Quick how to:
After install of Frida on your machine, you will need to install your server agent on your (use case is phone) iphone/android/qnx device ... (emulators) too in the case of android (yet to test on blackberry emulator)
get the download/s here:
moving on...
setting up on Android:
(am currently using android, so i will focus more on this)
The use case can be on any device there is enough documentation for the all the current (common) mobile OS platforms.
COMMENCE PART 2
What i aim to achieve:
Use Frida as a mobile penetration testing tool, on high end/secure (mostly banking/social media) applications
I cannot fully disclose the vulnerabilities on this applications seeing this is not ethical and in terms of responsible disclosure in the cases i find vulnerabilities.
The following cases shall be examined:
Root Check Evasion
SSL Pinning defeat
Encryption defeat
Obfuscation defeat (dynamic application mapping/reverse engineering)
Proxy bypass
I will start this in the manner they are arranged :)
(short post but should be longer practical ones after this)
REF: Frida - https://www.frida.re/
Monday, June 26, 2017
Subscribe to:
Posts (Atom)
-
BTS------------Base Transiever Station GSM-----------Global System for Mobile Communications, originally Group Spécial Mobile OsmocomBB---... -
Requirements: OsmocomBB compatible phone (Motorola c113/115/118/123) CP2102 cable (can be found here ) TyphonOS (read this is you ha...