Frida-libcurlUnpinning icon indicating copy to clipboard operation
Frida-libcurlUnpinning copied to clipboard

Published 20 hours ago verified publisher icon d0gkiller87

Metadata

A Frida script to bypass libcurl (NDK) SSL-Pinning protection in Android apps.

Introdution

English | 中文

Bypass libcurl (NDK) SSL-Pinning protection presented in some Android apps.

Pre-requisites

  • Frida access to your mobile device

Usage

Spawn mode

frida -U -f com.example --no-pause -l Frida-libcurlUnpinning.js

U: Connect to remote device f: Spawn specified app --no-pause: Resume main thread after spawning app l: Load & run script

Attach mode (Recommended)

frida -U -F -l Frida-libcurlUnpinning.js

U: Connect to remote device F: Attach to foreground app l: Load & run script

Example

Credits

Q & A

  • Q: How does it work?
  • A: It’s just ~~a balloon stretched over a cup~~. Jk, it simply hooks curl_easy_setopt and blocks options related to SSL-Pinning.

Metadata

23
Stars
5
Forks
Watchers

Owner

verified publisher icon d0gkiller87

Metadata

A Frida script to bypass libcurl (NDK) SSL-Pinning protection in Android apps.

Back