Xzandro
commented
1 year ago There is no SSL cert pinning at all. The issue lays with Android 7+, because by default, apps do not accept self signed certificates, unless you are putting it into the internal root certificate store, which requires root. There is just nothing we could do about it, so I recommend to use an emulator like Mumu to do it if you only run a mobile device with Android 7+.
There was a time when I remember it was possible (2/3 years ago maybe more) to use SWEX to export data from an android phone running an up to date OS. Right now, I think I tried pretty much everything I could think of on an AOSP android 13 rom, and I feel like there are no good options for android users.
I added the cert to my root store, but it looks like SW is now pinning it directly in okhttp. However they seem to be using a combination of dexguard/appguard in the Android version of the game, I saw a lot of checks regarding emulators, root, xposed and frida. I tried bypassing the ssl pinning using frida and xposed but that just leads to more problems.
What's the current "official" stance from @Xzandro on that matter at the moment ?
I do personnally have a solution using the native version of SW on my M1 Mac, on which there seems to be no SSL pinning whatsoever (not familiar with iOS developer tools so I don't even know if they allow that), but it is not very practical. I would love to be able to keep the proxy running for my phone which is the main device I play SW on.