JustTrustMe icon indicating copy to clipboard operation
JustTrustMe copied to clipboard

Published 20 hours ago verified publisher icon Fuzion24

#Mitmproxy Unable to decrypt https when using Mitmproxy

Open coding-dream opened this issue 2 years ago • 5 comments

Mitmproxy:does not trust the proxy's certificate

Hello author, when using Mitmproxy, the problem of certificate pinning still cannot be solved. The following is the error reported when capturing the mobile app.

[23:21:54.726][192.168.3.18:35324] server connect api5-normal-c-lq.amemv.com:443 (223.109.60.101:443)
[23:21:54.916][192.168.3.18:35324] Client TLS handshake failed. The client does not trust the proxy's certificate for api5-normal-c-lq.amemv.com (OpenSSL Error([('SSL routines', 'ssl3_read_bytes', 'sslv3 alert certificate unknown')]))
[23:21:54.917][192.168.3.18:35324] client disconnect
[23:21:54.919][192.168.3.18:35324] server disconnect api5-normal-c-lq.amemv.com:443 (223.109.60.101:443)
[23:21:55.067][192.168.3.18:35334] client connect
[23:21:55.082][192.168.3.18:35336] client connect
[23:21:55.102][192.168.3.18:35334] server connect mssdk3-normal-hl.zijieapi.com:443 (120.237.197.119:443)
[23:21:55.104][192.168.3.18:35336] server connect api26-normal-lq.amemv.com:443 (39.135.62.79:443)
[23:21:55.133][192.168.3.18:35266] client disconnect
[23:21:55.134][192.168.3.18:35264] client disconnect
[23:21:55.138][192.168.3.18:35266] server disconnect live-cover.msstatic.com:80 (183.240.67.248:80)
[23:21:55.139][192.168.3.18:35264] server disconnect live-cover.msstatic.com:80 (183.240.67.248:80)
[23:21:55.150][192.168.3.18:35336] Client TLS handshake failed. The client does not trust the proxy's certificate for api26-normal-lq.amemv.com (OpenSSL Error([('SSL routines', 'ssl3_read_bytes', 'sslv3 alert certificate unknown')]))
[

coding-dream avatar Feb 01 '23 15:02 coding-dream

Applications can include their own checks on top of what this module hooks. Also recent Android Versions added more stuff. So to look at this properly, which device, os version and application are you trying to analyse here?

yoshimo avatar Feb 01 '23 16:02 yoshimo

Android7.0 in Xiaomi Phone,I use the app is DouYin!

coding-dream avatar Feb 02 '23 12:02 coding-dream

Same issue with:

  • Android 12 | codename S | API 31
  • Running Google Pixel 4 on Emulator AVD
  • Application Roli

mitmproxy log: warn: [22:47:24.810][127.0.0.1:62901] Client TLS handshake failed. The client does not trust the proxy's certificate for roli.telkomsel.com (OpenSSL Error([('SSL routines', '', 'sslv3 alert certificate unknown')]))

realyukii avatar May 13 '23 15:05 realyukii

for me the Roli app crashes because the list of pinned certs is empty when using https://github.com/httptoolkit/frida-android-unpinning/

Process crashed: java.lang.IllegalArgumentException: pins must start with 'sha256/' or 'sha1/': Pinned certificates for roli.telkomsel.com

need to dig deeper

yoshimo avatar Aug 01 '23 14:08 yoshimo

thanks for your reply @yoshimo ! I will considering to learning the fundamental first to be able dig deeper into the problem

realyukii avatar Aug 01 '23 14:08 realyukii