Is a system trusted custom CA really enough to get past all the cert checks from ubi?

TheRealAyCe / ubisoftconnect-win7fix

This is a proxy application to fix Ubisoft's channel-service not supporting any cipher suites for Windows 7, so that chat, groups and multiplayer invites work again.

MIT License

11 stars 0 forks source link

Is a system trusted custom CA really enough to get past all the cert checks from ubi? #4

Open yoshimo opened 2 years ago

yoshimo commented 2 years ago

I have been trying to figure out how to create a custom downloader for ubi-games and every attempt to read the cleartext with a mitm proxy that is using my custom root ca failed so far. Some launchers have their own list of trusted cas more or less hidden somewhere, sometimes some endpoints are more aggressively checked than others.

TheRealAyCe commented 2 years ago

Ubisoft Connect simply uses Window's HTTPS library. So having a root certificate to spoof your own server is enough to get "accepted" by it in my experience. Check out the C# source code for hosting that server.

yoshimo commented 2 years ago

I have the cert as part of my systems cert store and connections to both dmx.upc.ubisoft.com and public-ubiservices.ubi.com fail "Client closed the connection before a request was made. Possibly the SSL certificate was rejected."

Launcher_log.txt says:

[ 2608]  2022-01-01 14:54:23      [14332]      ERROR      SSLSocket.cpp (527)                              Certificate verification for host 'public-ubiservices.ubi.com' failed: 2148204809
[ 2608]  2022-01-01 14:54:23      [14332]      ERROR      SSLSocket.cpp (531)                              PortSwigger, PortSwigger, PortSwigger CA, public-ubiservices.ubi.com
[ 2608]  2022-01-01 14:54:23      [14332]      INFO       SSLSocket.cpp (434)                              Certificate verification failed, closing connection.
[ 2608]  2022-01-01 14:54:23      [14332]      ERROR      JobHttp.cpp (66)                                 Http status code is none for url https://public-ubiservices.ubi.com/v3/profiles/me/events.

So something is different with win10

TheRealAyCe commented 2 years ago

I tested my code on Windows 10 as well and it works there too. The root certificate must be self-signed, for the exact domain name, and must be placed in the Root Certificates cert management folder, in my case for the current user. Then the server must be explicitly told to use that certificate. Check if your server actually serves the correct certificate. This was a bit tricky for me when I developed my tool, but I found all of that out eventually. Maybe you have a similar problem?

https://social.technet.microsoft.com/Forums/systemcenter/en-US/2ee44e01-a29f-4501-bd21-5815805e2702/the-operating-system-reported-error-2148204809?forum=configmgrgeneral

Apparently that error code means the root certificate is not trusted, so it may be that you placed it in the wrong folder.