Flutter
Reflutter
- Install Reflutter
pip3 install reflutter
- Reflutter the app with your local proxy IP
reflutter main.apk
- Set burp mode to invisible proxying, check documentation
Sign the app
java -jar uber-apk-signer.jar --allowResign -a release.RE.apk
- Install the APK
adb install release.RE-aligned-debugSigned.apk
NVISO
- https://blog.nviso.eu/2022/08/18/intercept-flutter-traffic-on-ios-and-android-http-https-dio-pinning/
- https://github.com/NVISOsecurity/disable-flutter-tls-verification
frida -U -f your.package.name -l disable-flutter-tls.js --no-pause
# or Frida codeshare
frida -U --codeshare TheDauntless/disable-flutter-tls-v1 -f YOUR_BINARY