0 | 1K
The script returns false/failure for checks on ~50 jailbreak-related paths including Cydia, Sileo, Zebra, substrate libraries, and various jailbreak tool artifacts (checkra1n, palera1n, unc0ver, etc.) 1. JailMonkey - A React Native library that detects jailbroken devices. The script hooks methods like isJailBroken, checkPaths, checkSchemes, checkDylibs, etc. 2. Native iOS APIs - System-level detection methods: - NSFileManager - File existence checks for jailbreak artifacts - UIApplication canOpenURL: - URL scheme checks (cydia://, sileo://, etc.) - C functions: stat, lstat, access - Low-level file checks 3. Anti-debugging measures - Hooks sysctl to remove the P_TRACED flag (0x800) 4. UIAlertController - Blocks jailbreak warning dialogs from being displayed
0 | 80
This Frida script combines two runtime instrumentation techniques into a single payload for Android dynamic analysis. The first section installs an anti-root bypass that hooks Java APIs (PackageManager, File, Runtime.exec, SystemProperties, BufferedReader, ProcessBuilder) and native libc functions (fopen, system) to spoof or suppress indicators that detection routines look for, such as Magisk/SuperSu packages, su/busybox binaries, test-keys build tags, and getprop/mount/build.prop reads. The second section disables Flutter's TLS pinning by scanning the loaded Flutter library's executable memory for byte-pattern signatures of ssl_verify_peer_cert across multiple architectures (arm64, arm, x64, x86) and replacing the matched function with a NativeCallback that unconditionally returns 0. Together these bypasses let an analyst run a hardened Flutter app on a rooted device while transparently intercepting its HTTPS traffic through a proxy without triggering root detection or certificate validation failures. Install super proxy vpn app inside the emulator configure http proxy the run the script. check burp you will be able to see the burp requests.