search

pouyadarabi / Instagram_SSL_Pinning

Bypassing SSL Pinning in Instagram Android App
GNU General Public License v3.0
148 stars 30 forks source link

Frida #15

Closed GHXST01 closed 5 years ago

GHXST01 commented 6 years ago

Hey, I'd like to create a dynamic patch using Frida. Do you have an article / write up explaining your patch?

GHXST01 commented 6 years ago

@pouyadarabi are you still available? I'm the creator of the following patch using Frida:

var moduleNames  = ['libxliger.so', 'libsslx.so'];
var functionName = 'X509_verify_cert'

moduleNames.forEach( function(moduleName) {

    Interceptor.attach(Module.findExportByName(moduleName, functionName), {

        onEnter: function (args) {
            // Logging the progress
            send('');
        },

        onLeave: function (retval) {
            // Patching return value from 0x0 -> 0x1
            retval.replace(1);
        }

    });

});

Can you tell me if you've updated anything besides this? I want to update my patch to work with the latest IG versions.

GHXST01 commented 6 years ago

@pouyadarabi Hey, could you please get back to me? Thanks.

pouyadarabi commented 6 years ago

Hi,

Just libliger.so and X509_verify_cert

unlimire commented 6 years ago

@pouyadarabi but i got expected a pointer

hekahatika commented 6 years ago

@pouyadarabi libliger.so dont have function "X509_verify_cert" can you send me this pic https://raw.githubusercontent.com/pouyadarabi/Instagram_SSL_Pinning/master/arm/after.jpg?123 you deleted it

SuhatAkbulak commented 5 years ago

Is there any improvement on the latest version? Read the Data of the Latest Version. I can give you a tip :)

gaplan commented 5 years ago

libcrypto.so has X509_verify_cert function. Thanx frida.

handlers/libcrypto.so/X509_verify_cert.js

SuhatAkbulak commented 5 years ago

@gaplan last version ?

gaplan commented 5 years ago

@SuhatAkbulak V75 & v76 (alpha) but does not running on this. not calling for Ssl cert

SuhatAkbulak commented 5 years ago

@gaplan What version does it work on?

gaplan commented 5 years ago

@SuhatAkbulak i dunno, i'll try older versions. (yenilerinde bu yok. arıyorum yerini)

SuhatAkbulak commented 5 years ago

@gaplan Şener Şen ❤️

SuhatAkbulak commented 5 years ago

@gaplan pls add your skype Skype=instabayi

gaplan commented 5 years ago

@SuhatAkbulak I'm going to take out all the keys. Soon.

SuhatAkbulak commented 5 years ago

@gaplan please contact me

gokaybiz commented 5 years ago

Suhat naber?

SuhatAkbulak commented 5 years ago

@gokaybiz Sizleri sormalı

gokaybiz commented 5 years ago

Are u inspired from whitehat mode? I mean, are u cracked that feature? Or something else?