search

tsarpaul / FBUnpinner

Bypass Facebook/Instagram Certificate Pinning for Android
224 stars 56 forks source link

libcoldstart.so and/or libliger.so not longer exist #21

Closed soknifedev closed 3 years ago

soknifedev commented 4 years ago

Hi, just to point out that the libcoldstart.so and/or libliger.so seems to not longer exist in the facebook and instagram apps respectively.

is there a workaround?

PATAPOsha commented 4 years ago

There are /data/data/com.facebook.katana/lib-superpack-xz/libcoldstart.so and /data/data/com.instagram.android/lib-superpack-zstd/libliger.so now. However, I was unable to apply patch for them:

[!] ERROR: Unknown architecture in libcoldstart.so, this script only supports ARM and x86!
[+] Patching TLS1.3 stack!
[!] Could not find the required code to patch!
tsarpaul commented 4 years ago

Hi, I'm not maintaining this project any more so please try an older version.

soknifedev commented 4 years ago

Hi, I'm not maintaining this project any more so please try an older version.

Well, then may can I contribute to it?

There are /data/data/com.facebook.katana/lib-superpack-xz/libliger.so and /data/data/com.instagram.android/lib-superpack-zstd/libliger.so now. However, I was unable to apply patch for them:

[!] ERROR: Unknown architecture in libcoldstart.so, this script only supports ARM and x86!
[+] Patching TLS1.3 stack!
[!] Could not find the required code to patch!

Seems like the address of the SSL function has changed, I'll try to patch it later.

tsarpaul commented 4 years ago

Ofcourse! Will be much appreciated.

tsarpaul commented 4 years ago

FYI, in my code I built a binary pattern to recognize the specific address where you need to patch.

PATAPOsha commented 4 years ago

There are no more usages of "verifier failure" error string in those files. Variable exists but IDA cannot find usages.

olvinroght commented 3 years ago

@PATAPOsha, try to use Ghidra 😉

pregenRobot commented 3 years ago

Hi, I'm not maintaining this project any more so please try an older version.

I understand you are not maintaining this repo. However, can you at least post an update on the facebook version you used? I cannot find the version number details anywhere in the repo and would love to use this tool.

tsarpaul commented 3 years ago

On an older issue (https://github.com/tsarpaul/FBUnpinner/issues/2) I said this should work: https://www.apkmirror.com/apk/facebook-2/facebook/facebook-210-0-0-43-119-release/

Check Facebook whitehat settings though, might be a good substitute: https://thehackernews.com/2019/03/facebook-whitehat-setting-hackers.html

tsarpaul commented 3 years ago

Pull request claims the recent commit should be relevant for most recent fb app, didn't test it myself

nickolas98 commented 3 years ago

Attention! ) anyone who patched facebook.apk successfuly - I would buy this info. With proofs of course) hit me on telegram @farmpage