Android Pentesting-Bypassing Root Detection


Setting up the backend server

python pip flask sqlalchemy simplejson

Viewing the application

Root Detection bypass

Using Frida

frida -U -f --codeshare dzonerzy/fridantiroot --no-pause

Using Objection

objection -g explore
android hooking set return_value false

Using EdXposed RootCloak

Using EdXposed Unrootbeer

Manually bypassing root detection

apktool d -r InsecureBankv2.apk
keytool -genkey -v -keystore my-release-key.keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.keystore InsecureBankv2.apk alias_name





Pentester | CTF Player

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Upload to AWS S3 from Android: S3 Integration & Customizations for large files

Spawning with Coroutines

Understanding Android Runtime and Dalvik

Flutter: Perform Background Job

Handle TransactionTooLargeException

Why Jetpack Compose is Not as Easy as it Looks? (For Real)

Jetpack Compose is tough and Irritating.

We are getting closer to our alpha release, so get yourself ready to our next Invite Competition…

How to build a generic paging source for Jetpack Paging?

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store


Pentester | CTF Player

More from Medium

Android Pentesting-Setting up lab

Introduction to Spring Boot Related Vulnerabilities

PortSwigger Lab: Exploiting XXE via image file upload | WalkThrough

Mobile Static Analysis using Scrounger Framework