SSL pinning bypass - (Basics)
SSL pinning bypass basic
You are a penetration tester hired by a company called Craw.in to assess the security of their new Android mobile application. The app handles sensitive user data, and Craw.in is particularly concerned about data leakage through insecure communication channels and reverse engineering. You have the APK file and are free to use any tools necessary.
Question 1.
Craw.in's app uses SSL/TLS for network communication. What common defense mechanism is implemented to prevent man-in-the-middle attacks?
Question 2.
You want to bypass SSL pinning in Craw.in's app. Which dynamic instrumentation tool is commonly used to achieve this?
Question 3.
Besides Frida, what's another popular tool to bypass SSL pinning?
Question 4.
Before Frida can be used to instrument the target Craw.in app, what process must be performed on the target device or emulator to prepare it?
Question 5:
To use Frida with the Craw.in app, do you need the source code of the app?
Question 6.
You want to list all loaded classes in the Craw.in app using Frida. Which Frida API call would be useful?
Question 7.
Which method of `okhttp3.CertificatePinner` class might be targeted for patching to bypass SSL pinning?
Question 8.
To interact with the Frida server on the device from your host machine, what command line tool is used?
Question 9:
When bypassing SSL pinning, what kind of certificate needs to be intercepted and manipulated or bypassed?
Question 10.
What type of vulnerability does SSL Pinning aim to protect against in mobile apps?
Question 11:
If Craw.in's app uses certificate pinning, which type of certificate is typically pinned (e.g., root, intermediate, leaf)?
Question 12:
If Frida script fails to load, what should you check on Frida Server version?
Question 13:
Objection is Frida based framwork used to bypass SSL Pinning.