To reverse engineere a native library on Android (.so file), I need to hook into function calls inside this library.
Using ghidra (or similar tools) I get a fairly good decompiled code. However the two commercial debuggers I've access to (IDA 7.0 ane JEB) are unusable as they are insanely slow and eventually crash (they don't even fully utilize the available hardware).
Using Frida, I can trace entry / exit point of all methods in Java, including the native ones. but there after I'm blind.
Can I use Frida to trace arm native code? (knowing the symbol names)
Yes.
Interceptor.attach(Module.findExportByName('libsomething.so', 'SymbolName'), {
onEnter: function (args) {
console.log('onEnter');
},
// onLeave..
});