sslbaqer 0.0.1__tar.gz

sslbaqer-0.0.1/PKG-INFO

@@ -0,0 +1,37 @@
+Metadata-Version: 2.4
+Name: sslbaqer
+Version: 0.0.1
+Summary: A Python library for SSL bypass techniques in Flutter applications.
+Home-page: https://github.com/b_1qr/sslbaqer
+Author: b_1qr
+Author-email: b_1qr@example.com
+Classifier: Programming Language :: Python :: 3
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Operating System :: OS Independent
+Requires-Python: >=3.6
+Description-Content-Type: text/markdown
+Requires-Dist: r2pipe
+Requires-Dist: frida
+Dynamic: author
+Dynamic: author-email
+Dynamic: classifier
+Dynamic: description
+Dynamic: description-content-type
+Dynamic: home-page
+Dynamic: requires-dist
+Dynamic: requires-python
+Dynamic: summary
+
+# sslbaqer
+
+A Python library for SSL bypass techniques in Flutter applications.
+
+## Modules:
+
+*   `libflutter`: Implements SSL bypass using `radare2` for static patching of `libflutter.so`.
+*   `fridapybass`: Implements SSL bypass using `Frida` for dynamic runtime injection.
+
+## Contact:
+
+*   Telegram: t.me/b_4qr
+*   Instagram: instagram.com/b_4qr

sslbaqer-0.0.1/README.md

@@ -0,0 +1,13 @@
+# sslbaqer
+
+A Python library for SSL bypass techniques in Flutter applications.
+
+## Modules:
+
+*   `libflutter`: Implements SSL bypass using `radare2` for static patching of `libflutter.so`.
+*   `fridapybass`: Implements SSL bypass using `Frida` for dynamic runtime injection.
+
+## Contact:
+
+*   Telegram: t.me/b_4qr
+*   Instagram: instagram.com/b_4qr

sslbaqer-0.0.1/setup.cfg

@@ -0,0 +1,4 @@
+[egg_info]
+tag_build = 
+tag_date = 0
+

sslbaqer-0.0.1/setup.py

@@ -0,0 +1,23 @@
+from setuptools import setup, find_packages
+
+setup(
+    name='sslbaqer',
+    version='0.0.1',
+    packages=find_packages(),
+    install_requires=[
+        'r2pipe',
+        'frida',
+    ],
+    author='b_1qr',
+    author_email='b_1qr@example.com', # Placeholder email
+    description='A Python library for SSL bypass techniques in Flutter applications.',
+    long_description=open('README.md').read(),
+    long_description_content_type='text/markdown',
+    url='https://github.com/b_1qr/sslbaqer', # Placeholder URL
+    classifiers=[
+        'Programming Language :: Python :: 3',
+        'License :: OSI Approved :: MIT License',
+        'Operating System :: OS Independent',
+    ],
+    python_requires='>=3.6',
+)

sslbaqer-0.0.1/sslbaqer/fridapybass.py

@@ -0,0 +1,88 @@
+import frida
+import sys
+
+def on_message(message, data):
+    print(f"[+] Message: {message}, Data: {data}")
+
+def bypass_ssl_frida(process_name):
+    try:
+        device = frida.get_usb_device(timeout=10)
+        pid = device.spawn([process_name])
+        device.resume(pid)
+        session = device.attach(pid)
+
+        script = session.create_script("""
+            Interceptor.attach(Module.findExportByName(\'libflutter.so\', \'ssl_verify_peer_cert\'), {
+                onEnter: function (args) {
+                    // You can inspect arguments here if needed
+                    // console.log(\'ssl_verify_peer_cert called\');
+                },
+                onLeave: function (retval) {
+                    // Force return value to 0 (true for success in many C/C++ contexts)
+                    // This effectively bypasses the SSL certificate verification.
+                    retval.replace(0);
+                    console.log(\'ssl_verify_peer_cert bypassed!\');
+                }
+            });
+
+            // Alternative approach: Hooking a more generic SSL_CTX_set_verify or similar
+            // This might require more research into the specific SSL library Flutter uses (BoringSSL usually)
+            // Example for OpenSSL (might need adaptation for BoringSSL):
+            /*
+            var SSL_CTX_set_verify = Module.findExportByName(null, \'SSL_CTX_set_verify\');
+            if (SSL_CTX_set_verify) {
+                Interceptor.attach(SSL_CTX_set_verify, {
+                    onEnter: function (args) {
+                        // Set verify_mode to SSL_VERIFY_NONE (0)
+                        args[1] = ptr(0);
+                        // Set verify_callback to NULL
+                        args[2] = ptr(0);
+                        console.log(\'SSL_CTX_set_verify hooked and disabled verification!\');
+                    }
+                });
+            }
+            */
+
+            // Another common target for Android apps using OkHttp/TrustManager
+            // This would be for Java/Kotlin code, not directly libflutter.so
+            /*
+            Java.perform(function () {
+                var X509TrustManager = Java.use(\'javax.net.ssl.X509TrustManager\');
+                var TrustManagerImpl = Java.use(\'com.android.org.conscrypt.TrustManagerImpl\');
+
+                var CertificateFactory = Java.use(\'java.security.cert.CertificateFactory\');
+                var ByteArrayInputStream = Java.use(\'java.io.ByteArrayInputStream\');
+
+                var certFactory = CertificateFactory.getInstance(\'X.509\');
+                var bais = ByteArrayInputStream.$new(Java.array(\'byte\', [])); // Empty array for no certs
+                var emptyCerts = certFactory.generateCertificates(bais);
+
+                X509TrustManager.checkServerTrusted.implementation = function (chain, authType) {
+                    console.log(\'Bypassing checkServerTrusted for X509TrustManager\');
+                };
+
+                TrustManagerImpl.checkTrusted.implementation = function (chain, authType, session) {
+                    console.log(\'Bypassing checkTrusted for TrustManagerImpl\');
+                    return Java.array(\'java.security.cert.X509Certificate\', emptyCerts);
+                };
+            });
+            */
+
+        """)
+        script.on(\'message\', on_message)
+        script.load()
+        print(f"[+] Successfully injected script into {process_name}. Press Ctrl+D to detach.\n")
+        sys.stdin.read()
+        session.detach()
+    except Exception as e:
+        print(f"[!] Error: {e}")
+        print("[!] Ensure Frida server is running on the target device and the app is installed.")
+        print("[!] You might need to run \'frida-server\' on your Android device (root required).")
+        print("[!] For non-rooted devices, you can inject Frida into a debuggable app.\n")
+
+if __name__ == \'__main__\':
+    if len(sys.argv) != 2:
+        print(f"Usage: python {sys.argv[0]} <package_name_or_process_name>")
+        sys.exit(1)
+    process_name = sys.argv[1]
+    bypass_ssl_frida(process_name)

sslbaqer-0.0.1/sslbaqer/libflutter.py

@@ -0,0 +1,124 @@
+import sys
+import os
+import platform
+import subprocess
+import tempfile
+import urllib.request
+import zipfile
+import shutil
+import r2pipe
+
+def is_radare2_installed():
+    try:
+        subprocess.run(["r2", "-v"], capture_output=True, check=True)
+        return True
+    except:
+        return False
+
+def get_system_type():
+    system = platform.system().lower()
+    if os.path.exists("/data/data/com.termux"):
+        return "termux"
+    elif system == "linux":
+        return "linux"
+    elif system == "darwin":
+        return "macos"
+    elif system == "windows":
+        return "windows"
+    return "linux"
+
+def install_radare2():
+    print("[*] Installing radare2 ...")
+    sys_type = get_system_type()
+    try:
+        if sys_type == "termux":
+            subprocess.run(["pkg", "update", "-y"], check=True)
+            subprocess.run(["pkg", "install", "radare2", "-y"], check=True)
+        elif sys_type == "linux":
+            subprocess.run(["sudo", "apt", "update"], check=True)
+            subprocess.run(["sudo", "apt", "install", "radare2", "-y"], check=True)
+        elif sys_type == "macos":
+            subprocess.run(["brew", "install", "radare2"], check=True)
+        elif sys_type == "windows":
+            print("[*] Windows: Downloading radare2 ...")
+            url = "https://github.com/radareorg/radare2/releases/download/5.9.0/radare2-5.9.0-w64.zip"
+            with tempfile.TemporaryDirectory() as tmp:
+                zip_path = os.path.join(tmp, "r2.zip")
+                urllib.request.urlretrieve(url, zip_path)
+                with zipfile.ZipFile(zip_path, 'r') as zf:
+                    zf.extractall("C:\\radare2")
+                os.environ["PATH"] += os.pathsep + "C:\\radare2\\bin"
+        return is_radare2_installed()
+    except Exception as e:
+        print(f"[!] Installation failed: {e}")
+        return False
+
+patterns = {
+    "arm64": [
+        "F. 0F 1C F8 F. 5. 01 A9 F. 5. 02 A9 F. .. 03 A9 .. .. .. .. 68 1A 40 F9",
+        "F. 43 01 D1 FE 67 01 A9 F8 5F 02 A9 F6 57 03 A9 F4 4F 04 A9 13 00 40 F9 F4 03 00 AA 68 1A 40 F9",
+    ],
+    "arm": [
+        "2D E9 F. 4. D0 F8 00 80 81 46 D8 F8 18 00 D0 F8",
+    ],
+    "x86": [
+        "55 41 57 41 56 41 55 41 54 53",
+    ],
+}
+
+def find_ssl_verify_offset(r2):
+    info = r2.cmdj("iaj")
+    arch = info["bins"][0]["arch"]
+    bits = info["bins"][0]["bits"]
+    if arch == "arm" and bits == 64:
+        arch = "arm64"
+    elif arch == "arm" and bits == 32:
+        arch = "arm"
+    elif arch == "x86" and bits == 64:
+        arch = "x86"
+    else:
+        print(f"[!] Unsupported architecture: {arch} {bits}")
+        return None
+    print(f"[+] Architecture: {arch}")
+    for pattern in patterns.get(arch, []):
+        res = r2.cmd(f"/x {pattern}").strip()
+        if res:
+            offset = res.split()[0]
+            print(f"[+] Found ssl_verify_peer_cert at {offset}")
+            return offset
+    return None
+
+def patch_libflutter(file_path):
+    if not os.path.exists(file_path):
+        print(f"[!] File not found: {file_path}")
+        return False
+    print(f"[*] Patching: {file_path}")
+    if not is_radare2_installed():
+        if not install_radare2():
+            print("[!] Failed to install radare2")
+            return False
+    try:
+        import r2pipe
+    except:
+        print("[*] Installing r2pipe ...")
+        subprocess.run([sys.executable, "-m", "pip", "install", "r2pipe"], check=True)
+        import r2pipe
+    r2 = r2pipe.open(file_path, flags=["-w", "-e", "log.quiet=true"])
+    r2.cmd("aac")
+    print("[*] Searching for ssl_verify_peer_cert ...")
+    offset = find_ssl_verify_offset(r2)
+    if offset:
+        r2.cmd(f"wao ret0 @ {offset}")
+        print("[+] SSL Pinning disabled successfully!")
+        r2.quit()
+        return True
+    else:
+        print("[!] Pattern not found")
+        r2.quit()
+        return False
+
+if __name__ == "__main__":
+    if len(sys.argv) != 2:
+        print(f"Usage:\n  python {sys.argv[0]} <path/to/libflutter.so>")
+        sys.exit(1)
+    patch_libflutter(sys.argv[1])

sslbaqer-0.0.1/sslbaqer.egg-info/PKG-INFO

@@ -0,0 +1,37 @@
+Metadata-Version: 2.4
+Name: sslbaqer
+Version: 0.0.1
+Summary: A Python library for SSL bypass techniques in Flutter applications.
+Home-page: https://github.com/b_1qr/sslbaqer
+Author: b_1qr
+Author-email: b_1qr@example.com
+Classifier: Programming Language :: Python :: 3
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Operating System :: OS Independent
+Requires-Python: >=3.6
+Description-Content-Type: text/markdown
+Requires-Dist: r2pipe
+Requires-Dist: frida
+Dynamic: author
+Dynamic: author-email
+Dynamic: classifier
+Dynamic: description
+Dynamic: description-content-type
+Dynamic: home-page
+Dynamic: requires-dist
+Dynamic: requires-python
+Dynamic: summary
+
+# sslbaqer
+
+A Python library for SSL bypass techniques in Flutter applications.
+
+## Modules:
+
+*   `libflutter`: Implements SSL bypass using `radare2` for static patching of `libflutter.so`.
+*   `fridapybass`: Implements SSL bypass using `Frida` for dynamic runtime injection.
+
+## Contact:
+
+*   Telegram: t.me/b_4qr
+*   Instagram: instagram.com/b_4qr

sslbaqer-0.0.1/sslbaqer.egg-info/SOURCES.txt

@@ -0,0 +1,10 @@
+README.md
+setup.py
+sslbaqer/__init__.py
+sslbaqer/fridapybass.py
+sslbaqer/libflutter.py
+sslbaqer.egg-info/PKG-INFO
+sslbaqer.egg-info/SOURCES.txt
+sslbaqer.egg-info/dependency_links.txt
+sslbaqer.egg-info/requires.txt
+sslbaqer.egg-info/top_level.txt

sslbaqer-0.0.1/sslbaqer.egg-info/dependency_links.txt

@@ -0,0 +1 @@
+

sslbaqer-0.0.1/sslbaqer.egg-info/requires.txt

@@ -0,0 +1,2 @@
+r2pipe
+frida

sslbaqer-0.0.1/sslbaqer.egg-info/top_level.txt

@@ -0,0 +1 @@
+sslbaqer