Facebook SSL Pinning Bypass
Bypass Facebook SSL pinning on Android devices.
Supported ABIs: x86
, x86_64
, armeabi-v7a
, arm64-v8a
Latest version: v417.0.0.33.65
Bitcoin: bc1q6kvvun3cfm5kadesxflntszp8z9lqesra35law
Ethereum: 0x47633Ef59b0F765b7f8047b0A56230cfeBB34027
Patched APK (No Root)
facebook-v417.0.0.33.65-x86.apk
facebook-v417.0.0.33.65-armeabi-v7a.apk
facebook-v417.0.0.33.65-arm64-v8a.apk
Note: You need to uninstall the Facebook app before trying to install it, if Facebook is installed as a system app then you can not uninstall it without root so this method will not work in that case.
Run using Frida (Requires Root)
This method requires frida-tools and also frida-server running in the device
frida -U -l .\facebook-ssl-pinning-bypass.js -f com.facebook.katana --no-pause
Intercept network traffic
You can use a tool like mitmproxy or Burp Suite to intercept the network.
- Install patched APK in the device
- Install mitmproxy or Burp Suite
- Set up proxy for wifi settings or run:
adb shell settings put global http_proxy <proxy>
Now you should be able to see the network traffic.
View script logs
To view the logcat run:
adb logcat -s "FACEBOOK_SSL_PINNING_BYPASS:V"
#leftenter ftenter)