Frida android repinning
May 28, 20211 min read
Installation of frida
pip3 install frida
pip3 install objectionDownload frida-server (for the target)
wget https://github.com/frida/frida/releases/download/12.1.2/frida-server-12.1.2-android-arm.xz
xz –decompress frida-server-12.1.2-android-arm.xzSetup frida-server on the phone
adb push frida-server-12.1.2-android-x86 /data/local/tmp/frida-server
adb shell chmod 777 /data/local/tmp/frida-server
adb shell "su -c '/data/local/tmp/frida-server &'"Connect to frida server
# New terminal :
frida-ps -U # USB
frida-ps -R 127.0.0.1 # Remote connection (via Wifi)
frida-ps -H 127.0.0.1 # Remote connectionTo inject script into the app
frida -U -f mobi.societegenerale.mobile.lappli.hf.sg -l ANYTHING.js –no-pause-U# USB-f [Package name]# Package name-l# location of the script--no-pause# automatically start main thread after startup
See https://www.frida.re/docs/home/ to learn how to build and inject any script on the apps or download scripts from https://github.com/ or https://codeshare.frida.re/
Inject the Burp certificate to bypass the ssl pinning
adb push burpca-cert-der.crt /data/local/tmp/cert-der.crt
frida -U -f mobi.societegenerale.mobile.lappli.hf.sg -l frida-android-repinning.js –no-pauseor
frida –codeshare pcipolloni/universal-android-ssl-pinning-bypass-with-frida -f YOUR_BINARY
Written By Papa Sall
Papa Sall is a Security Analyst and a Audit team leader @ Societe Generale. As part of his mission within SG, Papa is in charge of helping businesses by protecting their applications from potential hackers and cyber-attacks... Papa prevent attacks and threats to resources owned by the Financial Group. Do you want to know more? Visit my website!