1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Getting around ceritificate pinning used in apps....

Discussion in 'General Programming Chat' started by phatzilla, Aug 4, 2013.

  1. phatzilla

    phatzilla Jr. VIP Jr. VIP

    Joined:
    Apr 9, 2009
    Messages:
    1,384
    Likes Received:
    1,023
    Anyone know how to reliably work around certificate pinning that's used by apps such as twitter, etc? This topic isnt widely discussed, thought i'd ask in this section...
     
  2. ahiddenman

    ahiddenman Elite Member

    Joined:
    Dec 11, 2010
    Messages:
    2,717
    Likes Received:
    2,118
    Location:
    204.15.23.255
  3. phatzilla

    phatzilla Jr. VIP Jr. VIP

    Joined:
    Apr 9, 2009
    Messages:
    1,384
    Likes Received:
    1,023
    Yeah ive (sort of) read that article, but im too dumb to understand how to implement it. I was more wondering on who has experience doing these things? and if your 'services' are for sale :D
     
  4. Chris22

    Chris22 Regular Member

    Joined:
    Sep 29, 2010
    Messages:
    400
    Likes Received:
    1,061
    Patching the function that does the certificate pinning is probably your best bet.

    Are you looking at android or ios apps?
     
  5. phatzilla

    phatzilla Jr. VIP Jr. VIP

    Joined:
    Apr 9, 2009
    Messages:
    1,384
    Likes Received:
    1,023
    Both, if someone offers this as a 'service', i'd be interested for sure ;). I assume its possible to repackage the app for use after patching the function?
     
  6. Chris22

    Chris22 Regular Member

    Joined:
    Sep 29, 2010
    Messages:
    400
    Likes Received:
    1,061
    Yeah, you need to rebuild it and resign it first