How to get ANDROID_ID with Frida Code Answer

Hello Developer, Hope you guys are doing great. Today at Tutorial Guruji Official website, we are sharing the answer of How to get ANDROID_ID with Frida without wasting too much if your time.

The question is published on by Tutorial Guruji team.

The ANDROID_ID is unique in each application in Android.

To get the ANDROID_ID with Java inside Android I amd using this code:

import android.content.Context;
import android.content.ContentResolver;
import android.provider.Settings;
protected void onCreate(...) {
  context = (Context)this;
  String androidId = Settings.Secure.getString((ContentResolver)context.getContentResolver(), (String)"android_id");

But I want to run it inside some other application on my andoird phone.
I wanted to use Frida for this.

I am loading my injected script with Python:

import frida
device = frida.get_usb_device()
pid = device.spawn([""])
time.sleep(1) #Without it Java.perform silently fails
session = device.attach(pid)
script = session.create_script(open("jsfrida.js").read())

#prevent the python script from terminating

But inside my script I don’t understand how to call it, this is what I tried:

Java.perform(function (){
  console.log("Inside java perform function");
  var ActivityThread = Java.use('');
  var Context = Java.use('android.content.Context');
  var settings = Java.use('android.provider.Settings.Secure');
  var ctx = Java.cast(ActivityThread.currentApplication().getApplicationContext(), Context);
  var androidId = settings.Secure.getString(ctx.getContentResolver(), "android_id");

But it doesn’t print the androidId, it only prints:

Script loaded successfully 
Inside java perform function


  • Secure is inner class so you need to use $
  • To get CotentResolver you can invoke getContentResolver without casting.
$ frida -Uf --no-pause
    / _  |   Frida 12.1.2 - A world-class dynamic instrumentation toolkit
   | (_| |
    > _  |   Commands:
   /_/ |_|       help      -> Displays the help system
   . . . .       object?   -> Display information about 'object'
   . . . .       exit/quit -> Exit
   . . . .
   . . . .   More info at
Spawned ``. Resuming main thread!                    
function getContext() {
  return Java.use('').currentApplication().getApplicationContext().getContentResolver();
function logAndroidId() {
  console.log('[?]', Java.use('android.provider.Settings$Secure').getString(getContext(), 'android_id'));
[]-> Java.perform(logAndroidId)
[?] 52d1497b52bf8a11
We are here to answer your question about How to get ANDROID_ID with Frida - If you find the proper solution, please don't forgot to share this with your team members.

Related Posts

Tutorial Guruji