1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Getting around ceritificate pinning used in apps....

Discussion in 'General Programming Chat' started by phatzilla, Aug 4, 2013.

  1. phatzilla

    phatzilla Supreme Member

    Joined:
    Apr 9, 2009
    Messages:
    1,365
    Likes Received:
    1,017
    Anyone know how to reliably work around certificate pinning that's used by apps such as twitter, etc? This topic isnt widely discussed, thought i'd ask in this section...
     
  2. ahiddenman

    ahiddenman Elite Member

    Joined:
    Dec 11, 2010
    Messages:
    2,647
    Likes Received:
    2,087
    Location:
    204.15.23.255
  3. phatzilla

    phatzilla Supreme Member

    Joined:
    Apr 9, 2009
    Messages:
    1,365
    Likes Received:
    1,017
    Yeah ive (sort of) read that article, but im too dumb to understand how to implement it. I was more wondering on who has experience doing these things? and if your 'services' are for sale :D
     
  4. Chris22

    Chris22 Regular Member

    Joined:
    Sep 29, 2010
    Messages:
    400
    Likes Received:
    1,059
    Patching the function that does the certificate pinning is probably your best bet.

    Are you looking at android or ios apps?
     
  5. phatzilla

    phatzilla Supreme Member

    Joined:
    Apr 9, 2009
    Messages:
    1,365
    Likes Received:
    1,017
    Both, if someone offers this as a 'service', i'd be interested for sure ;). I assume its possible to repackage the app for use after patching the function?
     
  6. Chris22

    Chris22 Regular Member

    Joined:
    Sep 29, 2010
    Messages:
    400
    Likes Received:
    1,059
    Yeah, you need to rebuild it and resign it first