I got an error when I browse 127.0.0.1:8000, see pic
https://i.imgur.com/WLHjeoT.png
https://i.imgur.com/Xpx114X.png

Keep getting message "[+] Updating intercept_conf with {"classname": "", "packagename": "com.ha0k3.overloads", "methodname": "", "overloadIndex": 0}" and nothing happens.
Recorded screencap: https://streamable.com/w85wa

When I run command:
python3 app.py 8000
I get the following error:
Traceback (most recent call last):
File "/Users/uh/Downloads/house/app.py", line 23, in
from houseGlobal import house_global, app, socketio, random_token
File "/Users/uh/Downloads/house/houseGlobal.py", line 23, in
from flask import Flask
ModuleNotFoundError: No module named 'flask'

OS:
Same on MAC and Kali.
Thank you for help.

This is not a bug, but more of a feature I was thinking would be useful to House. Perhaps you could implement a way to invoke methods without the necessity of them being hooked prior. Would be a nice addition. :)

I am using malicious sample Android/Alien dc215663af92d41f40f36088ec1b850b81092ea94a4a061a9ce88178daee965a.
I want to hook in class mgcmudrfccmnwasmkd.qalnmoqsc.oygfoqispqmmjqqkuij.gjavovxatuj, which is dynamically loaded, a method private String a(String arg5).
I use:

• Start panel: an Android emulator, via USB, and package name msqqqwokejyfwim.bzsotef.ftonpdptfkkfhcjxkrr
• Hook panel: I specify the class and method name. I managed to get it to work without specifying anything more! (did not need to specify overload type nor dynamic path).

Sometimes it works.
See below.

This is good.
But sometimes (often) it does not work.
The most common error I get is [!] Process not found, trying to spawn it...
Some other times I get [!]Error: Error: java.lang.ClassNotFoundException: Didn't find class "msqqqwokejyfwim.bzsotef.ftonpdptfkkfhcjxkrr.gjavovxatuj" on path: DexPathList[[zip file "/data/user/0/msqqqwokejyfwim.bzsotef.ftonpdptfkkfhcjxkrr/app_DynamicOptDex/jeSk.json"],nativeLibraryDirectories=[, /system/lib64, /vendor/lib64]]
Note that the path /data/user/0/msqqqwokejyfwim.bzsotef.ftonpdptfkkfhcjxkrr/app_DynamicOptDex/jeSk.json corresponds to the dynamically loaded dex (unpacked).
Sometimes I get "nothing". Nothing happens.

I am unsure if this is a bug, or if I am doing something wrong, but I'd be grateful to have a solution that works 100% all the time :)

It would be great if House can implementing following features for its UI:

1. Auto-complete! Make the input filed auto-complete; since House already does enumeration, it would be nice if House can store the enum result and implement the auto-complete using drop-downs.

2. Make the UI design more reasonable: it would be nice if the UI can look more smooth and interactive, eg. The editors or some DIVs can be drag-able or resize-able; some informative information(such as detailed hook messages) can be toggled or minimized.

PFs are greatly appreciated and lets make open-source project better :)

I tried to connect my rooted emulator but get this error:

[!]load_script Exception: need Gadget to attach on jailed Android; its default location is: C:\Users\XXX\AppData\Local\Microsoft\Windows\INetCache\frida\gadget-android-arm64.so

What should I do? Please help.

Would it be possible to extend house to also include HTTP request/response bodies?

I may be an idiot (has happened before), but is there a way to launch app instead of attach using house? I need to perform hooks as soon as the app is loaded. Thanks in advance.

Hi on running python app.py 5454 i am getting this error.

Good day, I am a graphics designer and i have a new logo design for your project. Please reply on this issue if you want to see it.

"pipenv --python=/usr/bin/python3 install" cmd not run my windows 10
C:\Users\gsudi\house>pipenv --python=/usr/bin/python3 install
'pipenv' is not recognized as an internal or external command,
operable program or batch file.

C:\Users\gsudi\AppData\Roaming\Python\Python39\Scripts>pipenv --python=/usr/bin/python3 install
Usage: pipenv [OPTIONS] COMMAND [ARGS]...
Try 'pipenv -h' for help.

Error: Invalid value for '--python': Expected Python at path /usr/bin/python3 does not exist

solve my problem

Does not work with dynamic loaded classes

Hi, I have one question is that the frida require python3.x , and house is require python2.x ，
if i use python3.x ，and run python3.x app.py 8888 , an error appeared ,

File "app.py", line 127
"""
^
SyntaxError: invalid syntax

Sorry for not a bug, but I can't quite figure out the native hooking:

{"classname":"libc.so","methodname":"recvfrom"}
{"classname":"libc.so","methodname":"open"}

seems to load fine but neither get hit. I can see them hit in frida-trace however. Happy to write up some docs on it so figured file as a bug for record rather than emailing.

I tried to connect my rooted phone but get this error:

[!]load_script Exception: need Gadget to attach on jailed Android; its default location is: C:\Users\XXX\AppData\Local\Microsoft\Windows\INetCache\frida\gadget-android-arm64.so

What should I do?

I'm not sure if it's by design but House doesn't support remote device (via TCP) yet.

My case was that I had to connect to a phone with Frida server listening on an internal IP address. It may sound weird but the phone was shared for testing and it's not USB connected to my laptop, so I had to modify some codes for a quick workaround:

1. To register the remote device in device manager: house_global.device_manager.add_remote_device('[Phone_IP]')
   (I just hardcoded the IP). I added this in houseSock.py.

2. To get the device: replace house_global.device = frida.get_usb_device() with house_global.device = house_global.device_manager.enumerate_devices()[-1] (Yes hardcoding again).

There's definitely a better way to implement this. I just wonder if there's any future plan on supporting the remote devices?

标题

Add hook/intercept option for constructors

when hook a method, This error always happens.

hi, house can't bypass SSL Pinning for :
https://play.google.com/store/apps/details?id=com.bpm.sekeh&hl=fa
not work, can you check that ?

this issue,frida/frida-java-bridge#78 you know how to got it ？

can't install it due to unknown reason, already tested this apk in android 6 and android 7, both time unsuccessful to install it.

In the Hooks tab, I enter:

• a classname
• a method name
• an overload type.

Then, I add the entry and generate the script. The generated script has a few warnings. For example:

• missing semi colons at the end of some lines
• already defined variables. e.g. below c_gjavovxatuj_hook_a_hook is defined twice.

var c_gjavovxatuj_hook_a_hook = null
var cell = {}
	
var c_gjavovxatuj_hook_a_hook = eval("c_gjavovxatuj_hook.a.overload('java.lang.String')")

Device : LGE Nexus 5X.
Frida Server version: 11.0.13 android arm64.
Device OS: Android 8.1.0 Rooted.

Frida Server is running and Fridump & Frida-ps work like a charm.

House recognizes the device but the package does not get loaded in the House Browser UI.

when I start the tool it stays on waiting for device and Package.
I looked into the code you are using the firda-python and get USB device function to get the plugged in USB devices
and this should work for android emulator but I can not see my device.
any idea why?

After loading an application, I am getting this error:

Frida-server is running on the device (frida-ps -U works and shows running app).
Any idea where does it come from?

Traceback (most recent call last):
File "app.py", line 191, in
main()
File "app.py", line 168, in main
with open('./config/monitor_conf.json','r') as f:
FileNotFoundError: [Errno 2] No such file or directory: './config/monitor_conf.json'

It would be nice if you could use a dropdown menu to select the package you want to analyze.

Something like tyilo@bd524c6 but better.

Environment

OS and Version: Ubuntu 20.0.4.2 LTS
Python Version: Python 3.8.5
Genymotionvm: Android API 25, Android 7.1

Explanation of the Issue

House connection timeout when used with Genymotion VM.

Steps to Reproduce the issue

1. Downloading and installing House, making sure the requirements are correct
2. Start House

Stack trace

`Error on request:
Traceback (most recent call last):
File "/home/appanalyse/.local/share/virtualenvs/house-C-9l96Nc/lib/python3.8/site-packages/werkzeug/serving.py", line 319, 
in run_wsgi execute(self.server.app) 
File "/home/appanalyse/.local/share/virtualenvs/house-C-9l96Nc/lib/python3.8/site-packages/werkzeug/serving.py", line 308, 
in execute application_iter = app(environ, start_response)  
File "/home/appanalyse/.local/share/virtualenvs/house-C-9l96Nc/lib/python3.8/site-packages/flask/app.py", line 2463, in call
return self.wsgi_app(environ, start_response)
File "/home/appanalyse/.local/share/virtualenvs/house-C-9l96Nc/lib/python3.8/site-packages/flask_socketio/init.py", line 45, in 
call return super(_SocketIOMiddleware, self).call(environ,
File "/home/appanalyse/.local/share/virtualenvs/house-C-9l96Nc/lib/python3.8/site-packages/engineio/middleware.py", line 
60, in call return self.engineio_app.handle_request(environ, start_response)
File "/home/appanalyse/.local/share/virtualenvs/house-C-9l96Nc/lib/python3.8/site-packages/socketio/server.py", line 563, in 
handle_request return self.eio.handle_request(environ, start_response)
File "/home/appanalyse/.local/share/virtualenvs/house-C-9l96Nc/lib/python3.8/site-packages/engineio/server.py", line 416, in 
handle_request socket = self._get_socket(sid)
File "/home/appanalyse/.local/share/virtualenvs/house-C-9l96Nc/lib/python3.8/site-packages/engineio/server.py", line 609, in 
_get_socket raise KeyError('Session is disconnected')
KeyError: 'Session is disconnected'`

Possible Solution

install frida 12.8.3, aswell as frida-server 12.8.3 in the VM.

Further testing is being done right now, but it looks like this fixes the issues.

This Issue looks similiar to: miguelgrinberg/Flask-SocketIO#248 but the solution consists of downgrading Frida instead of Flask-SocketIO, so I am unsure if everything is fixed.
Also the Flask-SocketIO-Issue used python2, but apart from that it looks pretty similiar.

Here is a screenshot with the bug present (it's stuck waiting for device & package):

Here is a screenshot with the bug fixed:

{{ method_hook }} is always last method in here

I'm not able to see the device connected to the USD port. frida-ps -U works and lists the processes.

When the app starts I see the following:

  ___ ___
 /   |   \  ____  __ __  ______ ____
/    ~    \/  _ \|  |  \/  ___// __ \
\    Y    (  <_> )  |  /\___ \  ___/
 \___|_  / \____/|____//____  >\___  >
       \/      House        \/     \/

    Dynamic Mobile Analysis Tool
    Contact: [email protected]

Communications will happen over USB, make sure have your android device plugged in.

[+] House running at http://127.0.0.1:5000
 * Serving Flask app "houseGlobal" (lazy loading)
 * Environment: production
   WARNING: This is a development server. Do not use it in a production deployment.
   Use a production WSGI server instead.
 * Debug mode: off
The client is using an unsupported version of the Socket.IO or Engine.IO protocols (further occurrences of this error will be logged with level INFO)

Hi, how I can hook all methods with the given class.
And how I can enum if a class have multiple methods with same name but different type a() ; a(android.content.Context); a(java.lang.String,boolean)
Thanks.

Hello,
i installed the tool and fire it up using the command
python app.py 1337 using PIPENV and than the server returns blank screen.

hello.

I only have python3.X, so I run it, it cannot support python3.X.