pimterry
commented
9 months ago Hi @Jonahthemop - if this script doesn't work, you'll need to reverse engineer the app for yourself to work out where the certificate is being rejected. There's more information about how to do that here: https://httptoolkit.com/blog/android-reverse-engineering/.
If that doesn't work for you, I'm afraid I can't help much more and I'm not available for contract work like this, I just don't have time to personally reverse engineer individual apps. If you're looking for personal support with doing that, I'd recommend looking for reverse engineers on freelancer marketplaces like Upwork and Fiverr, there's plenty of people there who would be happy to help you investigate this.
If after your investigation you do find that there's actually a general purpose pinning mechanism that this script doesn't cover (rather than something very specific to the app you're looking at) then of course do please share more info here, and pull requests to this repo are very welcome too! Note that HTTP Toolkit Pro is totally free for all contributors to everything in this GitHub org.
Hello, I followed this guide (https://httptoolkit.com/blog/frida-certificate-pinning/) but was still unable to get the certificate to work. Whenever I opened snapchat I would get the certificate rejected error and Snapchat wouldn't be working properly. Please let me know how I can fix this and maybe try Snapchat yourself if possible. Tried this on arm64 architecture.