https://github.com/Eltion/Tiktok-SSL-Pinning-Bypass

Bypass Tiktok SSL pinning on Android devices.
https://github.com/Eltion/Tiktok-SSL-Pinning-Bypass

android frida mitmproxy reverse-engineering ssl-pinning tiktok

Last synced: over 1 year ago
JSON representation

Bypass Tiktok SSL pinning on Android devices.

• Host: GitHub
• URL: https://github.com/Eltion/Tiktok-SSL-Pinning-Bypass
• Owner: Eltion
• License: gpl-3.0
• Created: 2022-08-27T20:35:33.000Z (almost 4 years ago)
• Default Branch: main
• Last Pushed: 2024-11-03T15:11:55.000Z (over 1 year ago)
• Last Synced: 2024-11-03T15:28:02.444Z (over 1 year ago)
• Topics: android, frida, mitmproxy, reverse-engineering, ssl-pinning, tiktok
• Language: Python
• Homepage:
• Size: 49.8 KB
• Stars: 631
• Watchers: 16
• Forks: 159
• Open Issues: 20
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# Tiktok SSL Pinning Bypass

Bypass TikTok SSL pinning on Android devices.  

Supported ABIs: `armeabi-v7a`, `arm64-v8a`  

The latest version: `v37.0.4`

If you like this project:  

**Bitcoin**: bc1q6kvvun3cfm5kadesxflntszp8z9lqesra35law  

**Ethereum**: 0x47633Ef59b0F765b7f8047b0A56230cfeBB34027  

**USDC**: 0x47633Ef59b0F765b7f8047b0A56230cfeBB34027  

**USDT**: 0x47633Ef59b0F765b7f8047b0A56230cfeBB34027  

## Patched APK (No Root)

Download the latest patched APK: 

+ [tiktok-v37.0.4.apk](https://github.com/Eltion/Tiktok-SSL-Pinning-Bypass/releases/download/v37.0.4/tiktok-v37.0.4.apk)  

[See all versions](https://github.com/Eltion/Tiktok-SSL-Pinning-Bypass/releases/)

## Run using Frida (Requires Root)

Requires frida-tools

```

frida -U -l .\tiktok-ssl-pinning-bypass.js -f com.zhiliaoapp.musically

```

## Patch APK (with frida-gadget)

You can create your own patched APK. 

### Requirements Linux (Ubuntu):

1. Install java JRE: `sudo apt install default-jre`

2. Install apksigner: `sudo apt install apksigner`

3. Install zipalign: `sudo apt install zipalign`  

Note: apksigner and zipalign can also be found in android sdk [build-tools](https://dl.google.com/android/repository/build-tools_r30.0.1-linux.zip)

### Requirements Windows:

1. Install java JRE

2. Download [build-tools](https://dl.google.com/android/repository/build-tools_r30.0.1-windows.zip) and unzip

3. Add unzip folder to path variable

### Instructions

1. Download tiktok apk file.

2. Install requirements > `pip install -r requirements.txt`

3. Run script > `python patch_apk.py -i  -o `

After that a patched apk file should be generated.

## Intercept network traffic

You can use a tool like mitmproxy or Burp Suite to intercept the network.

1. Install patched APK in the device

2. Install [mitmproxy](https://mitmproxy.org/) or [Burp Suite](https://portswigger.net/burp)

3. Set up proxy for wifi settings or run: `adb shell settings put global http_proxy `

Now you should be able to see the network traffic.

## View script logs

To view the logcat run:

```

adb logcat -s "TIKTOK_SSL_PINNING_BYPASS:V"

```

[#leftenter](#leftenter)