Link to this headingObjection
objection is python-frida based tool
to use objection --gadget <apkname> explore
Objection has options to monitor the class, methods, sslpinning disable and keystore related functionalities.
-
#android sslpinning disable : To disable sslpinning by hooking into the TrustMgmgImpl
-
#android hooking watch class
–dump-args –dump-return : To monitor the class and shows all the methods that was called in the class, with their arguments and return values. -
#android hooking watch class_method
–du
mp-args –dump-backtrace –dump-return
This hooks into the method and shows the arguments passed and the return values with the complete backtrace of how the method was called.
To watch a constructor method, add $init
class name: com.arcto.aid.lib
method: PKI_abdfec
constructor:PKI_abdfec
Ex: #andrdoid hooking class_method “com.arcot.aid.lib.PKI_abdfec.$init” –dump-args –dump-return –dump-backtrace