Ignorar detectar VPN httptoolkit #90
Comments
|
La verdad es que no he encontrado muchas problemas con detección de VPNs asi personalmente. Imagino que depende del tipo de apps que investigas. En los pocos casos en que si me causa problemas, suelo interceptar trafico sin el VPN. Simplemente tienes que desactivar el VPN, y hacer la intercepcion con los scripts solos (instrucciones en el README: https://github.com/httptoolkit/frida-interception-and-unpinning?tab=readme-ov-file#android-getting-started-guide). Con los scripts de Eso funciona para ti? (Prefieres ingles o español? Veo que lo tradujiste. Me da igual, como prefieras) |
|
frida -U -l config.js -l antiroot.js -l android-certificate-unpinning.js -l android-certificate-unpinning-fallback.js -l android-system-certificate-injection.js -l android-proxy-override.js -f "br.com.app" Commands used |
|
Ok. If you use that without the VPN, does it work for you? I think you might also want |
|
But httptoolkit creates a VPN connection between my cell phone and the computer. Can I use it without this VPN connection? |
|
Yes. All the VPN does is configure proxy settings, and manually rewrite any traffic that tries to ignore those settings. It uses Android's VPN APIs to do this, but it's not a real VPN as such (more info here: https://httptoolkit.com/blog/inspecting-android-http/). You can use the scripts here to set proxy settings (android-proxy-override.js) & manually redirect traffic (native-connect-hook.js) and then the VPN app isn't required. |
@pimterry Muchas aplicaciones detectan la presencia de la VPN. Cuando pruebas estas aplicaciones, ¿usas un script genérico para Frida o siempre creas uno nuevo basado en cada aplicación?
tomando nota de que "poseidontor/android-vpn-detection-bypass" no funcionó.
The text was updated successfully, but these errors were encountered: