Exaphis
commented
6 years ago @mustafahafidi I personally just used an older Android device.
Closed mystaroll closed 6 years ago
Exaphis
commented
6 years ago @mustafahafidi I personally just used an older Android device.
bburghall
commented
6 years ago would anybody be so kind as to share a bearer token? it's not a risk or anything is it.
mystaroll
commented
6 years ago @Exaphis what android version? you mean you used an older HQ apk version?
bburghall
commented
6 years ago what he means is he uses a phone with android 6.0 or lower, because after marshmallow sniffing ssl traffic has additional complications.
mystaroll
commented
6 years ago Unless he's using any method that doesn't involve root certificate installation (and so which requires a rooted device), I don't think a lower android version can bypass the certificate pinning they're using.
bburghall
commented
6 years ago I had done it in the past with a 7.0 device but I can't for the life of me figure it out now. sigh
mystaroll
commented
6 years ago Solved. Just use an older android version which doesn't implement certificate pinning technique
Hi, how do you get the token despite them using certificate pinning? As far as I know I'd have to decompile the app and repackage it. How did you manage to do this? @Exaphis