📱 objection - runtime mobile exploration
GPL-3.0 License
Bot releases are hidden (Show)
Published by leonjza about 5 years ago
--pause
flag to the patchipa
command.Published by leonjza about 5 years ago
<target> heap
command context.evaluate
command.frida-compile
to v9.Published by leonjza over 5 years ago
frida-gum-types
with @types/frida-gum
.Published by leonjza over 5 years ago
dataHex
when dumping entries with the --json
flag. This key is a hex string of the raw data from the keychain.--smart
flag to trigger automatic decoding of data fields. Without this flag (the default), entries are UTF8 encoded.Published by leonjza over 5 years ago
NSBundle
. This is available as the new ios bundles list_frameworks
command.--target-class
flag to the Android patcher to inject a loadLibrary
call for a Frida gadget in any arbitrary class' constructor (for example, to run before an applications onCreate()). The default is still to use the apps main launchable activity.loadLibrary
call into an existing class constructor by correctly incrementing the .locals
count.Published by leonjza over 5 years ago
android hooking get current_activity
command.R
class helper to the agent for Android hooks.--host
and --network
flags will work again as intended.Published by leonjza over 5 years ago
This release contains commits primarily contributed by @AV-IO 🎉
Published by leonjza over 5 years ago
Published by leonjza over 5 years ago
frida
command.android heap print_instances <class>
.android hooking search methods <search string>
.rm
command.Published by leonjza over 5 years ago
memory search
commandmemory search
command. Small hexdump snippets will now be returned unless the --offsets-only
flag is provided.Published by leonjza over 5 years ago
import
command to load external Frida scripts #196Upgrade node dependencies for the agent, primarily bumping the frida-gum-types version to ^4
. https://github.com/sensepost/objection/commit/613be5a8c66e2c498a4d951046d877465fc8a783
Published by leonjza over 5 years ago
Thanks goes to @aph3rson for the fixes in this release.
Published by leonjza over 5 years ago
Published by leonjza over 5 years ago
--skip-resources
flag for the APK builder to not try and inject the Internet permission.Published by leonjza over 6 years ago
Published by leonjza over 6 years ago
ios nsurlcredentialstorage dump
command to dump credentials stored using NSURLCredentialStorage.ios hooking watch*
commands.frida-tools
as dependency as required since Frida 12.Published by leonjza over 6 years ago
v1.3.0
This release updates the license for objection
to GPL v3.
--serial
flag.kSecClassGenericPassword
keychain entries.Published by leonjza over 6 years ago
This version simply pins the version of python-prompt-toolkit in use as a major update of the library is imminent. (thanks @jonathanslenders)
Published by leonjza over 6 years ago
v1.2.8
--skip-resources
to skip the decoding if needed.Published by leonjza over 6 years ago
v1.2.7
--network-security-config
/ -N
flag to the patchapk
command. This flag will add a network security config to the APK as well as the required android:networkSecurityConfig
tag to the AndroidManifest.xml
's <application>
tag. This helps for Android 7+ and the changes to CA certificates that were introduced.verifyChain()
method in the com.android.org.conscrypt.TrustManagerImpl
class to suppress exceptions that could get thrown if a certificate with a non-trusted CA is presented. This hook is available in the android sslpinning disable
command and should take preference over --network-security-config
flag in the patchapk
command.patchapk
command used to strip all .
's from the resultant APK's name. This should no longer happen.