Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[!] Could not find the required code to patch! #31

Open
hbcohen2002 opened this issue Jul 18, 2021 · 6 comments
Open

[!] Could not find the required code to patch! #31

hbcohen2002 opened this issue Jul 18, 2021 · 6 comments

Comments

@hbcohen2002
Copy link

Followed the steps, but had difficulties. I was able to find the libcoldstart.so file in /data/data/com.facebook.katana/lib-compressed, but got this error message.

@direct808
Copy link

Выполнил шаги, но возникли трудности. Мне удалось найти файл libcoldstart.so в /data/data/com.facebook.katana/lib-compressed, но я получил это сообщение об ошибке.

Did you fix the problem?

@depocoder
Copy link

Выполнил шаги, но возникли трудности. Мне удалось найти файл libcoldstart.so в /data/data/com.facebook.katana/lib-compressed, но я получил это сообщение об ошибке.

Did you fix the problem?

Did you fix the problem?

@depocoder
Copy link

link on file https://ufile.io/srik0y6y

@depocoder
Copy link

I used apk 356+ because I can't install early version I got error
изображение

@depocoder
Copy link

if anyone have problem with version app you can use this rep https://github.com/pouyadarabi/Facebook_SSL_Pinning. That helped me so much

@baptx
Copy link

baptx commented Aug 6, 2022

@depocoder I tried the x86 version of your link with Android x86 (64 bit 7.1-r5) on VirtualBox (configured with a host-only adapter) but we cannot get past the login page, I can just see the login request in mitmproxy. If I try with the original APK from your link without replacing libcoldstart.so and without using a MITM proxy but a normal proxy like Squid, I cannot get past the login page either, probably because it is an old Facebook app not supported anymore.
It would be nice if we can make the patch working on the latest Facebook version available on the Play Store. It will also be safer than using an untrusted APK and lib which can contain spyware (I recommend using a test Facebook account if we use an untrusted APK or files).
@tsarpaul Do you think an update to the patch is possible? Do you also have a documentation or write-up on how you made the patch for more transparency (in addition to comments) so others can understand better the changes they are applying? I see there is assembly code also.

Update: the repository https://github.com/pouyadarabi/Facebook_SSL_Pinning is archived and I read "Deprecated: Use Facebook whitehat setting". I did not understand this sentence before but there are some articles like https://techmonitor.ai/technology/cybersecurity/facebook-whitehat-settings explaining that Facebook now allows to sniff the traffic without the need of reverse engineering the Android app.
It would still be useful to be able to bypass SSL pinning by patching the APK, just to understand how this security works and how it can be broken.

Update 2: I was not able to inspect requests of the Facebook Android app using the White Hat settings with mitmproxy, I got the error "tlsv1 alert unknown ca" (mitmproxy/mitmproxy#145 (comment)). Was someone able to inspect requests of the latest Facebook Android app using the White Hat settings or another method?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants