Frida-libcurlUnpinning
Frida-libcurlUnpinning copied to clipboard

Published 20 hours ago •

d0gkiller87

→

Metadata

A Frida script to bypass libcurl (NDK) SSL-Pinning protection in Android apps.

Readme
Issues

Introdution

English | 中文

Bypass libcurl (NDK) SSL-Pinning protection presented in some Android apps.

Pre-requisites

Frida access to your mobile device

Usage

Spawn mode

frida -U -f com.example --no-pause -l Frida-libcurlUnpinning.js

U: Connect to remote device f: Spawn specified app --no-pause: Resume main thread after spawning app l: Load & run script

Attach mode (Recommended)

frida -U -F -l Frida-libcurlUnpinning.js

U: Connect to remote device F: Attach to foreground app l: Load & run script

Example

Credits

iOS libcurl hooking by @Nevermoe

Q & A

Q: How does it work?
A: It’s just ~~a balloon stretched over a cup~~. Jk, it simply hooks curl_easy_setopt and blocks options related to SSL-Pinning.

About

A Frida script to bypass libcurl (NDK) SSL-Pinning protection in Android apps.

reverse-engineering

mobile-security

frida

ssl-pinning

frida-scripts

frida-snippets

frida-javascript

23

Stars

5

Forks

Watchers

Owner

d0gkiller87

← Metadata

23

Stars

5

Forks

Watchers

Owner

d0gkiller87

Metadata

A Frida script to bypass libcurl (NDK) SSL-Pinning protection in Android apps.

Back

Frida-libcurlUnpinning Frida-libcurlUnpinning copied to clipboard

Metadata

Introdution

Pre-requisites

Usage

Spawn mode

Attach mode (Recommended)

Example

Credits

Q & A

← Metadata

Owner

Metadata

Frida-libcurlUnpinning
Frida-libcurlUnpinning copied to clipboard