Closed kkm closed 2 years ago
I'd be surprised if the generic hooks we have bypasses pinning in an app like Instagram out of the box. Your only option here is to reverse the application and discover how they have implemented it manually.
I have little idea and can you do it manually yourself?
On Wed, 13 Oct 2021 at 20:21, Leon Jacobs @.***> wrote:
Closed #496 https://github.com/sensepost/objection/issues/496.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/sensepost/objection/issues/496#event-5459059874, or unsubscribe https://github.com/notifications/unsubscribe-auth/AABAZET57FR6GOEOITH6OQLUGXE2RANCNFSM5F47II4A . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.
https://www.apkmirror.com/apk/instagram/instagram-instagram/instagram-instagram-209-0-0-21-119-release/
Does anyone have any idea why this doesn't work anymore?
I did try with command line:
objection -g com.instagram.android explore
thenandroid sslpinning disable
andfrida -U -f com.instagram.android -l script.js --no-paus
both no longer work. I'm not sure if it should work.