Android Root Detection Bypass (Frida Hooking and APK Patching)

Рет қаралды 22,368

Intigriti

Күн бұрын

Пікірлер: 30

@camelotenglishtuition6394 Жыл бұрын

Very nice work dude!

@intigriti Жыл бұрын

🙏🥰

@pwnhun73r 8 ай бұрын

Amazing content, great explanation!! are you running ADV inside parrot vm with nested virtualization? What spec have the vm? Im trying but sometime i have some issues and lag when is running.

@intigriti 8 ай бұрын

Thank you! I do indeed, it's pretty slow even with the 32gb of RAM I have assigned to the VM lol. It's usable though..

@pwnhun73r 8 ай бұрын

@@intigriti Thank you!!

@muhammedibrahimtekin109 Жыл бұрын

Is it reliable to use Magisk modules to bypass root detection? And is it possible to pass safetynet with frida without magisk?

@intigriti Жыл бұрын

On Magisk, I guess this would depend on the method of root detection used, e.g. the InsecureBankV2 app uses simple string pattern matching, looking for the name of superuser related apk and functions. It's worth saying that bypassing root detection is generally out of scope in bug bounty, e.g. from the itsme BB program: "Bypassing Root- or Hook-detection on Android is currently out-of-scope". The main reason for demonstrating root detection and bypass in these videos is a) it's a good way to learn about patching APKs and dynamic tools like frida and b) the insecure app has root detection bypass built in as one of it's challenges 🙂

@brs2379 4 ай бұрын

How donwe bypass sslpinning, please? Do you have a video on that?

@intigriti 4 ай бұрын

Hey, some of the techniques used in these videos (e.g. Frida hooking) can be used for SSL cert pinning bypass, check this: infosecwriteups.com/hail-frida-the-universal-ssl-pinning-bypass-for-android-e9e1d733d29

@Keerthuvinay 6 ай бұрын

Any solution for zygisk with magisk

@PapitoDios Жыл бұрын

Please send links to download apps!

@intigriti Жыл бұрын

All links are in the description! 😉

@jruiz1951 Жыл бұрын

Hi very nice video, do have any video on how to sniff a Android apk that blocks the vpn sniffer and thanks.

@intigriti Жыл бұрын

The only android videos we have are in this series, we might look to expand it in future though!

@jruiz1951 Жыл бұрын

@@intigriti I'll be in the lookout and thanks!🙂

@MrAndroid8 10 ай бұрын

thanks i need to talk to you about thing, How do I contact you?

@intigriti 10 ай бұрын

Hey, you can join our discord if you want to ask the community questions - go.intigriti.com/discord

@shazilrao2606 Жыл бұрын

Nice 👍

@intigriti Жыл бұрын

Thanks ✌

@TechnicalFaisal Жыл бұрын

Hi can you bypass apk which i will give you bcz i cannot do this if it is possible i can pay for it

@intigriti Жыл бұрын

This isn't something we'd be able to help with, sorry!

@Dultimatej 11 ай бұрын

Do you have a telegram channel. I need to send you some screenshots of by bypass detector

@intigriti 11 ай бұрын

There is an intigriti telegram channel but it's not very active, we normally use it around conferences. You can join our discord though: go.intigriti.com/discord

@kalidsherefuddin Жыл бұрын

Thanks

@intigriti Жыл бұрын

No problem 💜

@odirachukwuonyejefu4034 Жыл бұрын

Thank you sir for this awesome tutorial, please what did you install to run this command? => type -a extract and => extract Please show me how you can extract multiple file extension with one command according to 07:14 - 07:29 Show me everything I need to install to make it work like yours.

@intigriti Жыл бұрын

Hey, thanks mate! For your question: "type -a extract" shows you the bash alias (shortcut) that I have mapped to the "extract" command. You can check here for the full list of bash aliases I use: github.com/Crypto-Cat/CTF/blob/main/my_bash_aliases.md 😊