revanced-patches icon indicating copy to clipboard operation
revanced-patches copied to clipboard
verified publisher icon ReVanced

feat(Universal patch): Shared patch to trust user certificates

Open bennett-sh opened this issue 2 years ago • 3 comments

Application

All apps

Issue

It's interesting to inspect HTTPS traffic but most apps only trust system and not user certificates making it much harder.

Patch

  1. Does the manifest's application tag have android:networkSecurityConfig="@xml/SOMETHING"? |> If not, create xml/network_security_config.xml and add it to the manifest.
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
  <base-config>
      <trust-anchors>
          <certificates src="system" />
          <certificates src="user" overridePins="true" />
      </trust-anchors>
  </base-config>
</network-security-config>

|> If yes, add the <certificates src="user" overridePins="true" />-element

Motivation

My motivation is that it improves the work of many people by speeding up app patching and making HTTPS interception without root easier.

Acknowledgements

  • [X] I have searched the existing issues and this is a new and no duplicate or related to another open issue.
  • [X] I have written a short but informative title.
  • [X] I filled out all of the requested information in this issue properly.

bennett-sh avatar Mar 28 '23 17:03 bennett-sh

simply adding this XML will not solve your problem.

proxykingdev avatar Mar 30 '23 06:03 proxykingdev

apk-mitm already exists

Axelen123 avatar Mar 31 '23 20:03 Axelen123

yes but it makes everything more complicated since I'll have to go through a secondary step on my pc (or termux; unsure if it works) everytime I want to update an app

bennett-sh avatar Mar 31 '23 21:03 bennett-sh