Add the --quiet flag for the Android SSLpinning disable job.

sensepost · Oct 22, 2017 · aa85166 · aa85166
1 parent 8fba5d3
commit aa85166
Show file tree

Hide file tree

Showing 3 changed files with 30 additions and 4 deletions.
diff --git a/objection/commands/android/pinning.py b/objection/commands/android/pinning.py
@@ -2,6 +2,18 @@
 from objection.utils.templates import android_hook
 
 
+def _should_be_quiet(args: list) -> bool:
+    """
+        Checks if --quiet is part of the
+        commands arguments.
+
+        :param args:
+        :return:
+    """
+
+    return '--quiet' in args
+
+
 def android_disable(args: list = None) -> None:
     """
         Starts a new objection job that hooks common classes and functions,
@@ -13,5 +25,6 @@ def android_disable(args: list = None) -> None:
 
     hook = android_hook('pinning/disable')
 
-    runner = FridaRunner(hook=hook)
+    runner = FridaRunner()
+    runner.set_hook_with_data(hook=hook, quiet=_should_be_quiet(args))
     runner.run_as_job(name='pinning-disable')
diff --git a/objection/console/commands.py b/objection/console/commands.py
@@ -355,6 +355,7 @@
                 'commands': {
                     'disable': {
                         'meta': 'Attempt to disable SSL pinning in various Java libraries/classes',
+                        'flags': ['--quiet'],
                         'exec': android_pinning.android_disable
                     }
                 }

diff --git a/objection/hooks/android/pinning/disable.js b/objection/hooks/android/pinning/disable.js
@@ -5,6 +5,18 @@
 
 var X509TrustManager = Java.use('javax.net.ssl.X509TrustManager');
 var SSLContext = Java.use('javax.net.ssl.SSLContext');
+var quiet_output = ('{{ quiet }}'.toLowerCase() == 'true')
+
+// Helper method to honor the quiet flag.
+function quiet_send(data) {
+
+    if (quiet_output) {
+
+        return;
+    }
+
+    send(data)
+}
 
 // Implement a new TrustManager
 // ref: https://gist.github.com/oleavr/3ca67a173ff7d207c6b8c3b0ca65a9d8
@@ -39,7 +51,7 @@ var SSLContext_init = SSLContext.init.overload(
 // Override the init method, specifying our new TrustManager
 SSLContext_init.implementation = function (keyManager, trustManager, secureRandom) {
 
-    send({
+    quiet_send({
         status: 'success',
         error_reason: NaN,
         type: 'android-ssl-pinning-bypass',
@@ -66,7 +78,7 @@ try {
 
     CertificatePinner.check.overload('java.lang.String', 'java.util.List').implementation = function () {
 
-        send({
+        quiet_send({
             status: 'success',
             error_reason: NaN,
             type: 'android-ssl-pinning-bypass',
@@ -101,7 +113,7 @@ try {
 
     PinningTrustManager.checkServerTrusted.implementation = function () {
 
-        send({
+        quiet_send({
             status: 'success',
             error_reason: NaN,
             type: 'android-ssl-pinning-bypass',