mgp25 / SC-API

Snapchat’s private API
MIT License
334 stars 103 forks source link

Using proxy to sniff auth_token from device #277

Closed StoryStar closed 8 years ago

StoryStar commented 8 years ago

Has anyone had success with this recently? I'm unable to get it to work. ( https://github.com/mgp25/SC-API/wiki/How-to-use-proxy )

Snapchat seems to be blocking rooted devices from logging in - it detects the Xposed framework at least, and might just detect root in general (possibly using SafetyNet? - http://developer.android.com/training/safetynet/index.html ).

From what I've read, it is possible to uninstall Xposed and unroot your device, log into Snapchat, then reroot/reinstall Xposed, but if you log out again you will be unable to log back in. Since we need to disable SSL certificate pinning ( https://github.com/liamcottle/SnapchatCertPinning ) to sniff the login, I believe this makes it impossible to do capture the auth_token.

Is there a workaround for this? Maybe using RootCloak or NoDeviceCheck? Or is there an alternative method to disable cert pinning?

mgp25 commented 8 years ago

Use trust killer https://github.com/iSECPartners/Android-SSL-TrustKiller that disables cert pinning

StoryStar commented 8 years ago

@mgp25 Thanks, captured the auth and got it working!