), FRIDA_SESSION_IDLE_TIMEOUT);
+        return { fridaSession: cached.fridaSession, wasCached: true };
+    }
+
+    const fridaStream = await getStream();
+    const fridaSession = await FridaJs.connect({ stream: fridaStream });
+
+    const timeout = setTimeout(() => clearFridaSessionCache(cache, hostId), FRIDA_SESSION_IDLE_TIMEOUT);
+    const cleanup = () => fridaSession.disconnect()
+        .catch(() => {})
+        .finally(() => fridaStream.destroy());
+
+    cache[hostId] = {
+        fridaSession,
+        cleanup,
+        timeout
+    };
+
+    fridaStream.on('error', cleanup);
+    return { fridaSession, wasCached: false };
 }

src/interceptors/frida/frida-ios-integration.ts

@@ -8,7 +8,10 @@ import {
     FridaHost,
     killProcess,
     launchScript,
-    testAndSelectProxyAddress
+    testAndSelectProxyAddress,
+    createFridaSessionCache,
+    clearFridaSessionCache,
+    getOrCreateFridaSession
 } from './frida-integration';
 
 const isDevicePortOpen = (usbmuxClient: UsbmuxClient, deviceId: number, port: number) =>
@@ -102,27 +105,48 @@ async function getDeviceId(usbmuxClient: UsbmuxClient, hostId: string) {
     return deviceId;
 };
 
-export async function getIosFridaTargets(usbmuxClient: UsbmuxClient, hostId: string) {
-    const deviceId = await getDeviceId(usbmuxClient, hostId);
-
-    // Since we don't start Frida ourselves, alt port will never be used
-    const fridaStream = await usbmuxClient.createDeviceTunnel(deviceId, FRIDA_DEFAULT_PORT);
-
-    const fridaSession = await FridaJs.connect({
-        stream: fridaStream
-    });
-
-    const apps = await fridaSession.enumerateApplications();
-    fridaSession.disconnect().catch(() => {});
-    return apps;
-}
-
 // Various ports which we know that certain apps use for non-HTTP traffic that we
 // can't currently intercept, so we avoid capturing for now.
 const KNOWN_APP_PROBLEMATIC_PORTS: Record<string, number[] | undefined> = {
     'com.spotify.client': [4070]
 };
 
+const fridaSessionCache = createFridaSessionCache();
+
+async function getOrCreateIosFridaSession(hostId: string, usbmuxClient: UsbmuxClient) {
+    return getOrCreateFridaSession(
+        fridaSessionCache,
+        hostId,
+        async () => {
+            const deviceId = await getDeviceId(usbmuxClient, hostId);
+
+            // Since we don't start Frida ourselves, alt port will never be used
+            return usbmuxClient.createDeviceTunnel(deviceId, FRIDA_DEFAULT_PORT);
+        }
+    );
+}
+
+export async function getIosFridaTargets(usbmuxClient: UsbmuxClient, hostId: string): Promise<Array<{
+    pid: number | null;
+    id: string;
+    name: string;
+}>> {
+    let fridaSession: FridaJs.FridaSession;
+    let wasCached: boolean = false;
+    try {
+        ({ fridaSession, wasCached } = await getOrCreateIosFridaSession(hostId, usbmuxClient));
+        return await fridaSession.enumerateApplications();
+    } catch (e) {
+        clearFridaSessionCache(fridaSessionCache, hostId);
+        if (wasCached) {
+            // When a cached session fails, we retry with a fresh one:
+            return getIosFridaTargets(usbmuxClient, hostId);
+        } else {
+            throw e;
+        }
+    }
+}
+
 export async function interceptIosFridaTarget(
     usbmuxClient: UsbmuxClient,
     hostId: string,