Android app抓包场景详解
Tags
attack-pattern: Data Hooking - T1617 Ssl Pinning - T1521.003 Hooking - T1179 Hooking
Show in Graph
Common Information
Type Value
UUID a630f5b7-4bfa-46f2-9d39-d7b6fd009123
Fingerprint cff293232a495302
Analysis status DONE
Considered CTI value 0
Text language
Published June 20, 2024, midnight
Added to db Sept. 8, 2024, 7:40 p.m.
Last updated Nov. 17, 2024, 11:40 p.m.
Headline Android app抓包场景详解
Title Android app抓包场景详解
Detected Hints/Tags/Attributes 23/1/67
Source URLs
Redirection Url
Details Source https://cn-sec.com/archives/3144418.html
URL Provider
Details Provider Source level domain
Details cn-sec.com cn-sec.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 483 CN-SEC 中文网 https://cn-sec.com/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 11 
javax.net
Details Domain 219 
gist.github.com
Details Domain 20 
android.net
Details Domain 1 
x509trustmanagerextensions.java
Details Domain 1 
mipinningtrustmanger.java
Details Domain 1 
okhttputil.java
Details Domain 10 
mainactivity.java
Details Domain 37 
java.security
Details Domain 3 
ljavax.net
Details Domain 1 
ljava.security
Details Domain 1 
webviewclient.java
Details Domain 1 
trustmanagerfactory.java
Details Domain 1 
httpsurlconnection.java
Details Domain 4 
com.android.org
Details Domain 1 
com.datatheorem.android
Details Domain 1 
org.chromium.net
Details Domain 1 
netbuilder.enablepublickeypinningbypassforlocaltrustanchors.call
Details Domain 1 
netbuilder.addpublickeypins.call
Details Domain 4128 
github.com
Details Domain 138 
java.io
Details Domain 1 
ks.store
Details Domain 52 
android.app
Details Domain 2 
nop.gs
Details File 3 
6.js
Details File 4 
java.reg
Details File 1 
x509trustmanagerextensions.java
Details File 1 
mipinningtrustmanger.java
Details File 1 
okhttputil.java
Details File 10 
mainactivity.java
Details File 8 
security.cer
Details File 4 
sslcontext.ini
Details File 1 
tls_sslcontext.ini
Details File 6 
ssl.key
Details File 2 
'okhttp3.cer
Details File 2 
okhttp.cer
Details File 5 
t.cer
Details File 1 
webviewclient.java
Details File 1 
trustmanagerfactory.java
Details File 1 
httpsurlconnection.java
Details File 1 
trustmanagerimpl.java
Details File 26 
lang.obj
Details File 15 
com.dat
Details File 1 
builder.html
Details File 364 
console.log
Details File 8 
security.key
Details File 1 
'.p12
Details File 1 
我们需要去解包找证书搜索.p12
Details File 24 
util.log
Details File 1 
密码是lerist.key
Details File 1 
然后将其转换为.p12
Details Github username 1 
ys1231
Details Github username 6 
nvisosecurity
Details Github username 1 
oleavr
Details Github username 30 
google
Details Github username 1 
fuzion24
Details md5 1 
3ca67a173ff7d207c6b8c3b0ca65a9d8
Details sha1 1 
c88f9f55a523f128f0e4dace76a34724bfa1e88c
Details IPv4 1441 
127.0.0.1
Details Url 1 
https://github.com/ys1231/movecertificate,对于强制信任用户证书的这种情况,推荐使用这个插件:https://github.com/nvisosecurity/magisktrustusercerts
Details Url 1 
https://shunix.com/ssl-pinning/,https://yu-jack.github.io/2020/03/02/ssl-pinning
Details Url 1 
https://gist.github.com/oleavr/3ca67a173ff7d207c6b8c3b0ca65a9d8
Details Url 1 
https://github.com/google/conscrypt/blob/c88f9f55a523f128f0e4dace76a34724bfa1e88c/platform/src/main/java/org/conscrypt/trustmanagerimpl.java#471
Details Url 1 
https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/november/bypassing-androids-network-security-configuration
Details Url 1 
https://github.com/google/conscrypt/blob/c88f9f55a523f128f0e4dace76a34724bfa1e88c/platform/src/main/java/org/conscrypt/trustmanagerimpl.java#l650
Details Url 1 
https://developer.android.com/guide/topics/connectivity/cronet/reference/org/chromium/net/cronetengine.builder.html#enablepublickeypinningbypassforlocaltrustanchors
Details Url 1 
https://github.com/fuzion24/justtrustme
Details Url 2 
https://nop.gs