Instragram has changed their implementation. While libliger.so is included in the APK, it does not seem to be called in the process of SSL certificate verification. On the otherhand, libliger-common_1.so is called, however, the function "_ZN8proxygen15SSLVerification17verifyWithMetricsEbP17x509_store_ctx_stRKNSt6__ndk112basic_stringIcNS3_11char_traitsIcEENS3_9allocatorIcEEEEPNS0_31SSLFailureVerificationCallbacksEPNS0_31SSLSuccessVerificationCallbacksERKNS_15TimeUtilGenericINS3_6chrono12steady_clockEEERNS_10TraceEventE" is not exported.
Tracing the socket close calls (as a result of failing cert verification), we can see that they are coming from libmobilenetworkstack.so:
4036 ms addr=10.0.2.16:42896, lr=0x6fb1e9393c, /data/data/com.instagram.android/lib-compressed/libmobilenetworkstack.so
Method
Frida
App info
Version: instagram-v288.1.0.22.66
Arch: arm64-v8a
Device info
Model: Android Studio Emulator
Android Version: 13
Proxy tool
mitmproxy: v8.1.1
Logs
Frida log:
[][] Waiting for libliger...
[][+] Hooked checkTrustedRecursive
[][+] Hooked SSLContextInit
Additional context
Add any other context about the problem here.
Describe the bug
Instragram has changed their implementation. While libliger.so is included in the APK, it does not seem to be called in the process of SSL certificate verification. On the otherhand, libliger-common_1.so is called, however, the function "_ZN8proxygen15SSLVerification17verifyWithMetricsEbP17x509_store_ctx_stRKNSt6__ndk112basic_stringIcNS3_11char_traitsIcEENS3_9allocatorIcEEEEPNS0_31SSLFailureVerificationCallbacksEPNS0_31SSLSuccessVerificationCallbacksERKNS_15TimeUtilGenericINS3_6chrono12steady_clockEEERNS_10TraceEventE" is not exported.
Tracing the socket close calls (as a result of failing cert verification), we can see that they are coming from libmobilenetworkstack.so:
4036 ms addr=10.0.2.16:42896, lr=0x6fb1e9393c, /data/data/com.instagram.android/lib-compressed/libmobilenetworkstack.so
Method
Frida
App info
Device info
Proxy tool mitmproxy: v8.1.1
Logs Frida log:
[][] Waiting for libliger... [][+] Hooked checkTrustedRecursive [][+] Hooked SSLContextInit
Additional context Add any other context about the problem here.