Open abdullahsaeed98 opened 7 months ago
novitae
commented
7 months ago Snapchat uses self signed certificate, from methods of themselves. You can't unpin it so easily. You have to use some Frida scripts to hook the correct methods and make them turn ssl pinning off.
P5-2005
commented
7 months ago When injected dylib into Snapchat through Sideloadly, its not bypassing SSL pinning and mitmproxy says this
Client TLS handshake failed. The client does not trust the proxy's certificate for gcp.api.snapchat.com (OpenSSL Error([('SSL routines', '', 'sslv3 alert certificate unknown')]))
i think you should try jailbroken state, because fishhook is limited
abdullahsaeed98
commented
7 months ago Snapchat uses self signed certificate, from methods of themselves. You can't unpin it so easily. You have to use some Frida scripts to hook the correct methods and make them turn ssl pinning off.
I wasnt able to find latest frida scripts that bypasses that online.
abdullahsaeed98
commented
7 months ago When injected dylib into Snapchat through Sideloadly, its not bypassing SSL pinning and mitmproxy says this Client TLS handshake failed. The client does not trust the proxy's certificate for gcp.api.snapchat.com (OpenSSL Error([('SSL routines', '', 'sslv3 alert certificate unknown')]))
i think you should try jailbroken state, because fishhook is limited
I am trying this on m1 mac.
novitae
commented
7 months ago Snapchat uses self signed certificate, from methods of themselves. You can't unpin it so easily. You have to use some Frida scripts to hook the correct methods and make them turn ssl pinning off.
I wasnt able to find latest frida scripts that bypasses that online.
Well sometimes you have to put hand in the dirt for this kind of things ...
When injected dylib into Snapchat through Sideloadly, its not bypassing SSL pinning and mitmproxy says this
Client TLS handshake failed. The client does not trust the proxy's certificate for gcp.api.snapchat.com (OpenSSL Error([('SSL routines', '', 'sslv3 alert certificate unknown')]))