About MITM

[KenN7]

Hi, not really an issue but I had no other way to contact you ^^. I was wondering how you got to find the messages that CoC sends to the servers, I'm currently trying to do MITM on the android app through Charles and I can't find any POST/GET commands sent to any server (ive got SSL trusted). First I thought that CoC used certif pinning but what's very strange is that I'm still able to play on my phone but i can't see any traffic on CHarles except some CONNECT attemps to service.supercell.net. I mean even chat messages work ?! what the hell ? Any idea why I don't get those on Charles ?

NB : my apk in unpatched, not sure what it changes? For now i'm just troubling to get the encrypted messages to show up, i didnt yet get to decypher. NB : I ask for my own knowledge, i'm trying to learn a bit further reverse on apk/android.

Thanks a lot, Regards,

[dchanda]

CoC does not use HTTP/HTTPS to communicate to Clash Servers. It opens a direct socket connection to gamea.clashofclans.com on port 9339 and exchanges raw bytes.

[KenN7]

So basically, there's no chance to detect that trafiic with charles proxy ? But i guess It his still doable with wireshark and that's where the keys embedded in the app come in action right?

[123456abcdef]

CoC uses a public-key encryption scheme. So you need to mod your APK / your libg.so (look here how to do it manually. Use the offset mentioned here.) Then clone this repo and change the key on this line with the key from here. After that you can only play the game while connected to this proxy. I think thats all you need to do. I haven't used this for a long time so there may be additional steps :). Also I'm not to sure if you can get banned for modifying CoC. So better check with a test account.

[clugh]

Feel free to reopen if you're still working on this.