📜Dynamic Analysis
Automate SSL Pining Bypass using Objection
ensure you have Frida and Objection installed
apt install zipalign
apt install apktool
Note: confirming successful APK building, located at the same path where you executed the command “objection patchapk -s (apk path).”
//objection pacthapk --source package_name.apk
//objection pacthipa --source package_name.iso
Note: Prior to executing this command, ensure your device is connected to ADB. Then, run the command “adb install [apk]” to install the APK previously built by Objection.
# install apllication to Drag and Drop
# Open the Application
//objection explore
//android sslpinning disable
# Congratulations SSL Pinning Bypassed!!-------------------------------------------------------------
Patching SSl Pining Bypass Applications Manually:
//apktool d -r app_package.apk
# download frida gadget -with adroid and applicalication arc version.
# extract the compressed archive
# copy frida gadget library in x86_64 directory under lib.
# Change FileName frida-gadget.so to libfrida-gadget.so
# copy Code in MainActivity.smali File in b3nec directory under smali
//apktool b InjuredAndroid-1.0.12-release -o injured_patched.apk
//keytool -genkey -v -keystore demo.keystore -alias demokyes -keyalg RSA -keysize 2048 -validity 10000
//jarsigner -sigalg SHA256withRSA -digestalg SHA256 -keystore demo.keystore -storepass test123 injured_patched.apk demokyes
//jarsigner -verify injured_patched.apk
//zipalign 4 injured_patched.apk injured_patchedfinal.apk
# install apllication to Drag and Drop
# Open the Application
//objection explore
//android sslpinning disable
# Congratulations SSL Pinning Bypassed!!
## Error Handling:
sudo apt --purge remove zipalign
nano /etc/apt/sources.list
Paste the link: deb http://ftp.de.debian.org/debian buster main
sudo apt update
sudo apt install zipalign-------------------------------------------------------------
Last updated