Pentest / Tutorial

Frida android repinning

May 28, 20211 min read
Frida
Photo by Frida.re

Installation of frida

pip3 install frida
pip3 install objection

Download frida-server (for the target)

wget https://github.com/frida/frida/releases/download/12.1.2/frida-server-12.1.2-android-arm.xz
xz –decompress frida-server-12.1.2-android-arm.xz

Setup frida-server on the phone

adb push frida-server-12.1.2-android-x86 /data/local/tmp/frida-server
adb shell chmod 777 /data/local/tmp/frida-server
adb shell "su -c '/data/local/tmp/frida-server &'"

Connect to frida server

# New terminal :
frida-ps -U # USB
frida-ps -R 127.0.0.1 # Remote connection (via Wifi)
frida-ps -H 127.0.0.1 # Remote connection

To inject script into the app

frida -U -f mobi.societegenerale.mobile.lappli.hf.sg -l ANYTHING.js –no-pause
  • -U # USB
  • -f [Package name] # Package name
  • -l # location of the script
  • --no-pause # automatically start main thread after startup

See https://www.frida.re/docs/home/ to learn how to build and inject any script on the apps or download scripts from https://github.com/ or https://codeshare.frida.re/

Inject the Burp certificate to bypass the ssl pinning

adb push burpca-cert-der.crt /data/local/tmp/cert-der.crt
frida -U -f mobi.societegenerale.mobile.lappli.hf.sg -l frida-android-repinning.js –no-pause

or

frida –codeshare pcipolloni/universal-android-ssl-pinning-bypass-with-frida -f YOUR_BINARY
kalifridaandroidtools