Comments (19)
Eltion
commented on June 11, 2024
1
@pizzaso
Yes that's all it does. That's really strange problem. I just tested with x86 and frida it's working.
frida-server version : 15.1.22
Unfortunately I can't test for arm.
from instagram-ssl-pinning-bypass.
Eltion
commented on June 11, 2024
Of course. Can you tell me the following?
Which instagram version are you using?
Can you show me the log of the script after running frida?
Which tool are you using to capture the trafic?
Also could you try the patched apk if it's working for you?
from instagram-ssl-pinning-bypass.
pizzaso
commented on June 11, 2024
Thank you for the quick reply,
The app version is 241.1.0.18.114, for frida i'm running the script and the two functions are hooked (i can see the verify one called when opening the app) but the certificate errors are still there, and i've tried using both mitmproxy and burp but to no avail.
I prefer running the gadget instead of the patched apk as the versions change quickly but if i can't solve this i guess there is not other way then.
from instagram-ssl-pinning-bypass.
Eltion
commented on June 11, 2024
Do you see requests to i.instagram.com or no requests at all?
from instagram-ssl-pinning-bypass.
pizzaso
commented on June 11, 2024
No, no requests at all
from instagram-ssl-pinning-bypass.
Eltion
commented on June 11, 2024
@pizzaso
Can you share with me the error from mitmproxy or burp. In mitmproxy you can go to events Shift + E. Or in Brup you can check the log in Dashboard -> Event Logs
from instagram-ssl-pinning-bypass.
pizzaso
commented on June 11, 2024
This is for Burp (certificate unknown):
and mitmproxy:
Rarely do i see an error for i.instagram.com (also saw this error a few times before , and that's when i bumped my java version from 8 to 16 and also tried mitmproxy)
No sure the above is helpful, these domains suggest that they speak MQTT and i know that's not what we are patching for but maybe it could help.
from instagram-ssl-pinning-bypass.
Eltion
commented on June 11, 2024
Yes your correct. Actually we are only patching for the instagram api requests. A lot of the others are patched using the build in android CertificateFactory. To do that you can use https://codeshare.frida.re/@pcipolloni/universal-android-ssl-pinning-bypass-with-frida/. But I would expect that i.instagra.com requests to be captured.
If you may capture one of such request and share the error with me it would help me a lot. Thanks.
from instagram-ssl-pinning-bypass.
pizzaso
commented on June 11, 2024
This is for Burp (after navigating a lot of screens):
this is when i decided to use mitmproxy, for the latter, it just gives a generic "certificate not trusted" error.
from instagram-ssl-pinning-bypass.
Eltion
commented on June 11, 2024
@pizzaso That's interesting. I think this probably is an error with the proxy setup. Can you update to the latest version of Brup?
from instagram-ssl-pinning-bypass.
pizzaso
commented on June 11, 2024
@Eltion Yes ,i am using the up to date version 2022.5.2
from instagram-ssl-pinning-bypass.
Eltion
commented on June 11, 2024
It looks this is a openJDK problem as you mentioned https://bugs.openjdk.org/browse/JDK-8221218. Can you run java --version and check java version.
For me its:
openjdk 17.0.3 2022-04-19 OpenJDK Runtime Environment Temurin-17.0.3+7 (build 17.0.3+7) OpenJDK 64-Bit Server VM Temurin-17.0.3+7 (build 17.0.3+7, mixed mode, sharing)
from instagram-ssl-pinning-bypass.
pizzaso
commented on June 11, 2024
This is the output:
>java -version
openjdk version "16.0.2" 2021-07-20
OpenJDK Runtime Environment Temurin-16.0.2+7 (build 16.0.2+7)
OpenJDK 64-Bit Server VM Temurin-16.0.2+7 (build 16.0.2+7, mixed mode, sharing)I was using java 8 and updated because of the error above to version16 but no luck, I'll try reinstalling Burp maybe it'll help although i have little hope.
from instagram-ssl-pinning-bypass.
Eltion
commented on June 11, 2024
Can you also update Java from here https://adoptium.net/
from instagram-ssl-pinning-bypass.
pizzaso
commented on June 11, 2024
No luck 😥
>java -version
openjdk version "17.0.3" 2022-04-19
OpenJDK Runtime Environment Temurin-17.0.3+7 (build 17.0.3+7)
OpenJDK 64-Bit Server VM Temurin-17.0.3+7 (build 17.0.3+7, mixed mode, sharing)
#Tried to launch the jar directly instead of the windows executable
>java -jar -Xmx4g burpsuite_community_v2022.5.2.jar
Your JRE appears to be version 17.0.3 from Eclipse Adoptium
Burp has not been fully tested on this platform and you may experience problems.
Built new session factoryfrom instagram-ssl-pinning-bypass.
pizzaso
commented on June 11, 2024
The patched apk worked fine but the frida script didn't, not sure what that means 😕 ??
from instagram-ssl-pinning-bypass.
pizzaso
commented on June 11, 2024
At least i know it's not a problem with the certificate or the proxy
from instagram-ssl-pinning-bypass.
pizzaso
commented on June 11, 2024
I just reviewed the script, it's doing the same thing apart that it bundles the frida script and the frida gadget inside the app essentially assuming that you'll work with a non-rooted phone.
I have a rooted phone so it should'nt be a problem for me running the bypass directly, hmm not sure what's happening?
from instagram-ssl-pinning-bypass.
pizzaso
commented on June 11, 2024
Consider this resolved
from instagram-ssl-pinning-bypass.
Related Issues (20)
- [BUG] Does not Work HOT 7
- [QUESTION] it's can work on threads app? HOT 1
- Is gadget injected into threads? HOT 2
- [BUG] Cannot install lief
- [BUG] Cannot find libliger.so HOT 1
- [BUG] Patched apk doesn't open HOT 8
- instagram lite HOT 1
- Facebook Lite?
- Help Needed for capturing traffic
- [BUG] Aborted connection to gateway.instagram.com and some other caused permanent ban HOT 1
- [BUG] HOT 3
- [BUG] java.io.IOException: ObjectIdentifier() -- data isn't an object ID (tag = 48)
- keytool not installed or not in PATH HOT 1
- [BUG] Android 9 pass lasted ins version fail
- [BUG] Bypass is not work after login to account and re-open the app HOT 1
- no response and session terminated error
- Bypass instagram lite HOT 1
- sOLVed
- [BUG] ZAProxy shows no requests logs using Frida SSL bypass script on Instagram v320 HOT 15
- [BUG] Erro when start HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from instagram-ssl-pinning-bypass.