Can't unpin eu.reply.cordless.uk about frida-interception-and-unpinning HOT 4 OPEN

Thanks for the report! This is really useful info.

I'm not sure how the Vodafone app implements SSL pinning either, any ideas? Happy to help, but I can't seem to find an APK for it on apkpure.com or elsewhere, and I'm not in the UK so it won't seem to let me install it from the play store either.

If you manage to reverse engineer it and share any details that would be very helpful, I'm happy to help write up the JavaScript if you can work out what in the app needs changing. The trick is to find the specific method that is used to check the certificate, and then we can replace that with something that skips the check. For example, if you can follow it back a class like eu.reply.cordless.uk.HttpClient with a checkCertificates method, then we can change that method to just return true every time, and then you're sorted. Does that make sense?

If it's a new addition, that might help here - if you can get the previous & changed APKs then you can compare and contrast different disassembled versions of the code to find where things changed. If you can get the certificate check error message from ADB logs that might also be helpful, because you can hunt through the code for the error message string.

from frida-interception-and-unpinning.

Thanks for the reply. The apk is available on apkmonk.com

I don't know whether it's worth it anymore (for me personally) because I can't get the router co-operating on port 6699 in the versions without certificate pinning. Even though I can get a TLS connection while proxying, the webserver (nginx) on the router refuses to reply to any of the API calls, resulting in 404's and 503's, it's so frustrating because anything that uses port 443 is a breeze. It's the same with the Packet Capture app, if I just capture the traffic without SSL I can see evidence of back and forth communication, as soon as I apply SSL to the relevant ports the router refuses to talk. So right now I feel at a dead end, I'll probably push on though when I get the time because I hate giving up!

from frida-interception-and-unpinning.

Hi, any updates on unpinning the Vodafone app? I am also struggling to bypass their protection.

from frida-interception-and-unpinning.

@maxrull00 can you share more info about the requests that are failing? I've tested and cloud requests do all seem to be interceptable with the latest scripts, so I assume you're talking about local network traffic, but I don't think it's possible to test the local network requests without owning a vodafone router.

If you're interested in reverse engineering this, I've written a guide you can use to dig into this here: https://httptoolkit.com/blog/android-reverse-engineering/

from frida-interception-and-unpinning.