Step-by-Step Guide to Bypass SSL Pinning with Frida

2 min readJun 27, 2024

Prerequisites

1. Rooted Device or Emulator: For Android, you’ll need a rooted device or an emulator. For iOS, a jailbroken device is required.
2. Frida: Ensure Frida is installed on your computer and the Frida server is running on your device.
3. Frida CodeShare Script: Use the script `akabe1/frida-multiple-unpinning` from Frida CodeShare.

Steps

1. Install Frida on Your Computer:
 
 pip install frida-tools
 
2. Download and Start Frida Server on Your Device:
 
 — Download the appropriate Frida server binary for your device from [Frida releases].
 — Push the Frida server to your device and start it:

 adb push frida-server /data/local/tmp/ && adb shell “chmod 755 /data/local/tmp/frida-server && /data/local/tmp/frida-server &"
 
3. Verify Frida is Working:
 
 frida-ps -U
 
 This should list the processes running on your device.
 
4. Execute the Unpinning Script: Replace `packagename` with the package name of the target application.
frida - codeshare akabe1/frida-multiple-unpinning -f packagename -U

This command does the following:

— codeshare akabe1/frida-multiple-unpinning` loads the SSL pinning bypass script from Frida CodeShare.
`-f packagename` starts the target application specified by `packagename`.

Example

If the package name of the application is `com.example.app`, the command would be:

frida - codeshare akabe1/frida-multiple-unpinning -f com.example.app 
-U

Additional Tips

-Troubleshooting:

— Ensure the Frida server is compatible with the Frida client version.
— Verify that your device is properly rooted or jailbroken.
- Verification:

— Once the application is started with the SSL pinning bypass script, use a tool like Burp Suite or OWASP ZAP to intercept the HTTPS traffic.

Conclusion

By following these steps, you can bypass SSL pinning in a target application, allowing you to inspect and manipulate HTTPS traffic during security testing. This method leverages Frida’s powerful dynamic instrumentation capabilities and the shared script from Frida CodeShare to simplify the process.

For a detailed guide on automating the Frida installation process, check out my other article [Automate Frida Installation].

I am currently looking for a job and can join immediately. If you have any opportunities or need further assistance, feel free to reach out to me.

Any query DM ME [https://www.linkedin.com/in/r0x5r/]

Sign up to discover human stories that deepen your understanding of the world.

Free

Distraction-free reading. No ads.

Organize your knowledge with lists and highlights.

Tell your story. Find your audience.

Membership

Read member-only stories

Support writers you read most

Earn money for your writing

Listen to audio narrations

Read offline with the Medium app

Frida

Android App Testing

Cyber Security Training

Android

Pentesting

Written by ROHIT SHARMA

35 Followers

24 Following

Cybersecurity Professional | Pentester 🔍 | Web, API, Android, iOS, Thick Client, Active Directory, Red Team 🚀

No responses yet

Write a response

What are your thoughts?

Also publish to my profile

More from ROHIT SHARMA

The Hidden Risk of Swagger UI: A Real-World Case of Unauthorized Access

ROHIT SHARMA

The Hidden Risk of Swagger UI: A Real-World Case of Unauthorized Access

Introduction Hi, I’m Rohit Sharma, a security analyst at confidential. In my role, I often encounter various security issues that seem…

Aug 10, 2024

Android Security Misconfigurations: Key Findings and Recommendations for Clients

ROHIT SHARMA

Android Security Misconfigurations: Key Findings and Recommendations for Clients

In the world of mobile application security, misconfigurations are one of the most common yet critical vulnerabilities that can expose…

Mar 13

SAST Documentation Overview: Hoursec, Semgrep, and Bearer

ROHIT SHARMA

SAST Documentation Overview: Hoursec, Semgrep, and Bearer

Introduction

Sep 29, 2024

Bypassing Root Detection, Frida Detection, and Emulator Detection in Damn Vulnerable Bank APK

ROHIT SHARMA

Bypassing Root Detection, Frida Detection, and Emulator Detection in Damn Vulnerable Bank APK

In this tutorial, we will cover how to bypass root detection, Frida detection, and emulator detection in the Damn Vulnerable Bank APK…

May 30, 2024

See all from ROHIT SHARMA

Recommended from Medium

How I found my first SQL Injection in NASA🚀

Kapeka

How I found my first SQL Injection in NASA🚀

Mar 4

Android Application Pentesting Part 2 🧑‍💻 | Android Platform Architecture

dkcyberz

Android Application Pentesting Part 2 🧑‍💻 | Android Platform Architecture

Android architecture is like a layered cake. Each layer has its own job, and together they make sure Android runs smoothly on millions of…

Oct 1, 2024

Ansul Kotadia

Billing: TryHackMe Writeup

Hacking the Books (Literally) 📜💸

Mar 8

Android Pentesting: Advanced Root Detection Bypass — Smali Code Tampering

Krunal Patel

Android Pentesting: Advanced Root Detection Bypass — Smali Code Tampering

Introduction :

Nov 6, 2024

Collection of Wordlists for Bug Bounty Hunters

aimaster

Collection of Wordlists for Bug Bounty Hunters

For bug bounty hunters and penetration testers, a well-crafted wordlist can be the key to uncovering hidden vulnerabilities. Whether you’re…

Feb 1

A Methodology Guide to Bypassing RASP and Root Detection in Mobile Apps with Frida

Abhijith Namboothiry

A Methodology Guide to Bypassing RASP and Root Detection in Mobile Apps with Frida

Exploring an app’s security layers, using Frida to bypass RASP checks.

Oct 4, 2024

See more recommendations

Help
Status
About
Careers
Press
Blog
Privacy
Terms
Text to speech
Teams