Monday, June 26, 2017

Dynamic Binary Instrumentation (pt2)

Quick how to:


After install of Frida on your machine, you will need to install your server agent on your (use case is phone) iphone/android/qnx device ... (emulators) too in the case of android (yet to test on blackberry emulator)

get the download/s here:


moving on...

setting up on Android:

(am currently using android, so i will focus more on this)

The use case can be on any device there is enough documentation for the all the current (common) mobile OS platforms.



COMMENCE PART 2

What i aim to achieve:

Use Frida as a mobile penetration testing tool, on high end/secure (mostly banking/social media) applications

I cannot fully disclose the vulnerabilities on this applications seeing this is not ethical and in terms of responsible disclosure in the cases i find vulnerabilities.

The following cases shall be examined:

Root Check Evasion
SSL Pinning defeat
Encryption defeat
Obfuscation defeat (dynamic application mapping/reverse engineering)
Proxy bypass

I will start this in the manner they are arranged :)

(short post but should be longer practical ones after this)

REF: Frida - https://www.frida.re/

2 comments:

research paper writing services review said...

I have heard a lot about this interesting tool Frida but never knew exactly what it does . After reading this post I know about this tool in depth and how to use it on my I phone.

Unknown said...

Thanks for post:

dich vu mua ho hang
mua ho hang
dich vu mua ho
Ship Chứng Từ Đi Dominica

Post a Comment

Container [docker] <----> Host <----VPN--->cloudThingy

I restarted my HITB (Hack In The  Box) tutorage , they are pretty good , check them out for offensive labs (they have about 20 free ones) an...