Objection

Objection¶

objection is python-frida based tool

to use objection --gadget <apkname> explore

Objection has options to monitor the class, methods, sslpinning disable and keystore related functionalities.

1. #android sslpinning disable : To disable sslpinning by hooking into the TrustMgmgImpl

2. #android hooking watch class --dump-args --dump-return : To monitor the class and shows all the methods that was called in the class, with their arguments and return values.

3. #android hooking watch class_method --du
   mp-args --dump-backtrace --dump-return

This hooks into the method and shows the arguments passed and the return values with the complete backtrace of how the method was called.

To watch a constructor method, add $init
class name: com.arcto.aid.lib
method: PKI_abdfec
constructor:PKI_abdfec

Ex: #andrdoid hooking class_method "com.arcot.aid.lib.PKI_abdfec.\$init" --dump-args --dump-return --dump-backtrace