Step-by-Step Guide to Bypass SSL Pinning with Frida

Rohit Sharma — Sat, 30 Aug 2025 08:52:38 +0000

prerequisites

Rooted Device or Emulator: For Android, you’ll need a rooted device or an emulator. For iOS, a jailbroken device is required.
Frida: Ensure Frida is installed on your computer and the Frida server is running on your device.
Frida CodeShare Script: Use the script akabe1/frida-multiple-unpinning from Frida CodeShare.

#steps

Install Frida on Your Computer:

pip install frida-tools

Download and Start Frida Server on Your Device:

— Download the appropriate Frida server binary for your device from [Frida releases].
— Push the Frida server to your device and start it:

adb push frida-server /data/local/tmp/ && adb shell “chmod 755 /data/local/tmp/frida-server && /data/local/tmp/frida-server &"

Verify Frida is Working:

frida-ps -U

This should list the processes running on your device.

Execute the Unpinning Script: Replace packagename with the package name of the target application.

frida -codeshare akabe1/frida-multiple-unpinning -f packagename -U

This command does the following:

— codeshare akabe1/frida-multiple-unpinningloads the SSL pinning bypass script from Frida CodeShare.-f packagenamestarts the target application specified bypackagename`.

Example

If the package name of the application is com.example.app, the command would be:

frida -codeshare akabe1/frida-multiple-unpinning -f com.example.app -U

Additional Tips

-Troubleshooting:

— Ensure the Frida server is compatible with the Frida client version.
— Verify that your device is properly rooted or jailbroken.

Verification:

— Once the application is started with the SSL pinning bypass script, use a tool like Burp Suite or OWASP ZAP to intercept the HTTPS traffic.

Conclusion

By following these steps, you can bypass SSL pinning in a target application, allowing you to inspect and manipulate HTTPS traffic during security testing. This method leverages Frida’s powerful dynamic instrumentation capabilities and the shared script from Frida CodeShare to simplify the process.

For a detailed guide on automating the Frida installation process, check out my other article [Automate Frida Installation].

I am currently looking for a job . If you have any opportunities or need further assistance, feel free to reach out to me.

Any query DM ME [https://www.linkedin.com/in/r0x5r/]

Android Security Misconfigurations: Key Findings and Recommendations for Clients

Rohit Sharma — Sat, 30 Aug 2025 08:37:57 +0000

In the world of mobile application security, misconfigurations are one of the most common yet critical vulnerabilities that can expose applications to significant risks. During a recent Vulnerability Assessment and Penetration Testing (VAPT) exercise for an Android application, we identified several security misconfigurations that could potentially compromise the application’s integrity, confidentiality, and availability. Below, we outline these findings and provide actionable recommendations to address them.

1. Application Installed in Root Mode
Issue: The application is installed and running in root mode, which grants it elevated privileges. This increases the risk of exploitation, as an attacker could leverage root access to manipulate the application or the underlying system.

Recommendation:

Ensure the application does not require root privileges to function.
Implement checks to detect if the device is rooted and restrict the application from running on rooted devices.

2. Use of Basic Authentication
Issue: The application is using Basic Authentication with credentials (username and password) encoded in Base64. This method is inherently insecure as the credentials can be easily decoded if intercepted.

Recommendation:

Replace Basic Authentication with more secure authentication mechanisms such as OAuth 2.0 or Token-Based Authentication.
Ensure all communication is encrypted using HTTPS to prevent interception of sensitive data.

3. Debug Mode Enabled
Issue: The application has debug mode enabled in the production build. This can expose sensitive information and allow attackers to gain insights into the application’s internal workings.

Recommendation:

Disable debug mode in the production build by setting android:debuggable="false" in the AndroidManifest.xml file.
Use tools like ProGuard or R8 to obfuscate the code and make reverse engineering more difficult.

4. Support for Outdated Android Versions
Issue: The application supports installation on older Android versions (below Android 10, API 29) that have multiple unpatched vulnerabilities. These devices no longer receive security updates from Google, making them highly susceptible to attacks.

Recommendation:

Set the minimum supported Android version to Android 10 (API 29) or higher to ensure devices receive reasonable security updates.
Inform users about the risks of using outdated Android versions and encourage them to upgrade their devices.

5. Lack of Emulator Detection
Issue: The application does not implement emulator detection, allowing it to run on emulators. This makes it easier for attackers to analyze and reverse-engineer the application in a controlled environment.

Recommendation:

Implement emulator detection mechanisms to prevent the application from running on emulators.
Use libraries or custom checks to detect common emulator signatures.

6. Vulnerable WebView Configuration
Issue: The application’s WebView is configured with setJavaScriptEnabled(true), making it vulnerable to loading malicious URLs or executing arbitrary JavaScript code.

Recommendation:

Disable JavaScript in WebView unless absolutely necessary.
Validate and sanitize all URLs loaded in WebView to prevent loading malicious content.
Use Content Security Policy (CSP) to restrict the sources of content that can be loaded.

7. USB Debugging Enabled
Issue: The device is enabled with USB debugging mode, which allows unauthorized access to the device and application data via ADB (Android Debug Bridge).

Recommendation:

Educate users to disable USB debugging when not in use.
Implement runtime checks to detect if USB debugging is enabled and alert the user or restrict certain functionalities.

8. Sensitive Data Exposure in Logs
Issue: Sensitive data such as credentials, tokens, or personal information is being logged using adb logcat. This data can be accessed by attackers if the device is compromised.

Recommendation:

Avoid logging sensitive information in production builds.
Use secure logging mechanisms or disable logging entirely for sensitive operations.
Regularly review and clean up logs to ensure no sensitive data is exposed.
Conclusion
Security misconfigurations are often overlooked but can have severe consequences if left unaddressed. By implementing the recommendations outlined above, you can significantly enhance the security posture of your Android application and protect it from potential threats.

As a best practice, always conduct regular security assessments and penetration testing to identify and remediate vulnerabilities before they can be exploited. If you need further assistance in securing your application, feel free to reach out to our team for a comprehensive security audit.

Stay Secure, Stay Vigilant! 🔒

Any query DM ME [https://www.linkedin.com/in/r0x5r/]

DEV Community: Rohit Sharma

Step-by-Step Guide to Bypass SSL Pinning with Frida

Android Security Misconfigurations: Key Findings and Recommendations for Clients