Certificate Pinning Bypass iOS

SSL Unpinning


  • Objection & Frida I already had some
  • javascript code

how the script works

  • it hooks SecTrustEvaluate function which evaluates the trust manager object and check the rule from object and check the certificate against the rule. If it is value it return 0 .

  • Here is how SecTrustEvaluate function

    OSStatus SecTrustEvaluate(SecTrustRef trust, SecTrustResultType *result);
  • the script hook the function and edit return to 0.

frida -U -l sslKill.js Gadget