const alwaysTrueHook = (name, address) => {
  Interceptor.attach(address, {
    onLeave: function (retval) {
      if (retval != 0x1) {
        console.log(`[~] ${name} failed, patching... [${retval} -> 0x1]`);
        retval.replace(0x1);
      } else {
        console.log(`[i] ${name} successful, no patch needed.`);
      }
    }
  });
}

const attachHook = (name, lib, pattern, detour) => {
  var Module = Process.findModuleByName(lib);
  Memory.scan(Module.base, Module.size, pattern, {
    onMatch: function (address, size) {
      console.log(`[+] Found ${name} @ ${address.toString()}`);
      detour(name, address);
    },
    onError: function (reason) {
      console.log('[!] There was an error scanning memory');
      console.log(reason);
    },
    onComplete: function () {
      console.log('[+] Hooked ssl_crypto_x509_session_verify_cert_chain');
    }
  });
}

attachHook("ssl_crypto_x509_session_verify_cert_chain", "libflutter.so", pattern, alwaysTrueHook);

frida -U app.package.name -l script.js --no-pause

Pattern ff 03 05 d1 fd 7b 0f a9 bc confirmed working for arm64-v8a libflutter.so with SHA256sum: 9c90256ba688373bca136e66f04ef0bd92397198ba345a9c1d70597ba0392cda c0b5b384564685d288a6b8f5c41c62fb63b3093d4781ed7fc82551bad19dbbe5 20e184e903933f36faad6d3d89c23475cb2045dd54443bd61f5f5ccbe0229385

(may work even if hash doesn't match)

Unconfirmed pattern 2d e9 f0 47 98 46 91 may work for armeabi-v7a libflutter.so with SHA256sum 451914d3a048681a9e33e34243d8cc10529a68ac99044a7967d0b48b6f0c4be4

Unconfirmed pattern 55 41 57 41 56 41 55 41 54 53 48 81 ec f8 00 00 00 c6 may work for x86-64 libflutter.so with SHA256sum f9d6be43974b5540d1d1c0b0515f9e21b950f2fefc5debd6aa03c437d5ad6356