Any suggestions for 70.0.0.22.98

[AmaHacka]

I've patched libliger.so for version 70.0.0.22.98 but still unable to see traffic Maybe yo have any suggestions how fix it?

[housedir]

I also could not capture after patching :(

[pokeefer]

Yeah same here. Maybe Instagram added pinning in another function of libliger.so file. Also what program did you use to decompile the so file into the code above?

[dariolourenco]

@pokeefer its a screenshot from IDA

[abutizi]

same here :(

[S00164379]

I've patched libliger.so for version 70.0.0.22.98 but still unable to see traffic Maybe yo have any suggestions how fix it?

Did you find anything?

[AmaHacka]

@S00164379 Nope :(

[SuhatAkbulak]

Is there something?

[NGame1]

is there any success?

[oliverbytes]

Selling Instagram 75 version pinning ssl key signed skype: webqart_1

how much?

[pouyadarabi]

I think they created a custom ssl pinning in android layer :-\

[pouyadarabi]

I think they created a custom ssl pinning in android layer :-\

I solve this problem

this is a open source repository for researchers if you do it just share it publicly

I will create a new patch when I have free time in the next month :-)

[oliverbytes]

@pouyadarabi I agree. Hopefully we can all benefit. Thanks a lot

[hardcoder80]

I think they created a custom ssl pinning in android layer :-\

I solve this problem

this is a open source repository for researchers if you do it just share it publicly

I will create a new patch when I have free time in the next month :-)

There will be no next patch because facebook has fully implemented tls 1.3 in its apps which cannot be decrypted or sniffed, i have spent many hours reversing the 78.0 version and cannot find a solution for tls 1.3

[tsarpaul]

I think they created a custom ssl pinning in android layer :-\

I solve this problem

this is a open source repository for researchers if you do it just share it publicly I will create a new patch when I have free time in the next month :-)

There will be no next patch because facebook has fully implemented tls 1.3 in its apps which cannot be decrypted or sniffed, i have spent many hours reversing the 78.0 version and cannot find a solution for tls 1.3

https://www.imperialviolet.org/2018/03/10/tls13.html

I do wonder which proxies do support TLS 1.3

[MarcoG3]

I've written a step-by-step tutorial on how to circumvent Instagram SSL pinning protection on latest APK (v78): https://plainsec.org/how-to-bypass-instagram-ssl-pinning-on-android-v78

Enjoy!

[oliverbytes]

Super amazing @marco thanks a lot for your very detailed tutorial.

[NGame1]

Hi and thanks to @MarcoG3 for the tutorial. Sorry but I'm not familiar at all with Android. is it possible to someone post the patched APK here + if any other file needed?

[pashmak73]

@MarcoG3 Thanks, but I did everything you did with no success. Still can’t read all requests. here is my patched file: libliger 78.0.0.11.104.zip

[shadowzoom]

Can somebody please upload unsigned instagram apk? Thank. Tried to decode it in 3 days, without luck...

[tsarpaul]

https://github.com/tsarpaul/FBUnpinner Should work for Instagram. Replace lib-xzs/libcoldstart.so with lib-zstd/libliger.so

[AmaHacka]

@RowanFazio @shadowzoom Check out guys, newest version of IG, Facebook and Facebook Messenger contains option that allows you to disable SSL-pinning and use your SSL-certificate to decrypt HTTP-traffic ^_^

[pashmak73]

@AmaHacka can you show us how to do that?

[AmaHacka]

1. https://thehackernews.com/2019/03/facebook-whitehat-setting-hackers.html
2. https://www.anonews.co/how-to-enable-facebooks-new-white-hat-researcher-settings/ @pashmak73 @RowanFazio @shadowzoom @housedir @pokeefer

[oliverbytes]

Has anyone tried Facebook's new method? I can't seem to make them work on my Android. I've enabled all the settings. I've added the IP of my computer as the proxy in the FB App's Proxy Setting and also tried on the wifi settings. but don't get any traffic.

[AmaHacka]

@nemoryoliver Yep, everything works. Try to reproduce all steps from manual carefully and update your FB app.