Objection Tutorial

📌What is Objection?

• Objection is a runtime mobile application exploration framework powered by Frida, designed to help security researchers and pentesters analyze and modify the behavior of iOS and Android applications.

• It allows you to interact with a mobile app during runtime without needing to modify the app's source code or recompile it.

📍Key Features of Objection

1. Bypass SSL Pinning

2. Dumping Data (e.g., dump databases, shared preferences)

3. Hooking and Modifying App Behavior

4. Exploit Discovery

5. Runtime Analysis

📍Installation

pip3 install objection

📍Connection

1. Make a regular ADB connection and start the Frida server on the device

2. Start Objection:

   objection --gadget <app_package_name> explore

📍Basic Actions

1. Environment: Some interesting information (like passwords or paths) could be found inside the environment.

   env

2. Import frida script

   import <local path frida-script>

3. Bypass SSL Pinning

   android sslpinning disable

4. Root detection

   android root disable  #Attempts to disable root detection on Android devices.
   android root simulate #Attempts to simulate a rooted Android environment.

5. Static analysis made Dynamic

   • List activities, receivers, and services

     android hooking list activities
     android hooking list services
     android hooking list receivers

   • Getting the current activity

     android hooking get current_activity

   • List all classes in our app

     android hooking search classes packageName

   • Search Methods of a class

     android hooking search methods packageName ClassName

   • List declared Methods of a class with their parameters

     android hooking list class_methods packageName.ClassName

   • Hooking (watching) a method

     android hooking watch class_method packageName.methodName --dump-args --dump-backtrace --dump-return

   • Hooking (watching) an entire class

     android hooking watch class packageName.MainActivity --dump-args --dump-return

   • Changing boolean return value of a function

     android hooking set return_value packageName.funcName true

   • List all modules

     memory list modules

   • List exports that exist in the module

     memory list exports moduleName

📍When to Use Objection Instead of Frida?

• Ease of Use:

  • Objection is more user-friendly, offering ready-to-use commands for common tasks like SSL pinning bypass and dumping data.

  • Frida is more flexible but requires custom scripts and a deeper understanding for detailed control.

• Pre-built Functions:

  • Objection includes pre-built functions for common tasks (e.g., dumping keychain data, bypassing SSL pinning).

  • Frida requires custom scripting for similar tasks.

• Exploratory Tasks:

  • Use Objection for quick exploration and testing of common mobile security issues.

• Advanced Customization:

  • Use Frida for advanced analysis and building custom instrumentation scripts for specific attacks.

---