Installer script for Frida and Burp's certificate to help setup bypass SSL Pinning in Android applications. Works with Genymotion Emulator.
Read the blog post for a detailed walkthrough -> One-click SSL-Pinning Bypass Setup
- Make sure you have a device installed in Genymotion and it's up and running so the script can interact with ADB.
- Start and keep Burp running so it can download the certificate.
- Run the
frida_setup.sh
to start the installer.
- Installs
frida
andfrida-tools
using pip. (Export the path to frida in your env if it's not already there) - Fetches the latest released version of Frida server from github.
- Downloads certificate from Burp's proxy.
- Pushes and installs the required files inside the ADB.
- Cleans up the files and a reboot of the android system.
- Run the frida server from
/data/local/tmp
insideadb shell
. - Setup your proxies in Burp and Android's Wifi settings.
- Start the ssl-pinning bypass using
frida -U -f <package_name> -l frida2.js --no-pause
- Tested only on Arch Linux. Might have to change the
sed
command accordingly if you're on MacOS. - Adjust
pip
topip3
if needed in the script. - Highly recommend using
frida2.js
rather thanfrida.js
.