search

Fuzion24 / JustTrustMe

An xposed module that disables SSL certificate checking for the purposes of auditing an app with cert pinning
Other
4.88k stars 796 forks source link

JustTrustMe causes chrome ssl error failed when connect to TLS website #45

Open taikulawo opened 5 years ago

taikulawo commented 5 years ago

Maybe the same problem

https://github.com/Fuzion24/JustTrustMe/issues/41

JustTrustMe causes my chrome ssl failed when I connect SSL website it said:

this site can't be reached
https://google.com

ERR_FAILED

Removing JustTrustMe module solved :(

I'm not a Java Developer, just give someone idea to avoid this problem

Following are log about JustTrustMe and luckypatcher(you can ignore its log)

I hope no one spends the whole day like me to solve this problem.

JustTrustMe: Hooking DefaultHTTPClient for: com.android.chrome
05-18 16:45:46.906 26646 26646 W re-initialized>: type=1400 audit(0.0:295): avc: denied { getattr } for path="/data/data/com.android.chrome" dev="dm-0" ino=3302487 scontext=u:r:isolated_app:s0:c512,c768 tcontext=u:object_r:app_data_file:s0:c512,c768 tclass=dir permissive=0
05-18 16:45:46.910 26646 26646 D JustTrustMe: Hooking DefaultHTTPClient(HttpParams) for: com.android.chrome
05-18 16:45:46.911 26646 26646 D JustTrustMe: Hooking DefaultHTTPClient(ClientConnectionManager, HttpParams) for: com.android.chrome
05-18 16:45:46.912 26646 26646 D JustTrustMe: Hooking SSLSocketFactory(String, KeyStore, String, KeyStore) for: com.android.chrome
05-18 16:45:46.914 26646 26646 D JustTrustMe: Hooking static SSLSocketFactory(String, KeyStore, String, KeyStore) for: com.android.chrome
05-18 16:45:46.917 26646 26646 D JustTrustMe: Hooking SSLSocketFactory(Socket) for: com.android.chrome
05-18 16:45:46.919 26646 26646 D JustTrustMe: Hooking TrustManagerFactory.getTrustManagers() for: com.android.chrome
05-18 16:45:46.923 26646 26646 D JustTrustMe: Hooking HttpsURLConnection.setDefaultHostnameVerifier for: com.android.chrome
05-18 16:45:46.924 26646 26646 D JustTrustMe: Hooking HttpsURLConnection.setSSLSocketFactory for: com.android.chrome
05-18 16:45:46.926 26646 26646 D JustTrustMe: Hooking HttpsURLConnection.setHostnameVerifier for: com.android.chrome
05-18 16:45:46.927 26646 26646 D JustTrustMe: Hooking WebViewClient.onReceivedSslError(WebView, SslErrorHandler, SslError) for: com.android.chrome
05-18 16:45:46.929 26646 26646 D JustTrustMe: Hooking WebViewClient.onReceivedSslError(WebView, int, string, string) for: com.android.chrome
05-18 16:45:46.934 26646 26646 D JustTrustMe: Hooking com.android.org.conscrypt.TrustManagerImpl.checkServerTrusted(X509Certificate[]) for: com.android.chrome
05-18 16:45:46.985 26646 26646 I System.out: Update settings xposed
05-18 16:45:46.983 26646 26646 W boxed_process14: type=1400 audit(0.0:296): avc: denied { open } for path="/data/lp/xposed" dev="dm-0" ino=1720323 scontext=u:r:isolated_app:s0:c512,c768 tcontext=u:object_r:system_data_file:s0 tclass=file permissive=0
05-18 16:45:46.985 26646 26646 W System.err: java.io.FileNotFoundException: /data/lp/xposed: open failed: EACCES (Permission denied)
05-18 16:45:46.986 26646 26646 W System.err:    at libcore.io.IoBridge.open(IoBridge.java:512)
05-18 16:45:46.986 26646 26646 W System.err:    at java.io.RandomAccessFile.<init>(RandomAccessFile.java:274)
05-18 16:45:46.986 26646 26646 W System.err:    at com.chelpus.Л€.Л(Utils.java:6001)
05-18 16:45:46.986 26646 26646 W System.err:    at com.chelpus.Л€.бµЋ(Utils.java:8933)
05-18 16:45:46.986 26646 26646 W System.err:    at com.xposed.XSupport.К(XSupport.java:1342)
05-18 16:45:46.986 26646 26646 W System.err:    at com.xposed.XSupport$28.afterHookedMethod(XSupport.java:1088)
05-18 16:45:46.986 26646 26646 W System.err:    at de.robv.android.xposed.XposedBridge.handleHookedMethod(XposedBridge.java:375)
05-18 16:45:46.986 26646 26646 W System.err:    at android.app.ApplicationPackageManager.<init>(<Xposed>)
05-18 16:45:46.986 26646 26646 W System.err:    at android.app.ContextImpl.getPackageManager(ContextImpl.java:237)
05-18 16:45:46.986 26646 26646 W System.err:    at android.content.ContextWrapper.getPackageManager(ContextWrapper.java:94)
05-18 16:45:46.986 26646 26646 W System.err:    at csx.b(PG:13)
05-18 16:45:46.986 26646 26646 W System.err:    at aQv.attachBaseContext(PG:95)
05-18 16:45:46.986 26646 26646 W System.err:    at android.app.Application.attach(Application.java:189)
05-18 16:45:46.986 26646 26646 W System.err:    at de.robv.android.xposed.XposedBridge.invokeOriginalMethodNative(Native Method)
05-18 16:45:46.986 26646 26646 W System.err:    at de.robv.android.xposed.XposedBridge.handleHookedMethod(XposedBridge.java:361)
05-18 16:45:46.986 26646 26646 W System.err:    at android.app.Application.attach(<Xposed>)
05-18 16:45:46.986 26646 26646 W System.err:    at android.app.Instrumentation.newApplication(Instrumentation.java:1103)
05-18 16:45:46.986 26646 26646 W System.err:    at android.app.Instrumentation.newApplication(Instrumentation.java:1087)
05-18 16:45:46.986 26646 26646 W System.err:    at android.app.LoadedApk.makeApplication(LoadedApk.java:983)
05-18 16:45:46.986 26646 26646 W System.err:    at android.app.ActivityThread.handleBindApplication(ActivityThread.java:5715)
05-18 16:45:46.986 26646 26646 W System.err:    at de.robv.android.xposed.XposedBridge.invokeOriginalMethodNative(Native Method)
05-18 16:45:46.986 26646 26646 W System.err:    at de.robv.android.xposed.XposedBridge.handleHookedMethod(XposedBridge.java:361)
05-18 16:45:46.986 26646 26646 W System.err:    at android.app.ActivityThread.handleBindApplication(<Xposed>)
05-18 16:45:46.986 26646 26646 W System.err:    at android.app.ActivityThread.-wrap1(Unknown Source:0)
05-18 16:45:46.986 26646 26646 W System.err:    at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1656)
05-18 16:45:46.986 26646 26646 W System.err:    at android.os.Handler.dispatchMessage(Handler.java:106)
05-18 16:45:46.986 26646 26646 W System.err:    at android.os.Looper.loop(Looper.java:164)
05-18 16:45:46.986 26646 26646 W System.err:    at android.app.ActivityThread.main(ActivityThread.java:6494)
05-18 16:45:46.986 26646 26646 W System.err:    at java.lang.reflect.Method.invoke(Native Method)
05-18 16:45:46.986 26646 26646 W System.err:    at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:440)
05-18 16:45:46.986 26646 26646 W System.err:    at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:807)
05-18 16:45:46.986 26646 26646 W System.err:    at de.robv.android.xposed.XposedBridge.main(XposedBridge.java:108)
05-18 16:45:46.986 26646 26646 W System.err: Caused by: android.system.ErrnoException: open failed: EACCES (Permission denied)
05-18 16:45:46.986 26646 26646 W System.err:    at libcore.io.Linux.open(Native Method)
05-18 16:45:46.986 26646 26646 W System.err:    at libcore.io.BlockGuardOs.open(BlockGuardOs.java:207)
05-18 16:45:46.986 26646 26646 W System.err:    at libcore.io.IoBridge.open(IoBridge.java:498)
05-18 16:45:46.986 26646 26646 W System.err:    ... 31 more
05-18 16:45:46.987 26646 26646 W System.err: org.json.JSONException: Value ����������������������������������������� ����������������������������������������������������������������������������������������������������������������������������������������� of type java.lang.String cannot be converted to JSONObject
05-18 16:45:46.987 26646 26646 W System.err:    at org.json.JSON.typeMismatch(JSON.java:111)
05-18 16:45:46.987 26646 26646 W System.err:    at org.json.JSONObject.<init>(JSONObject.java:163)
05-18 16:45:46.987 26646 26646 W System.err:    at org.json.JSONObject.<init>(JSONObject.java:176)
05-18 16:45:46.987 26646 26646 W System.err:    at com.chelpus.Л€.бµЋ(Utils.java:8933)
05-18 16:45:46.987 26646 26646 W System.err:    at com.xposed.XSupport.К(XSupport.java:1342)
05-18 16:45:46.987 26646 26646 W System.err:    at com.xposed.XSupport$28.afterHookedMethod(XSupport.java:1088)
05-18 16:45:46.987 26646 26646 W System.err:    at de.robv.android.xposed.XposedBridge.handleHookedMethod(XposedBridge.java:375)
05-18 16:45:46.987 26646 26646 W System.err:    at android.app.ApplicationPackageManager.<init>(<Xposed>)
05-18 16:45:46.987 26646 26646 W System.err:    at android.app.ContextImpl.getPackageManager(ContextImpl.java:237)
05-18 16:45:46.987 26646 26646 W System.err:    at android.content.ContextWrapper.getPackageManager(ContextWrapper.java:94)
05-18 16:45:46.987 26646 26646 W System.err:    at csx.b(PG:13)
05-18 16:45:46.987 26646 26646 W System.err:    at aQv.attachBaseContext(PG:95)
05-18 16:45:46.987 26646 26646 W System.err:    at android.app.Application.attach(Application.java:189)
05-18 16:45:46.987 26646 26646 W System.err:    at de.robv.android.xposed.XposedBridge.invokeOriginalMethodNative(Native Method)
05-18 16:45:46.987 26646 26646 W System.err:    at de.robv.android.xposed.XposedBridge.handleHookedMethod(XposedBridge.java:361)
05-18 16:45:46.987 26646 26646 W System.err:    at android.app.Application.attach(<Xposed>)
05-18 16:45:46.987 26646 26646 W System.err:    at android.app.Instrumentation.newApplication(Instrumentation.java:1103)
05-18 16:45:46.987 26646 26646 W System.err:    at android.app.Instrumentation.newApplication(Instrumentation.java:1087)
05-18 16:45:46.987 26646 26646 W System.err:    at android.app.LoadedApk.makeApplication(LoadedApk.java:983)
05-18 16:45:46.987 26646 26646 W System.err:    at android.app.ActivityThread.handleBindApplication(ActivityThread.java:5715)
05-18 16:45:46.987 26646 26646 W System.err:    at de.robv.android.xposed.XposedBridge.invokeOriginalMethodNative(Native Method)
05-18 16:45:46.987 26646 26646 W System.err:    at de.robv.android.xposed.XposedBridge.handleHookedMethod(XposedBridge.java:361)
05-18 16:45:46.987 26646 26646 W System.err:    at android.app.ActivityThread.handleBindApplication(<Xposed>)
05-18 16:45:46.987 26646 26646 W System.err:    at android.app.ActivityThread.-wrap1(Unknown Source:0)
05-18 16:45:46.987 26646 26646 W System.err:    at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1656)
05-18 16:45:46.987 26646 26646 W System.err:    at android.os.Handler.dispatchMessage(Handler.java:106)
05-18 16:45:46.987 26646 26646 W System.err:    at android.os.Looper.loop(Looper.java:164)
05-18 16:45:46.987 26646 26646 W System.err:    at android.app.ActivityThread.main(ActivityThread.java:6494)
05-18 16:45:46.987 26646 26646 W System.err:    at java.lang.reflect.Method.invoke(Native Method)
05-18 16:45:46.987 26646 26646 W System.err:    at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:440)
05-18 16:45:46.987 26646 26646 W System.err:    at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:807)
05-18 16:45:46.987 26646 26646 W System.err:    at de.robv.android.xposed.XposedBridge.main(XposedBridge.java:108)
05-18 16:45:46.996 26646 26646 D JustTrustMe: Hooking com.squareup.okhttp.CertificatePinner.check(String,List) (2.5) for: com.android.chrome
05-18 16:45:46.996 26646 26646 D JustTrustMe: OKHTTP 2.5 not found in com.android.chrome-- not hooking
05-18 16:45:46.996 26646 26646 D JustTrustMe: Hooking okhttp3.CertificatePinner.check(String,List) (3.x) for: com.android.chrome
05-18 16:45:46.996 26646 26646 D JustTrustMe: OKHTTP 3.x not found in com.android.chrome -- not hooking
05-18 16:45:46.997 26646 26646 D JustTrustMe: OKHTTP 3.x not found in com.android.chrome -- not hooking OkHostnameVerifier.verify(String, SSLSession)
05-18 16:45:46.997 26646 26646 D JustTrustMe: OKHTTP 3.x not found in com.android.chrome -- not hooking OkHostnameVerifier.verify(String, X509)(
05-18 16:45:47.001 26646 26646 I cr_ChildProcessService: Creating new ChildProcessService pid=26646
05-18 16:45:47.038 26646 26665 I cr_LibraryLoader: Time to load native libraries: 29 ms (timestamps 5987-6016)
05-18 16:45:47.039 26646 26665 I chromium: [INFO:library_loader_hooks.cc(50)] Chromium logging enabled: level = 0, default verbosity = 0
05-18 16:45:47.039 26646 26665 I cr_LibraryLoader: Expected native library version number "74.0.3729.157", actual native library version number "74.0.3729.157"
05-18 16:45:47.424 22819 23118 E chromium: [ERROR:ssl_client_socket_impl.cc(946)] handshake failed; returned -1, SSL error code 1, net_error -2

You can see 05-18 16:45:47.424 22819 23118 E chromium: [ERROR:ssl_client_socket_impl.cc(946)] handshake failed; returned -1, SSL error code 1, net_error -2 error message

For fix: Here are my devices info

[ro.lineage.build.version]: [15.1]
[ro.lineage.build.version.plat.rev]: [0]
[ro.lineage.build.version.plat.sdk]: [9]
[ro.lineage.device]: [angler]
[ro.lineage.display.version]: [15.1-20190426-NIGHTLY-angler]
[ro.lineage.releasetype]: [NIGHTLY]
[ro.lineage.version]: [15.1-20190426-NIGHTLY-angler]
[ro.lineagelegal.url]: [https://lineageos.org/legal]
[ro.modversion]: [15.1-20190426-NIGHTLY-angler]
[ro.oem_unlock_supported]: [1]
[ro.opengles.version]: [196610]
[ro.product.board]: [angler]
[ro.product.brand]: [google]
[ro.product.cpu.abi]: [arm64-v8a]
[ro.product.cpu.abilist]: [arm64-v8a,armeabi-v7a,armeabi]
[ro.product.cpu.abilist32]: [armeabi-v7a,armeabi]
[ro.product.cpu.abilist64]: [arm64-v8a]
[ro.product.device]: [angler]
[ro.product.first_api_level]: [23]
[ro.product.locale]: [en-US]
[ro.product.manufacturer]: [Huawei]
[ro.product.model]: [Nexus 6P]
[ro.product.name]: [angler]
[ro.property_service.version]: [2]
[ro.qc.sdk.audio.fluencetype]: [fluence]
[ro.recovery_id]: [0x09e4c08d0df302e302f55d7b801dce1e23339cb4000000000000000000000000]
[ro.revision]: [0]
[ro.ril.force_eri_from_xml]: [true]
[ro.ril.svdo]: [false]
[ro.ril.svlte1x]: [false]
[ro.secure]: [1]
[ro.serialno]: [CVH7N16125000171]
[ro.sf.lcd_density]: [560]
[ro.storage_manager.enabled]: [true]
[ro.telephony.call_ring.multiple]: [0]
[ro.telephony.default_cdma_sub]: [0]
[ro.telephony.default_network]: [10]
[ro.telephony.get_imsi_from_sim]: [true]
[ro.treble.enabled]: [false]
[ro.vendor.build.date]: [Fri Oct 19 16:45:06 UTC 2018]
[ro.vendor.build.date.utc]: [1539967506]
[ro.vendor.build.fingerprint]: [google/angler/angler:8.1.0/OPM7.181205.001/5080180:user/release-keys]
[ro.vendor.extension_library]: [libqti-perfd-client.so]
[ro.vendor.product.brand]: [google]
[ro.vendor.product.device]: [angler]
[ro.vendor.product.manufacturer]: [Huawei]
[ro.vendor.product.model]: [Nexus 6P]
[ro.vendor.product.name]: [lineage_angler]
[ro.wifi.channels]: []
[ro.zygote]: [zygote64_32]
zipg commented 5 years ago

我开启这模块啥网页都打不开,但接口都是正常的,不知道咋修

ghost commented 5 years ago

Install Fiddler certificate.

BiteFoo commented 5 years ago

同@lurumdare说的,装个代理的证书即可,我用的是mitmproxy,因此直接安装了mitmproxy的手机代理,即可正常使用。

ghost commented 5 years ago

@BiteFoo fiddler works good.