0

I'm trying to see what does an app send between my device and app's servers using mitmproxy, but mitmproxy gets detected (requests throw errors, app shows "No Internet Connection" error).

I tried two setups:

  • AVD
  • Proxy set in the AVD settings
  • mitmproxy cert put into /system/etc/security/cacerts and
  • Real device
  • Proxy set in WiFi settings
  • mitmproxy cert put into /system/etc/security/cacerts , both of them failed. Other apps work fine.
user18686221
  • 91
  • 1
  • 4
  • Most likely the app uses certificate pinning and thus detects that mitmproxy is used. You can try to modify the APK or use Frida + Objection to bypass certificate pinning. See also section "Disable certificate checking at all in my answer [here](https://stackoverflow.com/a/57570009/150978). Alternatively Depending on the used cert pinning implementation this can work or not. – Robert Nov 23 '22 at 08:04
  • @Robert After decompiling the APK with apktool I could see some JavaScript module that did SSL pinning. I'm sadly not able to recompile the APK, because Android throws some error that native libraries are broken. I'm not able to run Magisk and LSPosed in AVD right now because of an error with the rooting software. I will try to disable SSL checking when I will be able to use it. – user18686221 Nov 23 '22 at 20:14
  • If the app does not work after recompiling because of native libraries most likely you need to apply `zipalign 4096` on the APK file before resigning. – Robert Nov 23 '22 at 20:51

0 Answers0