获取证书链
解析证书链
对证书链进行校验
解析extension,获取设备的状态
Attest version: Keymaster version 4.1
Attest security: StrongBox
Verified boot Key: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= (base64)
Device locked: false
Verified boot state: Unverified
//Hash for boot
//Hashtree metadata for system
//Hashtree metadata for vendor
Verified boot hash: nDqAWissOCsw+aWEm7cEcAkCvQngEE+ypQ75UWakxt4= (base64)
绕过手段
1.可以通过hook java层代码
2.写一个magisk插件https://github.com/doom-man/bypasskeyattestation
准备证书
注入目标进程
替换证书链
结语
看雪ID:pareto
https://bbs.kanxue.com/user-home-790193.htm
#
原文始发于微信公众号(看雪学苑):Key Attestation 密钥认证流程和绕过思路
- 左青龙
- 微信扫一扫
- 右白虎
- 微信扫一扫
评论