Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
Another universal ssl certificate pinning bypass script for Android
/* Another universal ssl certificate pinning bypass script for Android
by Maurizio Siddu
Run with:
frida -U -f [APP_ID] -l frida_universal_pinning_bypasser.js --no-pause
setTimeout(function() {
Java.perform(function() {
console.log('[#] Android Universal Certificate Pinning Bypasser [#]');
// TrustManagerImpl Certificate Pinning Bypass
try {
var array_list = Java.use('java.util.ArrayList');
var custom_TrustManagerImpl = Java.use('');
//custom_TrustManagerImpl.checkTrustedRecursive.implementation = function(untrustedChain, trustAnchorChain, host, clientAuth, ocspData, tlsSctData) {
custom_TrustManagerImpl.checkTrustedRecursive.implementation = function(a, b, c, d, e, f, g, h) {
//if host:
console.log('[+] Bypassing TrustManagerImpl pinner for: ' + b + '...');
// console.log('[+] Bypassing TrustManagerImpl pinner...');
var fakeTrusted = array_list.$new();
return fakeTrusted;
} catch (err) {
console.log('[-] TrustManagerImpl pinner not found');
// OpenSSLSocketImpl Certificate Pinning Bypass
try {
var custom_OpenSSLSocketImpl = Java.use('');
custom_OpenSSLSocketImpl.verifyCertificateChain.implementation = function (g, i) {
console.log('[+] Bypassing OpenSSLSocketImpl pinner...');
} catch (err) {
console.log('[-] OpenSSLSocketImpl pinner not found');
Copy link

89z commented Nov 13, 2021

Doesnt work with

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment