Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Connection terminated

See original GitHub issue

Hello!

Im currently trying to SSL pin the app called “Zalando” - Whenever I do run

frida --no-pause -U -l intercepter.js -f "de.zalando.mobile"

it seems like the app crashes and here is the logs:

frida --no-pause -U -l intercepter.js -f "de.zalando.mobile"
     ____
    / _  |   Frida 15.1.3 - A world-class dynamic instrumentation toolkit
   | (_| |
    > _  |   Commands:
   /_/ |_|       help      -> Displays the help system
   . . . .       object?   -> Display information about 'object'
   . . . .       exit/quit -> Exit
   . . . .
   . . . .   More info at https://frida.re/docs/home/
Spawning `de.zalando.mobile`...
Unpinning setup cmopleted
---
Spawned `de.zalando.mobile`. Resuming main thread!
[SM G965N::de.zalando.mobile]-> ---
Unpinning Android app...
[+] HttpsURLConnection (setDefaultHostnameVerifier)
[+] HttpsURLConnection (setSSLSocketFactory)
[+] HttpsURLConnection (setHostnameVerifier)
[+] SSLContext
[+] TrustManagerImpl
[+] OkHTTPv3 (list)
[ ] OkHTTPv3 (cert)
[+] OkHTTPv3 (cert array)
[+] OkHTTPv3 ($okhttp)
[ ] Trustkit OkHostnameVerifier(SSLSession)
[ ] Trustkit OkHostnameVerifier(cert)
[ ] Trustkit PinningTrustManager
[ ] Appcelerator PinningTrustManager
[+] OpenSSLSocketImpl Conscrypt
[ ] OpenSSLEngineSocketImpl Conscrypt
[ ] OpenSSLSocketImpl Apache Harmony
[ ] PhoneGap sslCertificateChecker
[ ] IBM MobileFirst pinTrustedCertificatePublicKey (string)
[ ] IBM MobileFirst pinTrustedCertificatePublicKey (string array)
[ ] IBM WorkLight HostNameVerifierWithCertificatePinning (SSLSocket)
[ ] IBM WorkLight HostNameVerifierWithCertificatePinning (cert)
[ ] IBM WorkLight HostNameVerifierWithCertificatePinning (string string)
[ ] IBM WorkLight HostNameVerifierWithCertificatePinning (SSLSession)
[+] Conscrypt CertPinManager
[ ] CWAC-Netsecurity CertPinManager
[ ] Worklight Androidgap WLCertificatePinningPlugin
[ ] Netty FingerprintTrustManagerFactory
[ ] Squareup CertificatePinner (cert)
[ ] Squareup CertificatePinner (list)
[ ] Squareup OkHostnameVerifier (cert)
[ ] Squareup OkHostnameVerifier (SSLSession)
[+] Android WebViewClient (SslErrorHandler)
[ ] Android WebViewClient (WebResourceError)
[ ] Apache Cordova WebViewClient
[ ] Boye AbstractVerifier
  --> Bypassing Trustmanager (Android < 7) request
  --> Bypassing Trustmanager (Android < 7) request
  --> Bypassing Trustmanager (Android < 7) request
  --> Bypassing Trustmanager (Android < 7) request
  --> Bypassing Trustmanager (Android < 7) request
  --> Bypassing Trustmanager (Android < 7) request
  --> Bypassing Trustmanager (Android < 7) request
  --> Bypassing OpenSSLSocketImpl Conscrypt
  --> Bypassing OkHTTPv3 ($okhttp): www.zalando.de
  --> Bypassing OpenSSLSocketImpl Conscrypt
  --> Bypassing OkHTTPv3 ($okhttp): www.zalando.se
  --> Bypassing TrustManagerImpl checkTrusted
Connection terminated
[SM G965N::de.zalando.mobile]->

Thank you for using Frida!```

image

Is there anything I can add on please let me know 😃

Issue Analytics

  • State:open
  • Created 2 years ago
  • Comments:7 (3 by maintainers)

github_iconTop GitHub Comments

1reaction
TheShootercommented, Nov 27, 2021

I think it’s a problem related to emulator detection, anti-root or anti-debugging methods in the previous apps you mentioned,however various techniques could be used in apps in order to make it harder to examine.

1reaction
pimterrycommented, Nov 15, 2021

Assuming you have ADB set up (which you probably do, because you usually need it to set up Frida) then you need to:

  • Run adb logcat -T1 > logs.txt.
    • That command streams all logging while it’s running into that logs.txt file.
    • This will keep running until you press ctrl-c to stop it
  • With that command running, reproduce the issue
  • Then kill the logcat command
  • Then post the logfile here

You should avoid doing anything else especially private on the Android device at the same time, since logcat can capture all sorts of private data. You can skim through the output there to check it before posting if you’re concerned.

Does that make sense?

Read more comments on GitHub >

github_iconTop Results From Across the Web

Connection terminated : r/fivenightsatfreddys
Connection terminated. I'm sorry to interrupt you Elizabeth, if you still even remember that name. But I'm afraid you've been misinformed.
Read more >
Henry's Speech / Connection Terminated
Henry's Speech, also known as Connection Terminated is a copypasta taken from the ending of the sixth installment of the Five Nights At ......
Read more >
ok copypasta time | Fandom - Juke's Towers of Hell Wiki
Connection terminated. I'm sorry to interrupt you, Elizabeth, if you still even remember that name, But I'm afraid you've been misinformed.
Read more >
Connection Terminated - Song
Listen to Connection Terminated on Spotify. MYownSECRETS · Song · 2020.
Read more >
Connection Terminated Ringtones - Free By Zedge™
Search free connection terminated Ringtones on Zedge and personalize your phone to suit you. Start your search now and free your phone.
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Bypassing com.android.okhttp.internal.io.RealConnection->connectTls (automatic exception patch)

Next page

Error: VM::AttachCurrentThread failed: -1