Kamil Lorenc v3l0c1r4pt0r
cubehouse
/ pinning.js
Last active
April 21, 2024 14:49
A Frida script to bypass SSL Pinning on Android. https://blog.jamie.holdings/2019/01/19/advanced-certificate-bypassing-in-android-with-frida/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // start with: | |
| // frida -U -l pinning.js -f [APP_ID] --no-pause | |
| Java.perform(function () { | |
| console.log('') | |
| console.log('===') | |
| console.log('* Injecting hooks into common certificate pinning methods *') | |
| console.log('===') | |
| var X509TrustManager = Java.use('javax.net.ssl.X509TrustManager'); |
per1234
/ package_per1234_digistump_armlinux_index.json
Last active
December 5, 2020 08:03
Digistump Boards Manager JSON file to allow installation on ARM Linux. The micronucleus tool may need to be manually replaced with the ARM Linux compatible version.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "packages":[ | |
| { | |
| "name":"digistump", | |
| "maintainer":"Digistump", | |
| "websiteURL":"http://digistump.com", | |
| "email":"support@digistump.com", | |
| "help":{ | |
| "online":"https://digistump.com/board" | |
| }, |
pwlin
/ gist:8a0d01e6428b7a96e2eb
Last active
April 10, 2024 12:44
Android : add cert to system store
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://code.google.com/p/android/issues/detail?id=32696#c5 | |
| If you have a certificate that is not | |
| trusted by Android, when you add it, it goes in the personal cert store. | |
| When you add a cert in this personal cert store, the system requires a | |
| higher security level to unlock the device. But if you manage to add your | |
| cert to the system store then you don't have this requirement. Obviously, | |
| root is required to add a certificate to the system store, but it is quiet | |
| easy. |