有办法在 android 应用程序中抵消 frida 工具包吗?
[英]There is way to counteract frida toolkit in android app?
问题描述
in app i use native network security config for public key pinning.
在应用程序中,我使用本机网络安全配置进行公钥固定。
using frida toolkit our security team can bypass pinning.使用 frida 工具包,我们的安全团队可以绕过固定。
the question is simple: there is any way to protect against that or not?问题很简单:有什么方法可以防止这种情况发生吗?
1 个解决方案
解决方案1
2 已采纳 2020-04-10 11:19:03
Short answer - "yes... but"简短的回答 - “是的......但是”
Long answer(s)长答案
https://github.com/darvincisec/DetectFrida https://github.com/darvincisec/DetectFrida
https://www.vantagepoint.sg/blog/90-the-jiu-jitsu-of-detecting-frida https://www.vantagepoint.sg/blog/90-the-jiu-jitsu-of-detecting-frida
https://mobile-security.gitbook.io/mobile-security-testing-guide/android-testing-guide/0x05j-testing-resiliency-against-reverse-engineering https://mobile-security.gitbook.io/mobile-security-testing-guide/android-testing-guide/0x05j-testing-resilency-against-reverse-engineering
For each one of them there is a way to bypass as @JensV said, for example;例如,对于它们中的每一个,都有一种绕过@JensV 所说的方法;
Detecting Frida by scanning local ports and or doing the D-Bus auth dance?通过扫描本地端口或执行 D-Bus auth dance 来检测 Frida? Start "frida-server with --listen=unix:/path/to/sock" and then forward the socket to a local TCP port with adb forward tcp:27042 localabstract:/path/to/sock .使用 --listen --listen=unix:/path/to/sock" ,然后使用adb forward tcp:27042 localabstract:/path/to/sock将套接字转发到本地 TCP 端口。 Credit: t@leonjza信用:t@leonjza
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.