Skip to content

hackcatml/frida-flutterproxy

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
script.js
script.js
 
 

Repository files navigation

frida-flutterproxy

A Frida script for intercepting traffic on Android, iOS Flutter applications (arm64, x86_64)
Tested on a few flutter apps (e.g., Google Ads, Naver Blog, Naver Knowledge iN, 삼쩜삼, BMW, Nubank(Android), Universal Studios hollywood, Demaecan(Android), Alibaba.com)
What does this script do? memory scan and hook some functions. check my blog post!

Usage

You don't need to configure iptables for Android or OpenVPN for iOS. Just follow the steps below.

1. Set up burp invisible proxy on the host machine

image

2. Specifiy burp ip and port on the script
At the very end of the script.js, specifiy BURP_PROXY_IP and BURP_PROXY_PORT

image

3. Attach
frida -Uf <package name> -l script.js

Screen Recording 2024-05-18 at 9 51 25 PM

Contact

Credits

reflutter
NVISO blog post 1
NVISO blog post 2

About

Burp proxy flutter apps

Topics

android ios reverse-engineering flutter frida burpsuite

Resources

Readme

License

MIT license
Activity

Stars

59 stars

Watchers

4 watching

Forks

12 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages