[BUG] Cannot find libliger.so

Question

[BUG] Cannot find libliger.so

overage-waif-cocoon opened this issue a year ago · 1 comments

overage-waif-cocoon commented a year ago

Describe the bug

Instragram has changed their implementation. While libliger.so is included in the APK, it does not seem to be called in the process of SSL certificate verification. On the otherhand, libliger-common_1.so is called, however, the function "_ZN8proxygen15SSLVerification17verifyWithMetricsEbP17x509_store_ctx_stRKNSt6__ndk112basic_stringIcNS3_11char_traitsIcEENS3_9allocatorIcEEEEPNS0_31SSLFailureVerificationCallbacksEPNS0_31SSLSuccessVerificationCallbacksERKNS_15TimeUtilGenericINS3_6chrono12steady_clockEEERNS_10TraceEventE" is not exported.

Tracing the socket close calls (as a result of failing cert verification), we can see that they are coming from libmobilenetworkstack.so:

4036 ms addr=10.0.2.16:42896, lr=0x6fb1e9393c, /data/data/com.instagram.android/lib-compressed/libmobilenetworkstack.so

Method
Frida

App info

Version: instagram-v288.1.0.22.66
Arch: arm64-v8a

Device info

Model: Android Studio Emulator
Android Version: 13

Proxy tool
mitmproxy: v8.1.1

Logs
Frida log:

[][] Waiting for libliger...
[][+] Hooked checkTrustedRecursive
[][+] Hooked SSLContextInit

Additional context
Add any other context about the problem here.

Answer 1 · 2023-08-09T17:03:39.000Z

@overage-waif-cocoon were you able to solve the problem?