java.lang.ClassNotFoundException: com.android.org.conscrypt.TrustManagerImpl

[anthonycvella]

I've cloned & built the latest code but I seem to be getting ClassNotFoundException's when JustTrustMe attempts to hook. I'm running Android 4.2.2, any suggestions?

I/SSLTrusKiller(30338): Hooking init in javax.net.ssl.SSLContext
I/Xposed  (30338): de.robv.android.xposed.XposedHelpers$ClassNotFoundError: java.lang.ClassNotFoundException: com.android.org.conscrypt.TrustManagerImpl
I/Xposed  (30338):  at de.robv.android.xposed.XposedHelpers.findClass(XposedHelpers.java:52)
I/Xposed  (30338):  at de.robv.android.xposed.XposedHelpers.findAndHookMethod(XposedHelpers.java:136)
I/Xposed  (30338):  at just.trust.me.Main.handleLoadPackage(Main.java:209)
I/Xposed  (30338):  at de.robv.android.xposed.IXposedHookLoadPackage$Wrapper.handleLoadPackage(IXposedHookLoadPackage.java:20)
I/Xposed  (30338):  at de.robv.android.xposed.callbacks.XC_LoadPackage.call(XC_LoadPackage.java:34)
I/Xposed  (30338):  at de.robv.android.xposed.callbacks.XCallback.callAll(XCallback.java:70)
I/Xposed  (30338):  at de.robv.android.xposed.XposedBridge$1.beforeHookedMethod(XposedBridge.java:208)
I/Xposed  (30338):  at de.robv.android.xposed.XposedBridge.handleHookedMethod(XposedBridge.java:611)
I/Xposed  (30338):  at android.app.ActivityThread.handleBindApplication(Native Method)
I/Xposed  (30338):  at android.app.ActivityThread.access$1300(ActivityThread.java:141)
I/Xposed  (30338):  at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1294)
I/Xposed  (30338):  at android.os.Handler.dispatchMessage(Handler.java:99)
I/Xposed  (30338):  at android.os.Looper.loop(Looper.java:137)
I/Xposed  (30338):  at android.app.ActivityThread.main(ActivityThread.java:5041)
I/Xposed  (30338):  at java.lang.reflect.Method.invokeNative(Native Method)
I/Xposed  (30338):  at java.lang.reflect.Method.invoke(Method.java:511)
I/Xposed  (30338):  at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:793)
I/Xposed  (30338):  at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:560)
I/Xposed  (30338):  at de.robv.android.xposed.XposedBridge.main(XposedBridge.java:132)
I/Xposed  (30338):  at de.robv.android.xposed.XposedBridge.main(Native Method)
I/Xposed  (30338):  at dalvik.system.NativeStart.main(Native Method)
I/Xposed  (30338): Caused by: java.lang.ClassNotFoundException: com.android.org.conscrypt.TrustManagerImpl
I/Xposed  (30338):  at java.lang.Class.classForName(Native Method)
I/Xposed  (30338):  at java.lang.Class.forName(Class.java:217)
I/Xposed  (30338):  at external.org.apache.commons.lang3.ClassUtils.getClass(ClassUtils.java:823)
I/Xposed  (30338):  at de.robv.android.xposed.XposedHelpers.findClass(XposedHelpers.java:50)
I/Xposed  (30338):  ... 20 more
I/Xposed  (30338): Caused by: java.lang.NoClassDefFoundError: com/android/org/conscrypt/TrustManagerImpl
I/Xposed  (30338):  ... 24 more
I/Xposed  (30338): Caused by: java.lang.ClassNotFoundException: Didn't find class "com.android.org.conscrypt.TrustManagerImpl" on path: /system/framework/com.android.location.provider.jar:/data/app/com.google.android.gms-1.apk
I/Xposed  (30338):  at dalvik.system.BaseDexClassLoader.findClass(BaseDexClassLoader.java:65)
I/Xposed  (30338):  at java.lang.ClassLoader.loadClass(ClassLoader.java:501)
I/Xposed  (30338):  at java.lang.ClassLoader.loadClass(ClassLoader.java:461)
I/Xposed  (30338):  ... 24 more

[jakev]

The TrustManagerImpl class doesn't exist on older APIs, so we shouldn't try to hook it if it doesn't exist. I'm about to push a fix to my repo, will update you once I confirm it works for me :)

[anthonycvella]

Ahh that's what I figured but I couldn't find a reference as to which API started including TrustManagerImpl.

[jakev]

@Snwspeckle try installing the bin associated with this: https://github.com/jakev/JustTrustMe/commit/862716fb7f0a1fe9e6a5395004223a921d94f984

[anthonycvella]

@jakev I still seem to be getting the errors which are being thrown on line 144. I think this check also needs to be included there?

[jakev]

Yup, it does. Doh, missed that one.

[anthonycvella]

@jakev Are you going to make the change or should I make it and submit a pull request?

[jakev]

Sorry @Snwspeckle - I'm building right now. Link in just a sec.

[anthonycvella]

@jakev No problem, I'm busy building other things as well.

About this tool, by having this installed and running, is there anything else I need to configure to prevent an app from making calls using SSL? (I'm trying to discover hidden endpoints for an app.) The reason I ask is because I've installed this tool but with wireshark I still see the app requesting GoDadddy for a certificate.

[jakev]

@Snwspeckle please try: https://github.com/jakev/JustTrustMe/commit/b03a28336fc11ec059172333e8b99d626986cda3. I apologize if you still have issues, I don't have an API 17 device with me that has Xposed running ATM.

Note that this tool doesn't prevent an app from making calls using SSL, it aims to disable / bypass certificate checks that might fail when man-in-the-middling an application. If you install this you'll still see encrypted traffic, but if you place a proxy between the app and the remote servers, you should be able to see the traffic. :)

[Fuzion24]

@jakev would you mind opening a pull req with the additional check?

[jakev]

@Fuzion24 absolutely! I was hoping to hear back from @Snwspeckle to confirm it worked before submitting the pull request.If i don't hear back in a few hours I'll create the pull request.

[anthonycvella]

@jakev Sorry for not responding! I got caught up in working on something else. The patch did work and the exceptions are no longer thrown.

Unfortunately, it didn't work for what I needed it to do. Looks like the app I'm working to reverse engineer is written in C++ and is using libcurl for all networking requests which does its own certificate pinning & certificate host verification.

[jakev]

@Fuzion24 created: https://github.com/Fuzion24/JustTrustMe/pull/11 :)

[anthonycvella]

@jakev Once the pull request has been accepted, I'll go ahead and mark this issue as closed. Thanks for the fix!