Comments (6)
Looks like they verify against apk-mitm-8c0f4706379aecc405491c8f8b955fbc\decode\assets\res_output\ca-bundle.crt
not sure where that needs to be patched though.
from apk-mitm.
Have you searched the Smali code for that file name to see if it's read anywhere? You could also try debugging the app like I did in your other issue (I wish I had a full guide for that, maybe I'll write it eventually 😅).
from apk-mitm.
only mentioned in the manifest and cert.sf but i have files that contain the hostname mentioned which i will mess with next:
Debugging is a bit ouf o my league for now
server.host mobilecrush.king.com
server.port 443
server.secure true
server.supportsSsl true
server.page /
fb.app.id _210831918949520
adtruth.url https://play.king.com/install
mercado.url http://plataforma.sto.midasplayer.com:8008/goto/candycrush/mercado-3
servicelayer.host servicelayer.king.com
servicelayer.port 80
servicelayer.secure false
servicelayer.supportsSsl false
cmp.url https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
cmp.app_id.android c484d7fd-d5e1-4f02-9e35-85341dfab524
cmp.app_id.ios 7a8f2a54-43c1-48a5-811c-8267f2728c5b
from apk-mitm.
two changes seem to have made it work.
editing the server.secure true to false and merging the network security config files including the already existing domain config in addition to apk-mitm s base config.
from apk-mitm.
Thanks for looking into this yourself @yoshimo! It would be great if these changes could be applied automatically, so let's keep the issue open for now.
from apk-mitm.
Actually, it seems like this manifest is pretty specific to this one game (or maybe all games by King, but that's still pretty niche), so I don't think integrating support for patching it would be worth it. If anyone has any evidence that this file is standardized in some way (for example by being part of a major game engine), please let me know and I might reconsider adding support for it.
from apk-mitm.
Related Issues (20)
- error: No resource identifier found for attribute 'enableOnBackInvokedCallback' in package 'android' HOT 6
- No resource found that matches the given name 'com.google.firebase.crashlytics'. HOT 2
- Is the using of the tool will lead to the absence of certificate pinning of the mobile app.
- Facing error for Uber app
- Any alternative for IOS app and how to bypass USB detection in android apk HOT 1
- apk-mitm installation?
- Allowing specific certificates --certificate broken - manual workaround
- error: unexpected element <uses-native-library> found in <manifest><application>. HOT 2
- Netflix not working HOT 1
- error in ubuntu and termux but not in windows, why? HOT 1
- ClassNotFoundException HOT 1
- "Error: ENOENT: no such file or directory" when opening AndroidManifest.xml HOT 1
- Doesn't work for Flutter and ReactNative
- could not align: could not execute zipalign HOT 2
- Androidmanifest invalid ampersand after patching
- Encoding process failed HOT 5
- Error while encoding APK file with apk-mitm and Apktool HOT 3
- After patching, not all endpoints can be monitored in Charles proxy HOT 1
- error: xml parser error: not well-formed (invalid token). HOT 1
- Bypass Firebase Signature?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from apk-mitm.