objection v1.7.4 released: runtime mobile exploration

objection Runtime Mobile Exploration

introduction – objection Runtime Mobile Exploration

objection is a runtime mobile exploration toolkit, powered by Frida. It was built with the aim of helping assess mobile applications and their security posture without the need for a jailbroken or rooted mobile device.

The project’s name quite literally explains the approach as well, whereby runtime specific objects are injected into a running process and executed using Frida.

Note This is not some form of jailbreak/root bypass. By using objection, you are still limited by all of the restrictions imposed by the applicable sandbox you are facing.

features – objection Runtime Mobile Exploration

Supporting both iOS and Android and having new features and improvements added regularly as the tool is used in real-world scenarios, the following is a short list of only a few key features:

For all supported platforms, objection allows you to:

  • Patch iOS and Android applications, embedding a Frida gadget that can be used with objection or just Frida itself.
  • Interact with the filesystem, listing entries as well as upload & download files where permitted.
  • Perform various memory-related tasks, such as listing loaded modules and their respective exports.
  • Attempt to bypass and simulate jailbroken or rooted environments.
  • Discover loaded classes and list their respective methods.
  • Perform common SSL pinning bypasses.
  • Dynamically dump arguments from methods called as you use the target application.
  • Interact with SQLite databases inline without the need to download the targeted database and use an external tool.
  • Execute custom Frida scripts.

iOS-specific features in objection include the ability to:

  • Dump the iOS keychain, and export it to a file.
  • Dump data from common storage such as NSUserDefaults and the shared NSHTTPCookieStorage.
  • Dump various formats of information in human-readable forms.
  • Bypass certain forms of TouchID restrictions.
  • Watch for method executions by targeting all methods in a class, or just a single method.
  • Monitor the iOS pasteboard.
  • Dump encoded .plist files in a human-readable format without relying on external parsers.

Android specific features in objection include the ability to:

  • List the applications Activities, Services, and Broadcast Receivers.
  • Start arbitrary Activities available in the target application.
  • Watch a class method, reporting execution as it happens.

Changelog v1.7.4


  • Change the iOS patcher shorthand flag used when specifying a provisioning profile to an upper case P. Lower case was conflicting with the –pause / -p flag.

Install && Use

Copyright (C) 2018 sensepost

Source: https://github.com/sensepost/

Anastasis Vasileiadis

PC Technical || Penetration Tester || Ethical Hacker || Cyber Security Expert || Cyber Security Analyst || Information Security Researcher || Malware analyst || Malware Investigator || Reverse Engineering

SC ProDefence SRL - Cyber Security Services