I've been trying to get the api endpoints and routes of an app from the Play Store, so far I've tried:
- Using mitmproxy without root: rejects the user's certificate (https://github.com/mitmproxy/mitmproxy/issues/2054)
- Running the app on multiple rooted and non-rooted android emulators: says the integrity check has failed due to rooting or similar. Rooting and installing rootcloack seems not to help.
- Modifying the .APK to accept the user certicate using https://github.com/levyitay/AddSecurityExceptionAndroid as said here: https://github.com/mitmproxy/mitmproxy/issues/2054#issuecomment-289206209
I'm getting the APK from https://apkcombo.com/, which downloads a .zip with multiple APKs (com.[appname].app.apk, config.es.apk, ...) I unzip it, run https://github.com/levyitay/AddSecurityExceptionAndroid on com.[appname].app.apk and then I zip it again and try to install it using https://apkcombo.com/es-es/how-to-install/, but it gives me this error: https://i.stack.imgur.com/0CIdO.png
I've looked into some tutorials to sign the .apk, but I think I'm doing something wrong as the error keeps popping, sometimes it's another error about a missing certificate.
So, how can I modify the apk to accept the user certificate correctly?
I'm also trying to get the api endpoints by decompiling the app, but the code seems really obfuscated.
