pohtio6
commented
2 weeks ago Hi, can you help me? I want to disable SSL pinning in an Java Android application, but I'm unsure how to do it
Closed amanmoar277 closed 11 hours ago
pohtio6
commented
2 weeks ago Hi, can you help me? I want to disable SSL pinning in an Java Android application, but I'm unsure how to do it
amanmoar277
commented
1 week ago Hey @frw, If you have any suggestions or thoughts on this, I'd really appreciate your input.
amanmoar277
commented
1 week ago Hi, can you help me? I want to disable SSL pinning in an Java Android application, but I'm unsure how to do it
Hey @pohtio6, I have tried this on iOS application only. Could you please go through the steps mention here - https://github.com/sensepost/objection.
frw
commented
1 week ago Defeating SSL bypass techniques is not within the scope of this library. There is unfortunately no way to prevent it as there will always be a method to turn off SSL pinning if you are able to manipulate the memory of the application you are running.
Instead you should rely on other security measures like AppAttest and DeviceCheck to ensure the device/application has not been tampered with.
amanmoar277
commented
1 week ago Hi @pohtio6, are you able to disable SSL pinning on iOS?
frw
commented
11 hours ago Closing since this is not something on the roadmap
Able to bypass SSLPinning using (objection - Runtime Mobile Exploration - https://github.com/sensepost/objection) on iOS.
After using this, SSL Pinning is disabled easily on iOS.
Is there any way to restrict this library from disabling SSL Pinning?