frida cant break ssl pinning on spotify apk

[emrovsky]

all logs with debug-mode on

C:\Users\emrovsky\Downloads\test>frida -U -l config.js -l frida-script.js -f com.spotify.music ____ / _ | Frida 16.1.11 - A world-class dynamic instrumentation toolkit | (| | > _ | Commands: // |_| help -> Displays the help system . . . . object? -> Display information about 'object' . . . . exit/quit -> Exit . . . . . . . . More info at https://frida.re/docs/home/ . . . . . . . . Connected to M2101K6G (id=127.0.0.1:21533) Spawning com.spotify.music...

*** Starting scripts *** Spawned com.spotify.music. Resuming main thread! [M2101K6G::com.spotify.music ]-> --- Unpinning Android app... [+] SSLPeerUnverifiedException auto-patcher [+] HttpsURLConnection (setDefaultHostnameVerifier) [+] HttpsURLConnection (setSSLSocketFactory) [+] HttpsURLConnection (setHostnameVerifier) [+] SSLContext [+] TrustManagerImpl [ ] OkHTTPv3 (list) [ ] OkHTTPv3 (cert) [ ] OkHTTPv3 (cert array) [ ] OkHTTPv3 ($okhttp) [ ] Trustkit OkHostnameVerifier(SSLSession) [ ] Trustkit OkHostnameVerifier(cert) [ ] Trustkit PinningTrustManager [ ] Appcelerator PinningTrustManager [ ] OpenSSLSocketImpl Conscrypt [ ] OpenSSLEngineSocketImpl Conscrypt [ ] OpenSSLSocketImpl Apache Harmony [ ] PhoneGap sslCertificateChecker [ ] IBM MobileFirst pinTrustedCertificatePublicKey (string) [ ] IBM MobileFirst pinTrustedCertificatePublicKey (string array) [ ] IBM WorkLight HostNameVerifierWithCertificatePinning (SSLSocket) [ ] IBM WorkLight HostNameVerifierWithCertificatePinning (cert) [ ] IBM WorkLight HostNameVerifierWithCertificatePinning (string string) [ ] IBM WorkLight HostNameVerifierWithCertificatePinning (SSLSession) [ ] Conscrypt CertPinManager [ ] CWAC-Netsecurity CertPinManager [ ] Worklight Androidgap WLCertificatePinningPlugin [ ] Netty FingerprintTrustManagerFactory [ ] Squareup CertificatePinner (cert) [ ] Squareup CertificatePinner (list) [ ] Squareup OkHostnameVerifier (cert) [ ] Squareup OkHostnameVerifier (SSLSession) [+] Android WebViewClient (SslErrorHandler) [ ] Android WebViewClient (WebResourceError) [ ] Apache Cordova WebViewClient [ ] Boye AbstractVerifier [ ] Appmattus (CertificateTransparencyInterceptor) [ ] Appmattus (CertificateTransparencyTrustManager) Unpinning setup completed

*** Scripts completed ***

--> Bypassing Trustmanager (Android < 7) request --> Bypassing TrustManagerImpl checkTrusted --> Bypassing Trustmanager (Android < 7) request --> Bypassing TrustManagerImpl checkTrusted --> Bypassing TrustManagerImpl checkTrusted --> Bypassing TrustManagerImpl checkTrusted --> Bypassing TrustManagerImpl checkTrusted --> Bypassing TrustManagerImpl checkTrusted --> Bypassing TrustManagerImpl checkTrusted --> Bypassing TrustManagerImpl checkTrusted --> Bypassing TrustManagerImpl checkTrusted --> Bypassing TrustManagerImpl checkTrusted --> Bypassing TrustManagerImpl checkTrusted --> Bypassing TrustManagerImpl checkTrusted --> Bypassing TrustManagerImpl checkTrusted --> Bypassing TrustManagerImpl checkTrusted --> Bypassing TrustManagerImpl checkTrusted --> Bypassing TrustManagerImpl checkTrusted --> Bypassing TrustManagerImpl checkTrusted