Fuzion24
commented
7 years ago What do you mean by a custom pinging flow?
Closed ranjbarhadi closed 7 years ago
Fuzion24
commented
7 years ago What do you mean by a custom pinging flow?
ranjbarhadi
commented
7 years ago justTrustMe does not work on Instagram. I've searched a lot and everyone thinks they are using a custom pinning method. this is fiddler log when it tries to decrypt the traffic:
Host: i.instagram.com:443
Connection: keep-alive
Request HTTPSParse failed: Object reference not set to an instance of an object. ```@Fuzion24 could you please point me in a direction to fix this. I know there is a file somewhere in the Instagram android client which is responsible for this custom pinging. I have two option. first is to tweak that library and second tweak your code to the library. I'm aiming for the second option. any suggestion?
Fuzion24
commented
7 years ago I still have no idea what 'custom pinging' is. Do you mean 'custom pinning'?
ranjbarhadi
commented
7 years ago @Fuzion24 yes I'm sorry it was typo
ranjbarhadi
commented
7 years ago I've decompiled the app. I found this class somewhere is the app:
package com.instagram.common.p216m.p414d;
import android.util.Base64;
import com.instagram.common.p216m.p413c.C3559a;
import com.instagram.common.p395f.C3419c;
import com.instagram.common.p399j.p404e.C3474a;
import java.net.InetAddress;
import java.net.Socket;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.LinkedHashSet;
import java.util.Set;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import org.p708a.p709a.p710a.C7460a;
/* renamed from: com.instagram.common.m.d.d */
public final class C3567d extends SSLSocketFactory implements C3559a {
private C3566c f16767a;
private SSLSocketFactory f16768b;
private synchronized void m11042a() {
if (this.f16768b == null) {
this.f16768b = C3568e.m11045b().getSocketFactory();
this.f16767a = C3568e.m11044a();
Class cls = C3568e.f16770b;
}
}
public final void m11043a(String str, Certificate[] certificateArr) {
m11042a();
try {
Set set;
C3566c c3566c = this.f16767a;
Set set2 = (Set) c3566c.f16765a.get(str);
int indexOf = str.indexOf(46);
if (indexOf != str.lastIndexOf(46)) {
set = (Set) c3566c.f16765a.get("*." + str.substring(indexOf + 1));
} else {
set = null;
}
if (set2 == null && set == null) {
set = null;
} else if (set2 != null && set != null) {
Set linkedHashSet = new LinkedHashSet();
linkedHashSet.addAll(set2);
linkedHashSet.addAll(set);
set = linkedHashSet;
} else if (set2 != null) {
set = set2;
}
if (r5 != null) {
X509Certificate[] a = C7460a.m20887a(certificateArr, c3566c.f16766b);
int length = a.length;
indexOf = 0;
while (indexOf < length) {
if (!r5.contains(C3566c.m11041a(C3564a.m11036a(a[indexOf].getPublicKey().getEncoded())))) {
indexOf++;
} else {
return;
}
}
StringBuilder stringBuilder = new StringBuilder("Certificate pinning failure!\n Peer certificate chain:");
int length2 = a.length;
length = 0;
while (length < length2) {
X509Certificate x509Certificate = a[length];
StringBuilder append = stringBuilder.append("\n ");
if (x509Certificate instanceof X509Certificate) {
append.append("sha1/" + Base64.encodeToString(C3566c.m11041a(C3564a.m11036a(x509Certificate.getPublicKey().getEncoded())).f16761b, 0)).append(": ").append(x509Certificate.getSubjectDN().getName());
length++;
} else {
throw new IllegalArgumentException("Certificate pinning requires X509 certificates");
}
}
stringBuilder.append("\n Pinned certificates for ").append(str).append(":");
for (C3564a c3564a : r5) {
stringBuilder.append("\n sha1/").append(Base64.encodeToString(c3564a.f16761b, 0));
}
throw new SSLPeerUnverifiedException(stringBuilder.toString());
}
} catch (CertificateException e) {
throw new SSLPeerUnverifiedException(e.toString());
} catch (Throwable e2) {
C3419c.m10637a().m10643a("ssl_pin_error", e2, false);
throw e2;
}
}
public final Socket createSocket(String str, int i) {
throw new UnsupportedOperationException("Shouldn't be called for SSLSocketFactory");
}
public final Socket createSocket(String str, int i, InetAddress inetAddress, int i2) {
throw new UnsupportedOperationException("Shouldn't be called for SSLSocketFactory");
}
public final Socket createSocket(InetAddress inetAddress, int i) {
throw new UnsupportedOperationException("Shouldn't be called for SSLSocketFactory");
}
public final Socket createSocket(InetAddress inetAddress, int i, InetAddress inetAddress2, int i2) {
throw new UnsupportedOperationException("Shouldn't be called for SSLSocketFactory");
}
public final Socket createSocket(Socket socket, String str, int i, boolean z) {
m11042a();
SSLSocket sSLSocket = (SSLSocket) this.f16768b.createSocket(socket, str, i, z);
C3474a.m10725a().m10726a(sSLSocket, str);
return sSLSocket;
}
public final String[] getDefaultCipherSuites() {
m11042a();
return this.f16768b.getDefaultCipherSuites();
}
public final String[] getSupportedCipherSuites() {
m11042a();
return this.f16768b.getSupportedCipherSuites();
}
}OK, well, i'm going to close this in favor of #19 since it's a dupe
it seems some apps like Instagram has implemented a custom pinning flow. how can we alter the code to bypass it?