[!] Could not find the required code to patch!

[hbcohen2002]

Followed the steps, but had difficulties. I was able to find the libcoldstart.so file in /data/data/com.facebook.katana/lib-compressed, but got this error message.

[direct808]

Выполнил шаги, но возникли трудности. Мне удалось найти файл libcoldstart.so в /data/data/com.facebook.katana/lib-compressed, но я получил это сообщение об ошибке.

Did you fix the problem?

[depocoder]

Выполнил шаги, но возникли трудности. Мне удалось найти файл libcoldstart.so в /data/data/com.facebook.katana/lib-compressed, но я получил это сообщение об ошибке.

Did you fix the problem?

Did you fix the problem?

[depocoder]

link on file https://ufile.io/srik0y6y

[depocoder]

I used apk 356+ because I can't install early version I got error

[depocoder]

if anyone have problem with version app you can use this rep https://github.com/pouyadarabi/Facebook_SSL_Pinning. That helped me so much

[baptx]

@depocoder I tried the x86 version of your link with Android x86 (64 bit 7.1-r5) on VirtualBox (configured with a host-only adapter) but we cannot get past the login page, I can just see the login request in mitmproxy. If I try with the original APK from your link without replacing libcoldstart.so and without using a MITM proxy but a normal proxy like Squid, I cannot get past the login page either, probably because it is an old Facebook app not supported anymore. It would be nice if we can make the patch working on the latest Facebook version available on the Play Store. It will also be safer than using an untrusted APK and lib which can contain spyware (I recommend using a test Facebook account if we use an untrusted APK or files). @tsarpaul Do you think an update to the patch is possible? Do you also have a documentation or write-up on how you made the patch for more transparency (in addition to comments) so others can understand better the changes they are applying? I see there is assembly code also.

Update: the repository https://github.com/pouyadarabi/Facebook_SSL_Pinning is archived and I read "Deprecated: Use Facebook whitehat setting". I did not understand this sentence before but there are some articles like https://techmonitor.ai/technology/cybersecurity/facebook-whitehat-settings explaining that Facebook now allows to sniff the traffic without the need of reverse engineering the Android app. It would still be useful to be able to bypass SSL pinning by patching the APK, just to understand how this security works and how it can be broken.

Update 2: I was not able to inspect requests of the Facebook Android app using the White Hat settings with mitmproxy, I got the error "tlsv1 alert unknown ca" (https://github.com/mitmproxy/mitmproxy/issues/145#issuecomment-1207298205). Was someone able to inspect requests of the latest Facebook Android app using the White Hat settings or another method?