Bypassing Android FLAG_SECURE using FRIDA

Since Android 5 via MediaProjection API, Android allows screen capturing and screen sharing using third party applications. I won’t be going in detail of how this API work and what are its various security implications.  This article by Nightwatch Cybersecurity summarizes it very succinctly.

The important point to keep in mind is, to protect sensitive applications from screen capturing and sharing is to set FLAG_SECURE flag for that respective screen.

Recently I came across an Android application using this very  FLAG_SECURE flag to prevent from screen capturing or sharing. I wrote a simple FRIDA script to bypass this check and it is very straightforward.  The script I used is below:

There is an XPosed module as well which performs exactly same thing.