Nigloland App: Certificate transparency failed #84
Comments
|
Can you explain what "doesn't seem to work" means? There are no errors shown here and there's some traffic that's being intercepted correctly. How do you know it's not working? It'd be useful to share any error messages you're seeing on the device, and the ADB logs ( |
|
The data within the app does not load, only the loading bars appear. I have attached the adb log. |
|
This makes the loading bars disappear, but then I can't see the traffic: |
|
I have it when I'm with: adb root Change the root certificate, then I see the traffic in mitmproxy. So there seems to be a problem with overwriting the certificate using the config or? Logs: |
|
Hmm, yes this is interesting and I can reproduce the issue. It does indeed look like the app is built with Flutter, which can often cause issues like this. Right now this repo isn't well set up to intercept flutter (which ignores most system settings & standard APIs by default) but I'm definitely interested in doing that eventually. From what I can see, it looks like the app is failing in an unusual way when the certificate isn't trusted for I can confirm that using normal system interception (manual setup as you describe, or automatic ADB setup on a rooted device with HTTP Toolkit) does successfully capture all the intraniglo traffic that was missing otherwise. It is a good test case for flutter interception with these scripts though. I don't have time to totally fix this myself right now, but I would be very interested to hear if you find any good approaches to intercept traffic like this with Frida alone. |
The Nigoland app doesn't seem to work with the scripts, but I don't see a direct error in the log.
The APP:
https://play.google.com/store/apps/details?id=com.nigloland.nigloland
Do you have any tips for me as to what the problem might be?
Log:
____
/ _ | Frida 16.2.1 - A world-class dynamic instrumentation toolkit
| (| |
> _ | Commands:
// |_| help -> Displays the help system
. . . . object? -> Display information about 'object'
. . . . exit/quit -> Exit
. . . .
. . . . More info at https://frida.re/docs/home/
. . . .
. . . . Connected to SM-G988N (id=127.0.0.1:62025)
Spawning
com.nigloland.nigloland...*** Starting scripts ***
== Redirecting all TCP connections to 192.168.178.59:8080 ==
[+] Patched 2 libssl.so verification methods
== Hooked native TLS lib libssl.so ==
Spawned
com.nigloland.nigloland. Resuming main thread![SM-G988N::com.nigloland.nigloland ]-> Ignoring unix:dgram connection
== Proxy system configuration overridden to 192.168.178.59:8080 ==
Rewriting <class: android.net.PacProxySelector>
Rewriting <class: java.net.ProxySelector>
Rewriting <class: sun.net.spi.DefaultProxySelector>
== Proxy configuration overridden to 192.168.178.59:8080 ==
[+] Injected cert into com.android.org.conscrypt.TrustedCertificateIndex
[ ] Skipped cert injection for org.conscrypt.TrustedCertificateIndex (not present)
[ ] Skipped cert injection for org.apache.harmony.xnet.provider.jsse.TrustedCertificateIndex (not present)
== System certificate trust injected ==
[+] javax.net.ssl.HttpsURLConnection setDefaultHostnameVerifier
[+] javax.net.ssl.HttpsURLConnection setSSLSocketFactory
[+] javax.net.ssl.HttpsURLConnection setHostnameVerifier
[+] javax.net.ssl.SSLContext init(KeyManager;[], TrustManager;[], SecureRandom)
[ ] com.android.org.conscrypt.CertPinManager isChainValid
[+] com.android.org.conscrypt.CertPinManager checkChainPinning
[+] android.security.net.config.NetworkSecurityConfig $init() (0)
[+] android.security.net.config.NetworkSecurityConfig $init() (1)
=> android.security.net.config.NetworkSecurityConfig $init() (1)
=> android.security.net.config.NetworkSecurityConfig $init() (0)
[+] com.android.okhttp.internal.tls.OkHostnameVerifier verify(String, SSLSession)
[+] com.android.okhttp.Address $init(String, int, Dns, SocketFactory, SSLSocketFactory, HostnameVerifier, CertificatePinner, Authenticator, Proxy, List, List, ProxySelector)
[ ] com.android.okhttp.Address $init(String, int, SocketFactory, SSLSocketFactory, HostnameVerifier, CertificatePinner, Authenticator, Proxy, List, List, ProxySelector)
[ ] okhttp3.CertificatePinner *
[ ] com.squareup.okhttp.CertificatePinner *
[ ] com.datatheorem.android.trustkit.pinning.PinningTrustManager *
[ ] appcelerator.https.PinningTrustManager *
[ ] nl.xservices.plugins.sslCertificateChecker *
[ ] com.worklight.wlclient.api.WLClient *
[ ] com.worklight.wlclient.certificatepinning.HostNameVerifierWithCertificatePinning *
[ ] com.worklight.androidgap.plugin.WLCertificatePinningPlugin *
[ ] com.commonsware.cwac.netsecurity.conscrypt.CertPinManager *
[ ] io.netty.handler.ssl.util.FingerprintTrustManagerFactory *
[ ] com.silkimen.cordovahttp.CordovaServerTrust *
[ ] com.appmattus.certificatetransparency.internal.verifier.CertificateTransparencyHostnameVerifier *
[ ] com.appmattus.certificatetransparency.internal.verifier.CertificateTransparencyInterceptor *
[ ] com.appmattus.certificatetransparency.internal.verifier.CertificateTransparencyTrustManager *
== Certificate unpinning completed ==
=> android.security.net.config.NetworkSecurityConfig $init() (1)
=> android.security.net.config.NetworkSecurityConfig $init() (0)
== Unpinning fallback auto-patcher installed ==
*** Scripts completed ***
[] Core Verify() called
[] MD isEqual() called
[] MD isEqual() called
[] MD isEqual() called
[] MD isEqual() called
[] Mypid() = 12341
Manually intercepting connection to 185.151.189.166:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp fd 111 to {"ip":"192.168.178.59","port":8080} (-1)
[] Mypid() = 12341
Manually intercepting connection to 185.151.189.166:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp fd 116 to null (-1)
Manually intercepting connection to [2a:a:15:80:20:0:6f:0:0:0:0:0:0:0:0:12]:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp6 fd 117 to null (-1)
Manually intercepting connection to 185.151.189.166:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp fd 116 to null (-1)
Manually intercepting connection to 185.151.189.166:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp fd 116 to null (-1)
Manually intercepting connection to 185.151.189.166:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp fd 116 to null (-1)
Manually intercepting connection to 185.151.189.166:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp fd 116 to null (-1)
Manually intercepting connection to [2a:a:15:80:20:0:6f:0:0:0:0:0:0:0:0:12]:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp6 fd 116 to null (-1)
Manually intercepting connection to 185.151.189.166:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp fd 117 to {"ip":"192.168.178.59","port":8080} (-1)
Manually intercepting connection to 185.151.189.166:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp fd 116 to null (-1)
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
Manually intercepting connection to 185.151.189.166:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp fd 159 to {"ip":"192.168.178.59","port":8080} (-1)
Manually intercepting connection to 185.151.189.166:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp fd 151 to {"ip":"192.168.178.59","port":8080} (-1)
Manually intercepting connection to 185.151.189.166:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp fd 157 to null (-1)
Manually intercepting connection to 185.151.189.166:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp fd 158 to {"ip":"192.168.178.59","port":8080} (-1)
Manually intercepting connection to [2a:a:15:80:20:0:6f:0:0:0:0:0:0:0:0:12]:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp6 fd 164 to null (-1)
Manually intercepting connection to [2a:a:15:80:20:0:6f:0:0:0:0:0:0:0:0:12]:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp6 fd 165 to null (-1)
Manually intercepting connection to [2a:a:15:80:20:0:6f:0:0:0:0:0:0:0:0:12]:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp6 fd 166 to null (-1)
Manually intercepting connection to [2a:a:15:80:20:0:6f:0:0:0:0:0:0:0:0:12]:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp6 fd 167 to {"ip":"::ffff:192.168.178.59","port":8080} (-1)
Manually intercepting connection to 185.151.189.166:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp fd 158 to null (-1)
Manually intercepting connection to 185.151.189.166:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp fd 151 to null (-1)
Manually intercepting connection to 185.151.189.166:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp fd 166 to null (-1)
Manually intercepting connection to 185.151.189.166:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp fd 159 to null (-1)
Manually intercepting connection to [2a:a:15:80:20:0:6f:0:0:0:0:0:0:0:0:12]:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp6 fd 167 to null (-1)
Manually intercepting connection to 185.151.189.166:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp fd 170 to null (-1)
Manually intercepting connection to 185.151.189.166:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp fd 167 to {"ip":"192.168.178.59","port":8080} (-1)
[] Mypid() = 12341
Manually intercepting connection to 188.114.96.3:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp fd 170 to null (-1)
[] Mypid() = 12341
[] Mypid() = 12341
Manually intercepting connection to 185.151.189.166:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp fd 159 to null (-1)
Manually intercepting connection to 185.151.189.166:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp fd 166 to null (-1)
Manually intercepting connection to 185.151.189.166:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp fd 159 to null (-1)
Manually intercepting connection to 185.151.189.166:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp fd 166 to null (-1)
Manually intercepting connection to 185.151.189.166:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp fd 159 to {"ip":"192.168.178.59","port":8080} (-1)
Manually intercepting connection to 185.151.189.166:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp fd 159 to null (-1)
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
Manually intercepting connection to 185.151.189.166:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp fd 166 to null (-1)
Manually intercepting connection to 185.151.189.166:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp fd 167 to null (-1)
Manually intercepting connection to 185.151.189.166:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp fd 159 to null (-1)
Manually intercepting connection to 185.151.189.166:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp fd 170 to null (-1)
Manually intercepting connection to 185.151.189.166:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp fd 171 to {"ip":"192.168.178.59","port":8080} (-1)
Manually intercepting connection to 185.151.189.166:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp fd 173 to null (-1)
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
Manually intercepting connection to 185.151.189.166:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp fd 159 to null (-1)
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
Manually intercepting connection to 185.151.189.166:443
Ignoring unix:stream connection
Ignoring unix:stream connection
Connected tcp fd 159 to null (-1)
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
[] Mypid() = 12341
The text was updated successfully, but these errors were encountered: