Bypassing Android FLAG_SECURE using FRIDA

Since Android 5 via MediaProjection API, Android allows screen capturing and screen sharing using third party applications. I won’t be going in detail of how this API work and what are its various security implications.  This article by Nightwatch Cybersecurity summarizes it very succinctly.

The important point to keep in mind is, to protect sensitive applications from screen capturing and sharing is to set FLAG_SECURE flag for that respective screen.

Recently I came across an Android application using this very  FLAG_SECURE flag to prevent from screen capturing or sharing. I wrote a simple FRIDA script to bypass this check and it is very straightforward.  The script I used is below:

There is an XPosed module as well which performs exactly same thing.

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s