Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/d0gkiller87/Frida-libcurlUnpinning
A Frida script to bypass libcurl (NDK) SSL-Pinning protection in Android apps.
https://github.com/d0gkiller87/Frida-libcurlUnpinning
frida frida-javascript frida-scripts frida-snippets mobile-security reverse-engineering ssl-pinning
Last synced: about 2 months ago
JSON representation
A Frida script to bypass libcurl (NDK) SSL-Pinning protection in Android apps.
- Host: GitHub
- URL: https://github.com/d0gkiller87/Frida-libcurlUnpinning
- Owner: d0gkiller87
- Created: 2021-08-11T23:06:59.000Z (over 3 years ago)
- Default Branch: main
- Last Pushed: 2024-11-10T10:49:33.000Z (2 months ago)
- Last Synced: 2024-11-10T11:30:28.863Z (2 months ago)
- Topics: frida, frida-javascript, frida-scripts, frida-snippets, mobile-security, reverse-engineering, ssl-pinning
- Language: JavaScript
- Homepage:
- Size: 185 KB
- Stars: 24
- Watchers: 1
- Forks: 5
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-hacking-lists - d0gkiller87/Frida-libcurlUnpinning - A Frida script to bypass libcurl (NDK) SSL-Pinning protection in Android apps. (JavaScript)
README
# Introdution
English | [中文](README_tw.md)Bypass **libcurl** (NDK) SSL-Pinning protection presented in some Android apps.
# Pre-requisites
- Frida access to your mobile device# Usage
### Spawn mode
```bash
frida -U -f com.example --no-pause -l Frida-libcurlUnpinning.js
```
> `U`: Connect to remote device
`f`: Spawn specified app
`--no-pause`: Resume main thread after spawning app
`l`: Load & run script### Attach mode **(Recommended)**
```bash
frida -U -F -l Frida-libcurlUnpinning.js
```
> `U`: Connect to remote device
`F`: Attach to foreground app
`l`: Load & run script# Example
![](README/images/cli.jpg)
![](README/images/after.jpg)# Credits
- [iOS libcurl hooking](https://www.nevermoe.com/2016/05/30/hook-ios%E7%9A%84libcurl/) by @Nevermoe# Q & A
- Q: How does it work?
- A: It’s just ~~[a balloon stretched over a cup](https://www.youtube.com/watch?v=QRiQXCkw3rs)~~. Jk, it simply hooks curl_easy_setopt and blocks options related to SSL-Pinning.