Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

#Mitmproxy Unable to decrypt https when using Mitmproxy #66

Open
coding-dream opened this issue Feb 1, 2023 · 5 comments
Open

#Mitmproxy Unable to decrypt https when using Mitmproxy #66

coding-dream opened this issue Feb 1, 2023 · 5 comments

Comments

@coding-dream
Copy link

Mitmproxy:does not trust the proxy's certificate

Hello author, when using Mitmproxy, the problem of certificate pinning still cannot be solved. The following is the error reported when capturing the mobile app.

[23:21:54.726][192.168.3.18:35324] server connect api5-normal-c-lq.amemv.com:443 (223.109.60.101:443)
[23:21:54.916][192.168.3.18:35324] Client TLS handshake failed. The client does not trust the proxy's certificate for api5-normal-c-lq.amemv.com (OpenSSL Error([('SSL routines', 'ssl3_read_bytes', 'sslv3 alert certificate unknown')]))
[23:21:54.917][192.168.3.18:35324] client disconnect
[23:21:54.919][192.168.3.18:35324] server disconnect api5-normal-c-lq.amemv.com:443 (223.109.60.101:443)
[23:21:55.067][192.168.3.18:35334] client connect
[23:21:55.082][192.168.3.18:35336] client connect
[23:21:55.102][192.168.3.18:35334] server connect mssdk3-normal-hl.zijieapi.com:443 (120.237.197.119:443)
[23:21:55.104][192.168.3.18:35336] server connect api26-normal-lq.amemv.com:443 (39.135.62.79:443)
[23:21:55.133][192.168.3.18:35266] client disconnect
[23:21:55.134][192.168.3.18:35264] client disconnect
[23:21:55.138][192.168.3.18:35266] server disconnect live-cover.msstatic.com:80 (183.240.67.248:80)
[23:21:55.139][192.168.3.18:35264] server disconnect live-cover.msstatic.com:80 (183.240.67.248:80)
[23:21:55.150][192.168.3.18:35336] Client TLS handshake failed. The client does not trust the proxy's certificate for api26-normal-lq.amemv.com (OpenSSL Error([('SSL routines', 'ssl3_read_bytes', 'sslv3 alert certificate unknown')]))
[
@yoshimo
Copy link

yoshimo commented Feb 1, 2023

Applications can include their own checks on top of what this module hooks.
Also recent Android Versions added more stuff.
So to look at this properly, which device, os version and application are you trying to analyse here?

@coding-dream
Copy link
Author

Android7.0 in Xiaomi Phone,I use the app is DouYin!

@realyukii
Copy link

Same issue with:

  • Android 12 | codename S | API 31
  • Running Google Pixel 4 on Emulator AVD
  • Application Roli

mitmproxy log:
warn: [22:47:24.810][127.0.0.1:62901] Client TLS handshake failed. The client does not trust the proxy's certificate for roli.telkomsel.com (OpenSSL Error([('SSL routines', '', 'sslv3 alert certificate unknown')]))

@yoshimo
Copy link

yoshimo commented Aug 1, 2023

for me the Roli app crashes because the list of pinned certs is empty when using https://github.com/httptoolkit/frida-android-unpinning/

Process crashed: java.lang.IllegalArgumentException: pins must start with 'sha256/' or 'sha1/': Pinned certificates for roli.telkomsel.com

need to dig deeper

@realyukii
Copy link

thanks for your reply @yoshimo !
I will considering to learning the fundamental first to be able dig deeper into the problem

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@yoshimo @coding-dream @realyukii