Instagram 10.0.0 and up.

ac-pm / SSLUnpinning_Xposed

Android Xposed Module to bypass SSL certificate validation (Certificate Pinning).

GNU General Public License v2.0

771 stars 115 forks source link

Instagram 10.0.0 and up. #10

Open GHXST01 opened 7 years ago

GHXST01 commented 7 years ago

Hey,

Since v10.0.0 and up, I have been getting SSL errors even while using the xposed module. Anyway to tell why this is happening?

Thanks :)

ac-pm commented 7 years ago

Maybe the Instagram does not use the api that this hooks work.

ydaniels commented 7 years ago

Yes confirmed even for inspeckage

GHXST01 commented 7 years ago

I'm up for any collaboration to patch their cert pinning.

simransandhu1203 commented 7 years ago

@GHXST01 can you please guide me on how to patch their cert pinning.

GHXST01 commented 7 years ago

Cert pinning is done in native, requires some knowledge of IDA to patch.

I'll make a guide once I am more confident in how to patch it.

maximTartachnik commented 7 years ago

Any luck with patching?

mangledbottles commented 7 years ago

@GHXST01 can I email you? Thanks :)

slruslan commented 7 years ago

@GHXST01 have you figured out anything about how to patch it? I'm currently trying to change the apk logics, but it doesn't work, so I think it's really done native. Could you please give any ideas on which lib it's made?

idb- commented 7 years ago

@slruslan Check out libxliger.so

ghost commented 7 years ago

Can anyone share how to bypass ssl pinning on the latest Instagram app?

GHXST01 commented 7 years ago

@mangledbottles @rpw98 @slruslan @maximTartachnik @simransandhu1203

Use Frida.

var moduleNames  = ['libxliger.so', 'libsslx.so'];
var functionName = 'X509_verify_cert'

moduleNames.forEach( function(moduleName) {

    Interceptor.attach(Module.findExportByName(moduleName, functionName), {

        onEnter: function (args) {
            // Logging the progress
            send('');
        },

        onLeave: function (retval) {
            // Patching return value from 0x0 -> 0x1
            retval.replace(1);
        }

    });

});

__ e-mail: ghxstcxde@gmail.com

Fi5t commented 7 years ago

@GHXST01 your code doesn't work for me =( Instagram version 10.25.1

martinhood commented 6 years ago

Use this Patch

ghost commented 6 years ago

There is a way to patch the APK file only without using any module or patching any native library. It might be interested for those having non-rooted devices.

lazyjohny500 commented 6 years ago

@martinhood does this patch worked for you?

asad0x01 commented 6 years ago

@lazyjohny500 Works like charm :)

GHXST01 commented 6 years ago

@martinhood @asad0x01 can either of you document the actual patch? I'd like to make it available in Frida to avoid tampering with the APK.