Create Custom Frida Scripts For Android

Рет қаралды 1,534

Күн бұрын

Пікірлер: 25

@Fragaile Ай бұрын

This is awesome, I was able to bypass emulator detection on an app that I have not found a solution for before. I will definitely be using this for later pentesting!

@CorSecure Ай бұрын

I'm glad it helped!

@sasasnam7993 3 ай бұрын

Bro, You are my teacher.. Thank..

@CorSecure 3 ай бұрын

I'm glad I could help!

@Shinika01 3 ай бұрын

i didn't even notice that Export as Frida Snipet function, omagad!

@mozhago8280 3 ай бұрын

Would you please provide some guide for how to use Frida with Obfuscated APK, I have a hard time trying to hook to stringbuilder toString func and I don't know how the classes are loaded whether through dynamic class loading or via reflection, sometimes Frida gives timeout error when I try to use the enumerateclasses also I don't see the obfuscated classes when I use Frida to print the loaded classes

@amenallahgamer7728 2 ай бұрын

Yes, That's True ✔️

@lennard4454 Ай бұрын

so I have this app which seems to be uncrackable. it detects when frida is attached and instantly closes - it doesn't crash it actually sais in toast message bubble that is has detected an injection. resigning the entire application and it again detects that its not official anymore. there is probably some java/kotlin/assemlby code to patch this but how would you find it? the strings cannot be traced, not obvious method names, probably some obfuscation. so it seems like frida is just for playing around but not usable for real applications.

@CorSecure Ай бұрын

Every application is different, and the app you're working with may have some sophisticated tampering and anti-reversing protections in place. I can't promise you that Frida will work for every application, but it is for much more than just playing around. I use it with real application every day in my day job.

@lennard4454 Ай бұрын

@CorSecure hey thanks for then explanation! I managed to inject code with the a custom lsposed module - I noticed the app close quicker than Frida patches. So at least in Theory the protection can be patched.

@zhenobiikuzo4957 Ай бұрын

hii btw do you consider making a discord community?

@kayodep.i5012 3 ай бұрын

I get error: externally-managed environment when I run pip3 install Frida tools. Any videos explaining what to do? Newbie

@CorSecure 3 ай бұрын

That is an issue with python. This might help: stackoverflow.com/questions/75608323/how-do-i-solve-error-externally-managed-environment-every-time-i-use-pip-3

@HdhdDhdh-j1d 2 ай бұрын

How to do ssl pinning

@susaniiiiiita 2 ай бұрын

bro can you explain how we can sniff apks with vpn or ip proxy????not posible isnt it?

@heyitsmehere 3 ай бұрын

Thanks for the video

@omerdemir9445 3 ай бұрын

What kind of frida script should we make to do ssl pinning on instagram?

@CorSecure 3 ай бұрын

I haven't had a chance to try it myself, but I did a quick search and found this from the Frida Codeshare: codeshare.frida.re/@Eltion/instagram-ssl-pinning-bypass/ I don't know how old it is, but it might work.