That's a difficult question. Ultimately, I don't think it is possible to implement SSL pinning in a way that is impossible to bypass. By the nature of mobile applications, the attacker has full access to the binary and can reverse engineer it to bypass any protections that are in place on the client side. However, there are some types of more robust pinning methods and other protections out there that can be much more difficult to bypass than the common types of pinning that I bypassed in this video. It's really a question of whether those more robust protections are worth the additional effort (or cost) associated with them.

If this is the error message that I think it is, then it most likely means that the version numbers don't match between the frida server on the device and frida on your host machine. You can check the version numbers by running frida --version on your host and ./frida-server --version from the directory where it was installed on the mobile device. I'm not sure about a slack, but I usually check the frida github issues page whenever I am having problems. Most of the time there is already a thread that covers whatever problems I am having. github.com/frida/frida/issues/2326

Yep. The -U flag tells it use the device that is connected with ADB. There is also an option to use the -R flag to connect to remote device. I never use that option though since I always have my device connected.

If the proxy is configured correctly, then SSL pinning is a very likely reason why you wouldn't be seeing traffic. You should see some TLS errors in the error log on your Burp Suite dashboard if that is the case. I have some additional instructions on my website if that helps. corsecure.blog/2023/08/24/bypassing-ssl-pinning-with-frida/

The -U flag just tells Frida to connect to the device that is connected with ADB. it's technically not connected over USB, but from the perspective of Frida, being connected to ADB is the same thing as if it was connected with a USB cable.

Is the device that you are using rooted? I have never seen this particular error before, but the phrase "jailed Android" make it seem like it is a non-rooted device. If so, I don't believe that this method of bypassing SSL Pinning will work. However, I do have another video that shows a different method of bypassing SSL Pinning that will work on a non-rooted device. kzbin.info/www/bejne/p5Ktc4qZqsp2f6M

​@@CorSecure yes, a rooted emulator. It's fixed now. Somehow my adb got disconnected and need to reconnect through tcpip to make it visible on adb devices. But I got the following error. Still in bypass ssl pinning. "" I've tried to turn off the check for server and publisher's certificate revocation, make codeshare as a trusted site, and sync my time windows with the internet. Nothing works with that.

@@AryYuliantoo I wish I could help, but I've never come across that error when using Frida before. My best recommendation would be to try using Objection, which I go over in the video I linked in my last comment. You may have better luck using that method to bypass SSL Pinning.

@@CorSecure no worries, found the answer. It had something to do with the expiring certificate from Let’s Encrypt. Even though you can't help directly but this little discussion could lead to the other things for me. Thanks for the quick response anyways. About non-root android, I have no idea how to install apksigner and zipalign in the windows command prompt. And also it's already worked right now. Great video! :)

@@CorSecure Failed to spawn: need Gadget to attach on jailed Android; its default location i s: C:\Users\Yogesh\AppData\Local\Microsoft\Windows\INetCache\frida\gadget-androi d-arm64.so same problem ... i am using rooted phone

he already showed it in previous series. emulator already rooted, just run adb shell as root

I found this thread on GitHub about this issue. Hopefully some of the comments on that thread will help. github.com/frida/frida/issues/597

I don't think I've ever gotten that particular error, but I found this post on stackoverflow that had the same issue. I hope this helps. stackoverflow.com/questions/62171745/frida-server-unable-to-connect

@@CorSecure Thank you so much bro for your effort but I am on a non-rooted phone and I also google the issue but every forum and comment is telling the solution over a rooted phone

@@pakvsenglive3755 oh yea. this won't work without a rooted phone because you need to install and run the frida server on the device. however, I do have another video showing how to bypass SSL Pinning using objection that does not require a rooted device. if you want to try following that process, it might work better for you. kzbin.info/www/bejne/p5Ktc4qZqsp2f6M

@@CorSecure Bruh , I am already using objection and facing this error on objection explore .

I am using the Android Studio emulator. I have another video where I walk through how I set up my emulator. kzbin.info/www/bejne/ZqPdaX6YndyFbNU

That error most likely means that either the frida-server is not running on the Android device or the version numbers of the frida-server (on the Android device) and frida (on the PC) do not match.

how did you solve the error