Instrumentation with Frida and Objection

Patch APK with Objection

This is an alternative to non-rooted devices which don't have Frida Server running.

ptrace can’t be used as a normal user. To address this constraint, Frida provides another mode of operation called embedded. In this mode the user is responsible to inject the frida-gadget library.

Moreover, there are some situations that is not possible to have a rooted phone but still you need to use Frida.

You should have frida and frida-tools installed.

You should have the Android SDK installed

Patching APK

More info: https://blog.netspi.com/four-ways-bypass-android-ssl-verification-certificate-pinning

<CONNECT THE DEVICE TO ADB>
objection patchapk -s test_app.apk

Remember to connect the cell phone and have the ADB running. If you have another device, objection could take this device and set the architecture for that.

Install Patched APK (with ADB)

Then install the patched application.

adb install test_app.objection.apk

Use the -r parameter if you are reinstalling the app.

Use the -s <DEVICE_ID> if you have multiple devices connected to your PC

PreviousMethod 1: apk-mitm NextBypass SSL Pinning - Method 2: With Objection Explore

Last updated 4 years ago