Open in app

Sign in

Write

Sign in

Finally, SSL Pinning for Flutter Bypassed After Frustration..

Rizaldi Wahaz
2 min readAug 23, 2024

--

Hello friends, it’s been a long time since I’ve written anything, but I’ve finally motivated myself to start writing and sharing again — of course, about cybersecurity. Today, I want to share my experience in mobile pentesting, specifically with Android apps built using the Flutter framework.

There are several popular ways to bypass ssl pinning

  1. Using Frida (Easy if you can get the right scripts, or you can make your own scripts)
  2. Using Objection (Personally, I rarely use this)
  3. Using DroidProxy (Worth to try for experience)
  4. reFlutter (in this case, I try to extract the apk from Play Store but its broken, I still don’t know why(?))
  5. Reverse the APK and modified the Smali Code (Stressful)
  6. etc

Of course, as a L̶a̶z̶y̶ Professional Pentester , I try the best method, which is using the mighty Frida. But, I don’t know why, the script that I usually use is not working :/

I tried a ton of scripts, but still got nothing — until I found this GitHub repository

https://github.com/NVISOsecurity/disable-flutter-tls-verification

Credits to the author. It worked!! Thanks god, finally I can continue my Pentest work more deep with my lovely Burpsuite ❤

This is the step by step bypass using frida

  1. Download frida server, select the latest version release, and the best fit environment of your emulator device
    https://github.com/frida/frida/releases
  2. Install adb in your PC (A lot tutorial about this, you can google it)
  3. Push frida-server to emulator device
    $ adb push frida-server /data/local/tmp/
  4. Change permission of frida-server
    $ adb shell “chmod 755 /data/local/tmp/frida-server”
  5. Run frida-server
    $ adb shell “/data/local/tmp/frida-server &”
  6. Select the application package you want to bypass
    $ frida-ps -U
  7. Then try this to your flutter application
    $ frida -U --codeshare TheDauntless/disable-flutter-tls-v1 -f YOUR_BINARY
  8. Successfully bypass will look like this

Thats it…

Thank you, my friend, for reading my pentest diary about bypassing a Flutter application. I hope you’re doing well. See you in the next story, and stay ethical.

Reference:

  • https://blog.nviso.eu/2022/08/18/intercept-flutter-traffic-on-ios-and-android-http-https-dio-pinning/

Sign up to discover human stories that deepen your understanding of the world.

Free

Distraction-free reading. No ads.

Organize your knowledge with lists and highlights.

Tell your story. Find your audience.

Membership

Read member-only stories

Support writers you read most

Earn money for your writing

Listen to audio narrations

Read offline with the Medium app

Bug Bounty
Penetration Testing
Hacking
Flutter
Cybersecurity

--

--

Rizaldi Wahaz
Rizaldi Wahaz

Written by Rizaldi Wahaz

159 Followers
42 Following

InfoSec

Responses (6)

Write a response

What are your thoughts?

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams