androidfridapublic-key-pinningandroid-network-security-config

There is way to counteract frida toolkit in android app?


in app i use native network security config for public key pinning.

using frida toolkit our security team can bypass pinning.

the question is simple: there is any way to protect against that or not ?


Solution

  • Short answer - "yes... but"

    Long answer(s)

    https://github.com/darvincisec/DetectFrida

    https://www.vantagepoint.sg/blog/90-the-jiu-jitsu-of-detecting-frida

    https://mobile-security.gitbook.io/mobile-security-testing-guide/android-testing-guide/0x05j-testing-resiliency-against-reverse-engineering

    For each one of them there is a way to bypass as @JensV said, for example;

    Detecting Frida by scanning local ports and or doing the D-Bus auth dance? Start "frida-server with --listen=unix:/path/to/sock" and then forward the socket to a local TCP port with adb forward tcp:27042 localabstract:/path/to/sock. Credit: t@leonjza