search

Fuzion24 / JustTrustMe

An xposed module that disables SSL certificate checking for the purposes of auditing an app with cert pinning
Other
4.76k stars 782 forks source link

#Mitmproxy Unable to decrypt https when using Mitmproxy #66

Open coding-dream opened 1 year ago

coding-dream commented 1 year ago

Mitmproxy:does not trust the proxy's certificate

Hello author, when using Mitmproxy, the problem of certificate pinning still cannot be solved. The following is the error reported when capturing the mobile app.

[23:21:54.726][192.168.3.18:35324] server connect api5-normal-c-lq.amemv.com:443 (223.109.60.101:443)
[23:21:54.916][192.168.3.18:35324] Client TLS handshake failed. The client does not trust the proxy's certificate for api5-normal-c-lq.amemv.com (OpenSSL Error([('SSL routines', 'ssl3_read_bytes', 'sslv3 alert certificate unknown')]))
[23:21:54.917][192.168.3.18:35324] client disconnect
[23:21:54.919][192.168.3.18:35324] server disconnect api5-normal-c-lq.amemv.com:443 (223.109.60.101:443)
[23:21:55.067][192.168.3.18:35334] client connect
[23:21:55.082][192.168.3.18:35336] client connect
[23:21:55.102][192.168.3.18:35334] server connect mssdk3-normal-hl.zijieapi.com:443 (120.237.197.119:443)
[23:21:55.104][192.168.3.18:35336] server connect api26-normal-lq.amemv.com:443 (39.135.62.79:443)
[23:21:55.133][192.168.3.18:35266] client disconnect
[23:21:55.134][192.168.3.18:35264] client disconnect
[23:21:55.138][192.168.3.18:35266] server disconnect live-cover.msstatic.com:80 (183.240.67.248:80)
[23:21:55.139][192.168.3.18:35264] server disconnect live-cover.msstatic.com:80 (183.240.67.248:80)
[23:21:55.150][192.168.3.18:35336] Client TLS handshake failed. The client does not trust the proxy's certificate for api26-normal-lq.amemv.com (OpenSSL Error([('SSL routines', 'ssl3_read_bytes', 'sslv3 alert certificate unknown')]))
[
yoshimo commented 1 year ago

Applications can include their own checks on top of what this module hooks. Also recent Android Versions added more stuff. So to look at this properly, which device, os version and application are you trying to analyse here?

coding-dream commented 1 year ago

Android7.0 in Xiaomi Phone,I use the app is DouYin!

RealYukiSan commented 1 year ago

Same issue with:

mitmproxy log: warn: [22:47:24.810][127.0.0.1:62901] Client TLS handshake failed. The client does not trust the proxy's certificate for roli.telkomsel.com (OpenSSL Error([('SSL routines', '', 'sslv3 alert certificate unknown')]))

yoshimo commented 1 year ago

for me the Roli app crashes because the list of pinned certs is empty when using https://github.com/httptoolkit/frida-android-unpinning/

Process crashed: java.lang.IllegalArgumentException: pins must start with 'sha256/' or 'sha1/': Pinned certificates for roli.telkomsel.com

need to dig deeper

RealYukiSan commented 1 year ago

thanks for your reply @yoshimo ! I will considering to learning the fundamental first to be able dig deeper into the problem