Stack Overflow
Stack Overflow

Questions tagged [sslpinning]

44 questions
5
votes
3 answers

iOS TLS/SSL Pinning using NSRequiresCertificateTransparency key in Info.plist

I want to secure my app against man-in-the-middle (mitm) attacks using SSL Pinning. By default it is possible to use a proxy like Charles or mitmproxy to intercept traffic, and decrypt it using a self-signed certificate. After extensive research, I…
de.
  • 7,068
  • 3
  • 40
  • 69
4
votes
2 answers

Unable to connect to the frida server: need Gadget to attach on jailed Android

I am using objection to bypass ssl pining on injured android apk. After I ran this command successfully objection patchapk --source injured.apk and uninstall and reinstall the patched apk again, I tried objection explore but always get this error. I…
ELMO
  • 581
  • 2
  • 5
  • 7
3
votes
1 answer

Alamofire - IOS SSL Pinning with multiple certificates

I am using Alamofire in my IOS Application and has implemented SSL Pinning. I have kept the certificate locally in .der format. The issue is the certificate when getting expired, I have to do an App release with new certificate. Code Snippet…
Abin Koshy Cheriyan
  • 617
  • 7
  • 18
3
votes
0 answers

How to disable ssl pinning in android app using Objection

I have a simple app and am trying to bypass its ssl pinning with no luck. Already did android sslpinning disable but didnt work. Based on this article https://blog.nviso.eu/2020/11/19/proxying-android-app-traffic-common-issues-checklist/ I then used…
West
  • 2,350
  • 5
  • 31
  • 67
3
votes
1 answer

Flutter TlsException: Failure trusting builtin roots

I'm trying to perform SSL certificate pinning in a Flutter app using HttpClient. I have previously successfully performed pinning in a native Android app. This is the error message I receive: E/flutter (28810):…
Peter Aleksander Bizjak
  • 41
  • 6
3
votes
4 answers

How to disable SSL Pinning on Flutter?

We are using Flutter for app development. Our security testers said that we need to disable SSL Pinning in Flutter code so they can run some test. We couldn't do it. We use Dio package for HTTP request. How can we disable SSL Pinning on Flutter?
beratmirzaloglu
  • 73
  • 1
  • 7
2
votes
0 answers

npx react-native run-android failing

I am trying to enable SSL Pinning in my react native App. I am using the SSL RN module (Link) and I have already done installation. implementation with the private route. but I am stuck Task :react-native-ssl-pinning:generateDebugRFile FAILED I am…
Deepak Sharma
  • 21
  • 2
2
votes
1 answer

Null address in Sslpinning bypass of flutter app by using frida

I was working on pentesting a flutter android app on genymotion x86 to bypass sslpinning by using this and this approaches, but my function address return null when running Frida. First of all, by Ghidra found the address of the function which is…
Maede Hojjati
  • 21
  • 4
1
vote
0 answers

I want to do React native dynamic ssl pinning

I'm trying to perform SSL pinning in React Native. The main issue is: On the Android side, we aim to transfer the key and SSL pinning activation status obtained from remoteConfig to the native side using the bridge. However, SSL pinning doesn't seem…
volkandincer
  • 11
  • 1
1
vote
0 answers

Can not install react-native-ssl-pinning manually on IOS

I use react-native 0.71.8. I install react-native-ssl-pinning, It worked well on Android, but on IOS, It throw error: URL unsupport or The certificate for this server is not valid. You may be connecting to a server posing as “****.com”, which could…
Cao Cao
  • 11
  • 1
1
vote
0 answers

Platform exception while using Ssl pinning plugin in flutter

I am not sure about how to use the ssl pinning plugin in flutter. when I am using it I am getting a platform exception saying that the fingerprints doesn't match. is it the sha 1 or sha 256 of the project that we want to provide or the sha of the…
Pradhu Ramachandran
  • 11
  • 1
1
vote
0 answers

how to use SSL pining in every Api request using http plugin fllutter

I am new to SSL pinning, I was asked to use SSL pinning in every API request. I checked some resources but I didn't get the idea of how to call it in my API request. I am using HTTP/HTTP plugin and not Dio, if anyone can provide me an example of how…
Mona
  • 143
  • 1
  • 1
  • 7
1
vote
1 answer

How Can I detect self signed certificate from charles, wireshark etc in golang

I am currently working on GO app and I wanted to know how can I detect someone using reverse proxy apps such as Charles, Wireshark and Fiddler. I tried to read about SSL-Pinning but I couldn't find anything useful.
chimeczekkosmo
  • 36
  • 4
1
vote
1 answer

Extracting public key information from a PEM certificate

This is the first time I am doing this SSL pinning on Android. When creating OkHttp, I am adding this code: certificatePinner( CertificatePinner.Builder().add( "url of the server", "sha256/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" …
amira
  • 416
  • 1
  • 7
  • 24
1
vote
0 answers

TypeError: Cannot read properties of undefined (reading 'fetch') [react-native-ssl-pinning]

I am building a react native mobile application and I want to implement SSL pinning using react-native-ssl-pinning. I've installed all the necessary things and I also imported fetch method: import {fetch} from 'react-native-ssl-pinning'; This is…
PatrikHarmanos
  • 11
  • 1
1
2 3