shroudedcode
commented
2 years ago There are multiple ways to implement certificate pinning in Android apps and some of them (like the Network Security Config or implementations of the X509TrustManager interface) apk-mitm can patch 100% of the time because they can be detected based on simple rules. Others involve entirely custom logic to essentially perform a certificate == pinnedCertificate check. This logic is often part of libraries (like the popular Java HTTP client OkHttp) and detecting it reliably can be tricky. apk-mitm does include support for different OkHttp versions for example, but if the library code is obfuscated, then even those detections don't work anymore.
So, if you really want to disable certificate pinning for the affected parts of the app (note that those requests might belong to analytics tools and be less interesting anyway), you'll have to look into actually modifying the app's source code. This can be a bit of a rabbit hole to go down, but here are some links that might help you out:
LelandSindt
While trying to inspect some call made by the an Android app, I am seeing what I will call partial success... That is.. some calls are visible from mitmproxy but others fail/are not visible.
<insert this is not my area of expertise, any help you can provide would be greatly appreciated statement here.>
Can you provide any insights as to where I should look to understand why some of the calls are working/un-pinned but others continue to fail after patching?