Intercept HTTPS on non-rooted Android devices | HackTheBox - Anchored скачать в хорошем качестве

Intercept HTTPS on non-rooted Android devices | HackTheBox - Anchored

Anchored is an easy difficulty Android mobile challenge from HackTheBox. In this video, we reverse engineer and patch an APK to bypass certificate pinning and be able to intercept application requests on non-rooted devices. === Timestamp === 00:00 - Intro 01:16 - Introducing the challenge 01:33 - Decompiling the APK using APKTool and analyzing the AndroidManifest.xml file 01:57 - Testing the application behavior on rooted and non-rooted devices 02:49 - Set up the environment and try to intercept HTTPS requests 03:15 - Decompiling the APK using bytecode viewer and analyzing the Java source code 04:14 - Documenting about the network_security_config.xml file 05:25 - Patching the APK with the edited network_security_config.xml file 06:04 - Testing the patched APK and intercepting HTTPS traffic 06:30 - Conclusions If you enjoyed the video leave a like and subscribe to my channel! For writeups in text format or other articles related to Ethical Hacking go to my blog: https://maoutis.github.io/ --- Would you like to support my work? Offer me a virtual coffee :) https://www.buymeacoffee.com/0xbro Check out my socials: Twitter:   / 0xbro1   Linkedin:   / mattia-0xbro-brollo-b4129614b   External resources: https://httptoolkit.tech/blog/interce... https://httptoolkit.tech/docs/guides/... https://developer.android.com/trainin... https://lief-project.github.io/doc/la... https://koz.io/using-frida-on-android... Tags: #CertificatePinning #HackTheBox #AndroidHacking #Pinned #SSLUnpinning #AndroidCTF