search

Eltion / Instagram-SSL-Pinning-Bypass

Bypass Instagram SSL pinning on Android devices.
GNU General Public License v3.0
411 stars 84 forks source link

[BUG] Cannot find libliger.so #45

Open overage-waif-cocoon opened 1 year ago

overage-waif-cocoon commented 1 year ago

Describe the bug

Instragram has changed their implementation. While libliger.so is included in the APK, it does not seem to be called in the process of SSL certificate verification. On the otherhand, libliger-common_1.so is called, however, the function "_ZN8proxygen15SSLVerification17verifyWithMetricsEbP17x509_store_ctx_stRKNSt6__ndk112basic_stringIcNS3_11char_traitsIcEENS3_9allocatorIcEEEEPNS0_31SSLFailureVerificationCallbacksEPNS0_31SSLSuccessVerificationCallbacksERKNS_15TimeUtilGenericINS3_6chrono12steady_clockEEERNS_10TraceEventE" is not exported.

Tracing the socket close calls (as a result of failing cert verification), we can see that they are coming from libmobilenetworkstack.so:

4036 ms addr=10.0.2.16:42896, lr=0x6fb1e9393c, /data/data/com.instagram.android/lib-compressed/libmobilenetworkstack.so

Method
Frida

App info

Device info

Proxy tool mitmproxy: v8.1.1

Logs Frida log:

[][] Waiting for libliger... [][+] Hooked checkTrustedRecursive [][+] Hooked SSLContextInit

Additional context Add any other context about the problem here.

nikitastasik commented 1 year ago

@overage-waif-cocoon were you able to solve the problem?