Open thisisyusub opened 4 months ago
Hello.
Thanks for raising this issue. We are looking into it.
Hi,
I know nothing about pen testing and this may be a very stupid question, but I was wondering if the Frida script is somehow modifying the kDebugMode
, kProfileMode
, and kReleaseMode
constants?
If this is happening, then using isProd: kReleaseMode
would bypass all the release level callbacks like onAppIntegrity
. Maybe try isProd: true
and retest?
Hi,
I know nothing about pen testing and this may be a very stupid question, but I was wondering if the Frida script is somehow modifying the
kDebugMode
,kProfileMode
, andkReleaseMode
constants?If this is happening, then using
isProd: kReleaseMode
would bypass all the release level callbacks likeonAppIntegrity
. Maybe tryisProd: true
and retest?
It can be true, but documentation mentioned that you can use in this way.
I know nothing about pen testing and this may be a very stupid question, but I was wondering if the Frida script is somehow modifying the
kDebugMode
,kProfileMode
, andkReleaseMode
constants?
My (educated) guess is that Frida hooks Talsec Android SDK which is implemented in a plugin. We are currently investigating that.
We generally recommend using isProd: true
because it ensures that production mode is true even if the attacker messes around with Flutter SDK constants.
Any update about it?
We investigated the issue and found a solution. We believe the countermeasure could be rolled out in the next freeRASP release. Thank you for your help!
Describe the bug We have released and configures security with freerasp. But our pentester team investigated that, in the following scenerio, it is not working as expected to catch jailbreak, frida and app integrity check.
To Reproduce
From Mobile App Side
From Pentest Side
Download the app from Play Store (1.14.1) https://play.google.com/store/apps/details?id=az.azerconnect.inside
adb install inside_modified-aligned-debugSigned.apk
When the app is launched, it will crash instantly. To prevent that use following Frida script.
Run the app using Frida script.
App will be launched successfully. Tap the “Skip” button.
Expected behavior After all these processes, it should detect if app:
Please complete the following information:
Tools Used: