ssl_verify_peer_cert not found
Closed this issue · 3 comments
For context - I'm using an x86_64 Genymotion emulator.
frida -D "192.168.56.101:5555" -f com.pepsico.pepsico_loyalty_app -l flutter_sslpin.js
____
/ _ | Frida 16.1.4 - A world-class dynamic instrumentation toolkit
| (_| |
> _ | Commands:
/_/ |_| help -> Displays the help system
. . . . object? -> Display information about 'object'
. . . . exit/quit -> Exit
. . . .
. . . . More info at https://frida.re/docs/home/
. . . .
. . . . Connected to Galaxy S9 (id=192.168.56.101:5555)
Spawning `com.pepsico.pepsico_loyalty_app`...
[+] Java environment detected
Spawned `com.pepsico.pepsico_loyalty_app`. Resuming main thread!
[Galaxy S9::com.pepsico.pepsico_loyalty_app ]-> [+] libflutter.so loaded
[+] Flutter library found
[!] ssl_verify_peer_cert not found. Trying again...
[+] ssl_verify_peer_cert found at offset: 0x669c8e
While it finds one of the offsets, it's not the right offset for the SSL pinning so all the calls are still tunneled. The test apk in this repo works as normal.
Link to libflutter.so - 57c77580e0a353a117c4a1a4d87fa337.zip
Which version of android are you using
I've tested on this app and I can intercept the calls to pepsico.com. Please reopen and give more info in case it still won't work. Note that Flutter apps don't use the system's proxy settings, so you need to have a correct setup for non-proxy-aware apps. I don't have experience with Genymotion in this regard, but typical solutions are VPN / WIFI / ProxyDroid / iptables.
I have tested on an app built on native flutter and what I did is patched the app using objection and used the frida interception scripts from httptoolkit and instead of loading their interception scripts I used NVISO's