Mobile Security Controls
Mobile Security Controls
Root/Jailbreak Detection
Certificate Pinning
Code Obfuscation
All mobile security controls can be bypassed!
ADB Commands
List connected devices
Get shell
Install apk on the device
Bypass Root Detection
List the applications installed on the device
Disable root using Objection
Bypass Certificate Pinning
Set up proxy in Burp Suite
Go to Proxy tab
Options
Select on existing proxy settings and Click on Edit under Proxy Listeners
Select All interfaces
Yes
Set up Proxy Settings in the Mobile Device
Open Wifi Settings
Advanced Options
Enable Manual Proxy
Set the IP address as in the computer (In this case Kali VM)
Set the Proxy port
Install Burp Certificate in the Mobile Device
Open browser
Visit: http://burp
Click on the CA Certificate button
Search "Cert" in the Settings
Click on the Install Certificate option
Install the certificate
Get the Package name for the apk
Bypass SSL Pinning using Objection
Last updated