PADListener icon indicating copy to clipboard operation
PADListener copied to clipboard

Published 20 hours ago verified publisher icon Neraud

Capture not working with 9.1 NA

Open Quarks0 opened this issue 8 years ago • 8 comments

Haven't investigated too much myself, but the manual capture work around for Android 6 no longer works (error 101). FWIW, padproxy is still functioning so the issue may lie in how the proxy is set up.

Quarks0 avatar Jun 22 '16 20:06 Quarks0

Confirmed. Workaround in #111 does not work with PAD v9.1.0 :(

TheKat avatar Jun 24 '16 01:06 TheKat

I believe that it's because PADListener doesn't use certificates, and that Android padEN 9.1 finally started checking certificates, because 9.1 forced me to install a certificate for my padproxy setup ("Error 101"), and made me realize I never did it. JP and HT might follow.

Quarks0, I think you mean padherder_proxy, not padproxy. Please confirm.

Raijinili avatar Jun 24 '16 02:06 Raijinili

Padherder proxy I suppose. I thought they were the same

Quarks0 avatar Jun 24 '16 02:06 Quarks0

I believe that it's because PADListener doesn't use certificates, and that Android padEN 9.1 finally started checking certificates

That was my suspicion as well, but cannot verify. Is there a work-around/fix on the horizon? I hope it's not the end of PADListener, it's insanely useful :)

As fallback, I guess I'll go back to padherder_proxy for now, and failing that I'll check out padproxy.

TheKat avatar Jun 24 '16 18:06 TheKat

Has anyone confirmed if they're doing certificate pinning yet? If not, the sandrop library can generate and export a CA for installation. Installing that CA should make this function fine.

dwendt avatar Jun 29 '16 02:06 dwendt

I'm not sure what certificate pinning is, but my proxy setup uses a self-signed cert, and the Android NA version works through it. Without installing the cert, it did not.

Raijinili avatar Jun 29 '16 22:06 Raijinili

Cool. Cert pinning enables applications to look for an exact certificate for a known site, so that a malicious CA couldn't be used to intercept traffic. If that works for you, PAD isn't using certificate pinning. This is good news, and means padlistener only needs a patch to export a CA using sandrop, and then users need to install this. I'm not super familiar with Android and the sandrop library looks huge, but this wouldn't be more than an hour or two of work for someone who knows both....

dwendt avatar Jun 30 '16 17:06 dwendt

I'm having an Error code 101 with capturing from JP version 9.3 (Android 6.0.1). The manual capture worked before the update, so I'm curious if anyone else is having the same issue and if it has anything to do with the issue with 9.1 NA.

zdavidli avatar Jul 06 '16 16:07 zdavidli