Note that project still works with original

[rmwxiong]

Project still works fine with the original release version of PoGo. As of now, you can still catch pokemon on a newer installation, and then switch to an older version of the app to analyze the data.

[dortamiguel]

Someone just figured out how to remove the certificate pinning https://eaton-works.com/2016/07/31/reverse-engineering-and-removing-pokemon-gos-certificate-pinning/

[benjaminhallock]

That requires decompiling the apk and patching some file.... lol not going to work. It's a shame I really liked this project.

[dortamiguel]

mmm well, maybe an apk patcher would work?

[macmanchomp]

It's not really difficult patching. Just not sure if patching the apk is really anywhere near safe enough to do on a main account. Maybe if you have multiples and just wanted to Proof Of Concept with it you could give it a try.

[dortamiguel]

Patching the apk will be safer than using an external unofficial API?

[nelsonzheng]

How is pokeadvisor doing it?

[btimo]

https://github.com/rastapasta/pokemon-go-xposed

@rastapasta the developer of the MITM did this for rooted android user: Pogo-Optimizer is working again !

[gvdn78]

Justr wondering if we could get Pogo-Optimizer working on Bluestacks or Nox and if so would anyone be willing to maybe share how we can do that?

[macmanchomp]

I think it's pretty much the same process. You should be able to use the android instructions and find a path to get it working. Just a side note though, it's pretty simple to just use the 0.29.3 apk on a phone and do the process as normal. The servers are not version locked yet.

[justinleewells]

The problem right now is that I don't have an Android device. If I continue this project, then it would have to be a spoofing implementation.

[rmwxiong]

@justinleewells It should work on bluestacks, no?

[macmanchomp]

@justinleewells how about using nox to emulate android and running the 0.29.3 apk on there? In two seconds I'll be launching this through nox to check for function. The proxy function is available in settings and using the browser that shipped with nox I installed the cert. Launching go.... all information loaded. Works like a charm. ^.^

[eq2kazial]

If you're able to downgrade to the previous version on your iPhone you can continue to use pogo-optimizer. That's my solution for now while I hope @justinleewells and other developers are able to figure out a workaround with the SSL pinning.

[justinleewells]

I am pretty sure that there's no way to bypass the SSL pinning on iOS without rooting your phone. Would you guys prefer that I make an Electron version with spoofing or just close the project? I'm pretty sure they'll end up banning people who use the third-party APIs.

[rmwxiong]

Well since it works totally fine on Android with 29.3, it makes sense to me to keep it open. I still use it whenever I have lots of pokemon.

[macmanchomp]

I love the project, not too sure how protobuf would work out through electron, but I'd love to see any kind of continuation. Honestly Niantic doesn't seem to have any idea how to secure the platform yet. There looks like months of being undetectable ahead or they would have version locked the servers.

[macmanchomp]

Also seems like their bugger concern was the pokemon maps. The kinds of things that flooded the servers with requests causing instability.

[Fasgort]

Still using a root method, but the apk doesn't need to be modified anymore.

https://www.reddit.com/r/pokemongodev/comments/4viajn/allow_mitm_again_with_app_version_030_xposed/

[quincygogo]

Is it possible, instead of using a proxy server, to scan the inventory to know the IVs?

[mathiasbynens]

@quincygogo How would you “scan the inventory” without man-in-the-middling?

[quincygogo]

@mathiasbynens I've seen some bots can know the IVs of your inventory like https://github.com/Novalys/PokemonGo-Bot-SimpleGUI , http://www.ownedcore.com/forums/pokemon-go/pokemon-go-hacks-cheats/566323-necrobot-nice-gui-coded-me.html

It might require us to use third-party API, but looks doable

[eq2kazial]

@quincygogo The benefit of the MITM method is that it doesn't make API calls and you don't have to use your login information. I'd much prefer being able to find a similar method, if possible, than potentially sending info that Niantic could later ban from.

[justinleewells]

I might just require rooting to use the app and call it a day. I can jailbreak my iPhone and install ssl kill switch.

[mathiasbynens]

Note that Pokémon GO crashes on startup on jailbroken devices (by design — they go out of their way to detect it!), but there’s a workaround.

[justinleewells]

Thanks for the information, @mathiasbynens.

[macmanchomp]

If you want to avoid rooting or jailbreaking you can try andyroid or bluestacks. Both run on OS X fairly well, and all you need to do is log in then delete the app data each time. At least that's what I do to avoid getting any weirdness from the account being out of sync or anything.

[haaayden]

Just to let you guys know, I'm still able to use this project on Windows with Android(PoGo 0.30) by following this guide and using this Xposed module. Thanks a lot for the excellent project!

[justinleewells]

@macmanchomp Do I need two computers to use the proxy, or is there a way to proxy the traffic to a server on the same computer?

[eq2kazial]

FWIW, I used two computers, ran PoGo 0.31 on android emulator with the Xposed module and pogo-optimizer worked perfectly on my second computer, seeing the data. Thanks for making pogo-optimizer, @justinleewells, and if you decide to continue updating it!

[Jorge22f]

Is there a way to update the values in the program? I see Water gun still shows 20 DPS instead of the new value of 12 DPS. I'm assuming this information was coded in instead of being pulled from the app.