can we see outgoing data before ssl pinning

[gaplan]

Does the NetworkInterceptor code only work as sinifable? Instagram, Facebook, Tinder does not sniffable now. they all using ssl pinning. how can i pass ssl pinning? or can we see outgoing data before ssl pinning ?

[gaplan]

@depoon @StevenArmandLee

[StevenArmandLee]

It will work with certificate pining. The code is sandwiched in the middle of the request call and the request going out of the app.

The demo working for twitter app here https://youtu.be/P55D0D63QZY

[gaplan]

Hi @StevenArmandLee yes twitter work, but tinder, instagram, facebook. does not work .

[gaplan]

@depoon . Hi There.

[depoon]

@gaplan can u share your observations? what did you mean when it does not work

[gaplan]

Sure. Twitter works, but instagram or tinder does not work. I'm sending wetransfer the code and ipa files I use. https://we.tl/t-kgRZVElq2m

[depoon]

Will take a look tonite

Get Outlook for iOShttps://aka.ms/o0ukef

---

From: gaplan notifications@github.com Sent: Monday, June 24, 2019 1:24:20 AM To: depoon/NetworkInterceptor Cc: Kenneth Poon; Mention Subject: Re: [depoon/NetworkInterceptor] can we see outgoing data before ssl pinning (#24)

Sure. Twitter works, but instagram or tinder does not work. I'm sending wetransfer the code and ipa files I use. https://we.tl/t-kgRZVElq2m

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://github.com/depoon/NetworkInterceptor/issues/24?email_source=notifications&email_token=AAYFQJT52AD6XNQLMECCAADP36WUJA5CNFSM4HYPTQAKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODYLDERQ#issuecomment-504771142, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AAYFQJQ4LYG3LKMFB2CXQF3P36WUJANCNFSM4HYPTQAA.

[gaplan]

Thank you so much.

[gaplan]

@depoon , Hi again. Have you had a chance to look at the files?

[depoon]

@gaplan

I observed this crash? is this the same issue you are facing? otherwise kindly share your crash log Termination Description: DYLD, Symbol not found: _$s8RawValueSYTl | Referenced from: /var/containers/Bundle/Application/E0725CB7-D730-45E7-9018-50E597C72E41/Tinder.app/Dylibs/Gzip.framework/Gzip | Expected in: /private/var/containers/Bundle/Application/E0725CB7-D730-45E7-9018-50E597C72E41/Tinder.app/Frameworks/libswiftCore.dylib | in /var/containers/Bundle/Application/E0725CB7-D730-45E7-9018-50E597C72E41/Tinder.app/Dylibs/Gzip.framework/Gzip

This is not sufficient for me to debug. Can you send over your actual source code (Xcode Project) so that i can investigate?

[bryankeller]

@gaplan bump, please send your code, I also want to see this fixed

[depoon]

@gaplan @bryankeller The issue above is problem (or even app) specific that requires alot of trial and error. At the moment, i wont be able to give a general solution to it.

What brought most people here was my blog article and meetup presentation on binary injection. The issue described above falls in the domain of binary/framework injection, patching or even hacking and is out of scope on what this library can do.

Please direct all binary injection issues to https://github.com/depoon/iOSDylibInjectionDemo instead.

Meanwhile, i would recommend you to experiment with this pod with your working projects and observe the console log. You will find it useful to replay the same cURL requests on POSTMAN.

With that, I shall close this issue.