具体的SSL Pinning的反制,主要以Xposed框架和Frida框架进行Hook关键函数,从而进行数据包的截取。 针对以上情况可以总结了以下几种的具体绕过方式 1)反编译apk,得到源码编辑应用程序的Manifest文件,修改 AndroidManifest.xml,重新打包 apk反编译及打包 反编译 apktool.batd-ftest.apk-otestapktool-f[待反编译的apk]-o...
patch_apk.py requirements.txt tiktok-ssl-pinning-bypass.js README GPL-3.0 license Tiktok SSL Pinning Bypass Bypass TikTok SSL pinning on Android devices. Supported ABIs:armeabi-v7a,arm64-v8a The latest version:v37.0.4 If you like this project: ...
Android-SSL-TrustKiller Blackbox tool to bypass SSL certificate pinning for most applications running on a device. Description This tool leverages Cydia Substrate to hook various methods in order to bypass certificate pinning by accepting any SSL certificate. ...
What is SSLPinning? Ensuring secure communication is imperative during the development of mobile apps. This concern is addressed through the implementation of HTTPS, which encrypts the traffic between the apps and the server, safeguarding the confidentiality and integrity of the data. By default, And...
Tiktok SSL pinning是一种安全措施,用于防止中间人攻击。它通过在应用程序和服务器之间设置一个信任列表来保护用户数据的安全性。当用户使用Tiktok时,应用程序会检查其设备是否在信任列表中,如果是,则允许访问。如果设备不在信任列表中,应用程序会拒绝访问,并显示一条消息提示用户将设备添加到信任列表中。 为了绕过这种...
In this blog, four techniques to bypass SSL verifification and certificate pinning in iOS will be discussed.
Bypass TikTok SSL pinning on Android devices.Supported ABIs: armeabi-v7a, arm64-v8aThe latest version: v37.0.4If you like this project: Bitcoin: bc1q6kvvun3cfm5kadesxflntszp8z9lqesra35lawEthereum: 0x47633Ef59b0F765b7f8047b0A56230cfeBB34027USDC: 0x47633Ef59b0F765b7f8047b0A56230cfeBB3...
Install patched APK in the device Install mitmproxy or Burp Suite Set up proxy for wifi settings or run: adb shell settings put global http_proxy <proxy> Now you should be able to see the network traffic. View script logs To view the logcat run: adb logcat -s "TIKTOK_SSL_PINNING_BYP...
Install patched APK in the device Install mitmproxy or Burp Suite Set up proxy for wifi settings or run: adb shell settings put global http_proxy <proxy> Now you should be able to see the network traffic. View script logs To view the logcat run: adb logcat -s "TIKTOK_SSL_PINNING_BYP...
Patched APK (No Root) Download the latest patched APK: tiktok-v37.0.4.apk See all versions Run using Frida (Requires Root) Requires frida-tools frida -U -l .\tiktok-ssl-pinning-bypass.js -f com.zhiliaoapp.musically Patch APK (with frida-gadget) ...