Android Application Pinning Bypass | Pinned @ HackTheBox

Name: Android Application Pinning Bypass | Pinned @ HackTheBox
Uploaded: Mar 31, 2022
Duration: 795 s

0xbro3.4K subscribers

15.9K views

Mar 31, 2022

13:15

Pinned is an easy difficulty Android mobile challenge from @HackTheBox. In this video we bypass the certificate pinning mechanism implemented by the app in order to intercept application’s requests and obtain the secret flag. === Timestamp === 00:00 - Intro 01:19 - What is a certificate and how it works 02:21 - Introduction to certificate validation 03:49 - Importing a certificates in a browser 04:24 - Importing a certificate into an Android device 05:42 - Installation and execution of the APK 06:12 - Setting up the device to intercept HTTP requests 06:39 - Certificate pinning prevents intercepting HTTP requests 06:55 - Code decompilation and analysis 07:58 - Identification of the original certificate 08:28 - High level analysis of the certificate pinning implementation 09:05 - Introduction to Frida, Xposed and its modules 09:45 - Frida installation 10:25 - Testing Frida 11:05 - Defeating certificate pinning using Frida 11:54 - Testing SSLUnpinning and TrustMeAlready 12:40 - Conclusion If you enjoyed the video leave a like and subscribe to my channel! For writeups in text format or other articles related to Ethical Hacking go to my blog: https://maoutis.github.io/ --- Would you like to support my work? Offer me a virtual coffee :) https://www.buymeacoffee.com/0xbro Check out my socials: Twitter: https://twitter.com/0xbro1 Linkedin: https://www.linkedin.com/in/mattia-0xbro-brollo-b4129614b/ External resources: - https://protonmail.com/blog/tls-ssl-certificate/ - https://www.digicert.com/how-tls-ssl-certificates-work - https://httptoolkit.tech/blog/intercepting-android-https/ - https://docs.broadcom.com/doc/certificate-pinning-en - https://scotthelme.co.uk/cross-signing-alternate-trust-paths-how-they-work/ - https://www.venafi.com/blog/how-does-browser-trust-certificate - https://docs.oracle.com/javase/7/docs/api/java/security/cert/CertificateFactory.html - https://docs.oracle.com/javase/7/docs/api/java/security/KeyStore.html - https://docs.oracle.com/javase/7/docs/api/javax/net/ssl/TrustManagerFactory.html - https://docs.oracle.com/javase/7/docs/api/javax/net/ssl/SSLContext.html Tags: #CertificatePinning #HackTheBox #AndroidHacking #Pinned #Frida #SSLUnpinning #TrustMeAlready #Xposed #AndroidCTF

Download

0 formats

No download links available.