Welcome to The Forum

Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to

existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile

and so much more. This message will be removed once you have signed in.

Active Hackers

The best community of active hackers. This community has been working in hacking for more than 10 years.

Hacker Forum

Hacker from all countries join this community to share their knowledge and their hacking tools

 

    Hacking Tools

    You can find thousands of tools shared by hackers. RAT's, Bot's, Crypters FUD, Stealers, Binders, Ransomware,, Mallware, Virus, Cracked Accounts, Configs, Guides, Videos and many other things.

      PRIV8

      Become a Priv8 user and access all parts of the forum without restrictions and without limit of download. It only costs 100 dollars, and it will last you for a lifetime.

      Read Rules

      In this community we follow and respect rules, and they are the same for everyone, regardless of the user's rank. Read the rules well not to be prohibited.

      Sign in to follow this  
      sQuoII

      objection - Runtime Mobile Exploration

      1 post in this topic

      Hidden Content

        Give reaction to this post to see the hidden content.
       

      Hidden Content

        Give reaction to this post to see the hidden content.

      introduction

      objection is a runtime mobile exploration toolkit, powered by

      Hidden Content

        Give reaction to this post to see the hidden content.
      . It was built with the aim of helping assess mobile applications and their security posture without the need for a jailbroken or rooted mobile device.

      The project's name quite literally explains the approach as well, whereby runtime specific objects are injected into a running process and executed using Frida.

      Note: This is not some form of jailbreak / root bypass. By using objection, you are still limited by all of the restrictions imposed by the applicable sandbox you are facing.

      features

      Supporting both iOS and Android and having new features and improvements added regularly as the tool is used in real world scenarios, the following is a short list of only a few key features:

      For all supported platforms, objection allows you to:

      • Patch iOS and Android applications, embedding a Frida gadget that can be used with objection or just Frida itself.
      • Interact with the filesystem, listing entries as well as upload & download files where permitted.
      • Perform various memory related tasks, such as listing loaded modules and their respective exports.
      • Attempt to bypass and simulate jailbroken or rooted environments.
      • Discover loaded classes and list their respective methods.
      • Perform common SSL pinning bypasses.
      • Dynamically dump arguments from methods called as you use the target application.
      • Interact with SQLite databases inline without the need to download the targeted database and use an external tool.
      • Execute custom Frida scripts.

      iOS specific features in objection include the ability to:

      • Dump the iOS keychain, and export it to a file.
      • Dump data from common storage such as NSUserDefaults and the shared NSHTTPCookieStorage.
      • Dump various formats of information in human readable forms.
      • Bypass certain forms of TouchID restrictions.
      • Watch for method executions by targeting all methods in a class, or just a single method.
      • Monitor the iOS pasteboard.
      • Dump encoded .plist files in a human readable format without relying on external parsers.

      Android specific features in objection include the ability to:

      • List the applications Activities, Services and Broadcast receivers.
      • Start arbitrary Activities available in the target application.
      • Watch a class method, reporting execution as it happens.

      screenshots

      The following screenshots show the main objection repl, connected to a test application on both an iPad running iOS 10.2.1, and Samsung Galaxy S5 running Android 6.

      A file system listing of the iOS applications main bundle

      Hidden Content

        Give reaction to this post to see the hidden content.

      A file system listing of the Android applications bundle

      Hidden Content

        Give reaction to this post to see the hidden content.

      iOS Keychain dumped for the current application, and later written to a file called keychain.json

      Hidden Content

        Give reaction to this post to see the hidden content.

      Inline SQLite query tool

      Hidden Content

        Give reaction to this post to see the hidden content.

      SSL Pinning bypass running for an iOS application

      Hidden Content

        Give reaction to this post to see the hidden content.

      SSL Pinning bypass running for an Android application

      Hidden Content

        Give reaction to this post to see the hidden content.

      sample usage

      A sample session, where objection version 0.1 is used to explore the applications environment. Newer versions have the REPL prompt set to the current applications name, however usage has remained the same:

      Hidden Content

        Give reaction to this post to see the hidden content.

      • Like 1

      Share this post


      Link to post
      Share on other sites

      Create an account or sign in to comment

      You need to be a member in order to leave a comment

      Create an account

      Sign up for a new account in our community. It's easy!

      Register a new account

      Sign in

      Already have an account? Sign in here.

      Sign In Now
      Sign in to follow this