search

NVISOsecurity / MagiskTrustUserCerts

A Magisk/KernelSU module that automatically adds user certificates to the system root CA store
1.63k stars 190 forks source link

Https isssus #28

Closed HalowTV closed 1 year ago

HalowTV commented 1 year ago

Hi get this isssue

[I] 24/Jan/2023 21:50:31 - mitmdump -q --set onboarding=false --listen-host 127.0.0.1 -p 7780 --mode socks5 --proxyauth liDOsFhq:RgiLVGAh --ssl-insecure
[I] 24/Jan/2023 21:50:31 - Running mitmdump...
[W] 24/Jan/2023 21:50:32 - 127.0.0.1:43580: Client TLS handshake failed. The client does not trust the proxy's certificate for gateway.facebook.com (sslv3 alert bad certificate)
[W] 24/Jan/2023 21:50:34 - 127.0.0.1:43598: Client TLS handshake failed. The client does not trust the proxy's certificate for mtalk.google.com (OpenSSL Error([('SSL routines', 'ssl3_read_bytes', 'sslv3 alert certificate unknown')]))
[W] 24/Jan/2023 21:50:35 - 127.0.0.1:43610: Client TLS handshake failed. The client may not trust the proxy's certificate for mqtt-mini.facebook.com (OpenSSL Error([('SSL routines', 'tls_choose_sigalg', 'no suitable signature algorithm')]))
[W] 24/Jan/2023 21:50:35 - 127.0.0.1:43604: Client TLS handshake failed. The client does not trust the proxy's certificate for alt5-mtalk.google.com (OpenSSL Error([('SSL routines', 'ssl3_read_bytes', 'sslv3 alert certificate unknown')]))
[W] 24/Jan/2023 21:50:36 - 127.0.0.1:43626: Client TLS handshake failed. The client does not trust the proxy's certificate for gateway.facebook.com (sslv3 alert bad certificate)
[W] 24/Jan/2023 21:50:37 - 127.0.0.1:43636: Client TLS handshake failed. The client does not trust the proxy's certificate for hosting1.online (OpenSSL Error([('SSL routines', 'ssl3_read_bytes', 'sslv3 alert certificate unknown')]))
[W] 24/Jan/2023 21:50:37 - 127.0.0.1:43638: Client TLS handshake failed. The client does not trust the proxy's certificate for hosting1.online (OpenSSL Error([('SSL routines', 'ssl3_read_bytes', 'sslv3 alert certificate unknown')]))
[W] 24/Jan/2023 21:50:39 - 127.0.0.1:43650: Client TLS handshake failed. The client does not trust the proxy's certificate for edge-mqtt.facebook.com (tlsv1 alert unknown ca)
[W] 24/Jan/2023 21:50:40 - 127.0.0.1:43656: Client TLS handshake failed. The client may not trust the proxy's certificate for mqtt-mini.facebook.com (OpenSSL Error([('SSL routines', 'tls_choose_sigalg', 'no suitable signature algorithm')]))
[W] 24/Jan/2023 21:50:41 - 127.0.0.1:43662: Client TLS handshake failed. The client does not trust the proxy's certificate for gateway.facebook.com (sslv3 alert bad certificate)
[W] 24/Jan/2023 21:50:45 - 127.0.0.1:43674: Client TLS handshake failed. The client may not trust the proxy's certificate for mqtt-mini.facebook.com (OpenSSL Error([('SSL routines', 'tls_choose_sigalg', 'no suitable signature algorithm')]))
[W] 24/Jan/2023 21:50:45 - 127.0.0.1:43668: Client TLS handshake failed. The client does not trust the proxy's certificate for mtalk.google.com (OpenSSL Error([('SSL routines', 'ssl3_read_bytes', 'sslv3 alert certificate unknown')]))
TheDauntless commented 1 year ago

The reason you're getting these issues is most likely because the app is using SSL Pinning. Please follow the guide at https://blog.nviso.eu/2020/11/19/proxying-android-app-traffic-common-issues-checklist/ to verify if your setup is correct. If the app uses SSL pinning (which FB does), you'll have to bypass it with a custom frida script, or projects like https://github.com/Eltion/Facebook-SSL-Pinning-Bypass.