support for Meta Quest 3

[abdelrahman46]

Hi, I'm trying to run OVRseen on the Meta Quest 3, but I am facing some issues. Firstly, Antmonitor crashes when turning on traffic collection, so I have set up my own MitM proxy as advised in the previous issue (I used Burp Suite).

The problem now is with bypassing SSL pinning. I have tested several apps which you have tested on Quest 2, but the apps are not able to connect to the internet despite running the SSL pinning bypass script. I note that I was not able to install Burp Suite's certificate on the Quest 3 even at user level.

Please let me know if you have any experience running OVRseen on Meta Quest 3, or if you have any recommendations. Thank you.

[rtrimana]

Hi @abdelrahman46 , thanks so much for your feedback. Our team did not try OVRseen on Meta Quest 3. However, in my opinion, what matters is perhaps the Oculus OS version. With AntMonitor, unfortunately, it will no longer support Android 11+, so newer Oculus OS versions that are based on Android 11+ will also not be supported. I think though the bypass script should still work with other MiTM tools such as PCAPdroid. And, indeed, when we try to bypass certificate/SSL pinning and decrypt network traffic, this may cause disruption to connectivity, especially for apps that deploy good security measures. That's why, even for us at that time, we had apps that crashed, but still reported as we still collected some network traffic right before they crashed (or lost connection).

[abdelrahman46]

Thank you for your reply @rtrimana . The main challenge is to install the CA certificate. So, even for the PCAPdroid tool, it asks to install the CA certificate from the settings (this is an Android 11+ requirement I think), however, the interface for installing a CA certificate is not available in the settings. It would be great if you know any workaround.

[rtrimana]

Hi @abdelrahman46 , would it be possible to install the CA certificate using command line, such as this: https://stackoverflow.com/questions/44942851/install-user-certificate-via-adb? I think I tested this technique before but I cannot remember what the result was. And, of course, we cannot use the procedure that is meant for rooted Android devices.

[abdelrahman46]

It is not possible any more. I even tried using the activity manager as such am start -n com.android.certinstaller/.CertInstallerMain -a android.intent.action.VIEW -t application/x-x509-ca-cert -d file:///sdcard/file.cer but it does not work. Since Android 11, only the system's Settings app can install a CA certificate. See https://httptoolkit.com/blog/android-11-trust-ca-certificates/

[rtrimana]

Hmm, how about calling the Settings app using ADB on Quest 3: https://stackoverflow.com/questions/38051706/i-am-trying-to-launch-settings-through-adb-using-the-adb-monkey-command-but-it. I think I was able to do so on Quest 2 (this was 2 years ago perhaps now).