Universal Android SSL Pinning Bypass with Frida
101 | 388K
Uploaded by: @pcipolloni
Android SSL Re-Pinning, more information can be found here https://techblog.mediaservice.net/2017/07/universal-android-ssl-pinning-bypass-with-frida/
Android SSL Re-Pinning, more information can be found here https://techblog.mediaservice.net/2017/07/universal-android-ssl-pinning-bypass-with-frida/
Another Android ssl certificate pinning bypass script for various methods (https://gist.github.com/akabe1/5632cbc1cd49f0237cbd0a93bc8e4452)
Android antiroot checks bypass
Observe all method calls to a specific class (e.g. observeClass('LicenseManager')) , or dynamically resolve methods to observe using ApiResolver (e.g. observeSomething('*[* *Password:*]')). The script tries to do its best to resolve and display input parameters and return value. Each call log comes with its stacktrace.
Find out which functions are called by a given function on the next call
Show useful info about AES encryption/decryption at application runtime
Developers of Android applications usually tend to add additional "protection" (e.g. AES encryption) to their proprietary communication protocols, or to encrypt local files in order to hide some sensitive information. This snippet intercepts Java Crypto API in Android application, prints a symmetric key, algorithm spec, and a plain data right before the final encryption (as well as a cipher data right before the decryption).
List iOS file data protection classes (NSFileProtectionKey) of an app
Use this frida script to bypass all SSL checks
Libc-based anti-frida bypass (strstr)
find android hook: inline hook/got hook/java hook
Bypass antiroot detection for Xamarin apps!
bypass mostly common android ssl pinning method
Trace the JNI API in Android apps.
iOS通用脱壳脚本 dumpdecrypted with frida to dump iOS encrypted binary
Implementation of Okhttp3 network interceptor