Not working with Facebook #13
Comments
|
Hello, |
|
Hm, I actually can't reproduce. I'm using facebook 52.0 with |
|
Seems that it's certain APIs. graph.facebook.com and api.facebook.com fail, but I could register an account through b-api.facebook.com/ without issue. |
|
Yes, it is specific APIs. |
|
It is not working on my phone too, any update ? |
|
Any update? |
|
@nabla-c0d3 , I assume it's similar for Facebook's messenger app, tried a bunch of things with no luck, I wish I knew more in this domain to be able to help. |
|
@alfonsoperez Yes, it's the same. |
|
|
|
Any new clues about facebook ? Thanks |
|
Simple fix for that is to hook RCTSRWebSocket function called _checkHandshake |
|
I tried disabling pinning in |
|
@nabla-c0d3 what you mean by 'still wasn't enough'? It work partially or not work at all? |
|
@karek314 can you jus tell me how to bypass Facebook app SSL pining for now as a work around? I am ok to inject tweaks? I tried to let _checkHandshake return YES, however, no luck |
|
From what I found is |
|
I did some research, and didn't find yet a solution. @liuxuan30 did you get more results on your side ? |
|
as I said, I just found that the API requests are sending out by |
|
@ch3repatz Impatiently awaiting for details 👍 |
|
@alfonsoperez hope the author will share his research, not just the screenshot |
|
This is still on my TODO list, I just haven't had time to look at this again. |
|
@ch3repatz can't wait.. why just a screenshot |
|
@liuxuan30 I don't know, ask the author of research please. I just found the tweet and copied here. |
|
Just asked and get a reply:"Do you mind sharing?"; "No, it's a non-public research for my customer." |
|
@liuxuan30 sad :( |
|
actually can we have synergy here not just depending on @nabla-c0d3 ? I was able to track down to |
|
@nabla-c0d3 I found that I hooked |
|
It's not used in the flows that I have seen. Same with FBMQTTNativeClientand, RCTSRWebSocket and FBSSLPinningVerifier. Overall it's unclear to me where the pinning validation logic is happening during the login flow, but I haven't had time to look at it that much. |
|
@nabla-c0d3 np, I just looked into it and want to save your time when you sit down and working on this. What I find is that the upper |
|
It also doesn't work with World of Warcraft Armory, It works correctly until you login, then it doesn't catch anything besides the regular google analytics calls |
|
@mdbrelo look for string "openssl", usually it has embedded path, if that fails for some reason you can try locate some openssl specific strings. |
|
great. I'm trying to learn how to use ida and asm language but it's really hard |
|
@karek314 any ETA you would file a PR for this? Very interested. |
|
@liuxuan30 I will when I'll have more time, right now you can just use https://github.com/karek314/hexbytescanner and patch binaries manually before deploying them. |
|
Could please anybody share the final ipa for Facebook with patched ssl pinning? Unfortunately i dont have any framework for patching it myself( |
|
I have IPA only :|
…On Tue, Sep 11, 2018 at 3:12 PM dedfft ***@***.***> wrote:
Could please anybody share the final ipa for Facebook with patched ssl
pinning? Unfortunately i dont have any framework for patching it myself(
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#13 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AZjAvhoB_kPXCaAjWSHADmOakL0cBkuMks5uZ35hgaJpZM4HzqY6>
.
|
|
U have the facebook patched ipa? Could you please share it? |
|
@dedfft you can use this guide by @phwd https://www.facebook.com/113702895386410/videos/1466262083463811/ .Let me know if you need IPA :) |
|
Hello Asad, thank you for the video hint! I have already watched it this year several times, unfortunately i was unable to replicate the procedure several times and was disappointed in myself.. I am curios not in the process of debugging of an ipa, but more in looking at how facebook works inside.. Could you? If that is not too much to ask. Please |
|
Please check your mail :) @dedfft
…On Wed, Sep 12, 2018 at 3:55 AM dedfft ***@***.***> wrote:
Hello Asad, thank you for the video hint! I have already watched it this
year several times, unfortunately i was unable to replicate the procedure
several times and was disappointed in myself..
I am curios not in the process of debugging of an ipa, but more in looking
at how facebook works inside..
If you could share already patched ipa with me, it would be amazing!
My email is ***@***.***
Could you? If that is not too much to ask. Please
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#13 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AZjAvr18S5qc07e1M8r3AOPSwmv36WZFks5uaDFJgaJpZM4HzqY6>
.
|
|
@asad0x01 I would also want to have one thank you. email is [email protected] |
@asad0x01 can you share .ipa file with me as well? email: [email protected]. |
|
Hey sorry guys.The latest Facebook app is crashing.Still I'm able to intercept https request of other apps.(Moments,Facebook Page Manager). Let me know if you need any of them.I've the base IPA of Facebook app.Not the modified one. |
|
For android you can try https://github.com/pouyadarabi/Facebook_SSL_Pinning (Facebook for android Version 175).Also make sure that your android version is Lollipop or above. |
|
Here is the Stock IPA of Facebook APP:https://mega.nz/#!lmpBHIAI!yEMBmTSVHmHNzmXB-Jq8_TMzTOvV5fbZ-awJUGxvsxs Here is the Modified Facebook Pages IPA:https://mega.nz/#!omhlQY6A!95c5LW34bcpFyP1u_G8s32kKrYL1Wlf0oEI49AxZuHA Here is the Modified Moments IPA:https://mega.nz/#!RngjwArB!AjD66ZXnjNVOvPLs_nfIAEkplI-xgOnUc4q5KU8-LPw You can install those IPA's using Cydia Impactor.Note that you can only intercept request of those TWO IPA(Facebook Page Manager and Moments). |
|
Thank you asad, that is fantastic!! |
|
It's crashing unfortunately :( But when I tried it a months ago it was working perfectly.However I'll wait for the next update :) |
|
I'm trying to do this with Instagram, should this process work ? How could I disable it's SSL pinning? |
|
Maybe any luck with disabled ssl pinning on previous Facebook app versions? I really need at least anything(( |
|
@asad0x01 can you do other apps as well? Please email me: [email protected] |
Is it possible to do this without a mac using frida? |
|
@S00164379 Nope. hexbytescanner is written in Objective C++, shouldn't be that hard to rewrite to C++ though. |
ah!NO!Sorry :( |
|
@asad0x01 any luck with latest Facebook app? |
@nabla-c0d3 do you have any plan to implement this in ssl kill switch 2?Thanks in advance :) |
|
@asad0x01 Doesn't work anymore. It for sure does work with OpenSSL 1.1.0 and 1.0.2 ARM64(which still does work with many apps). Current answer lays in https://github.com/facebookincubator/fizz it does pinning now, it's open source, shouldn't be hard but I haven't had time to play around. In past it relied with pinning on OpenSSL. If anyone finds stable pattern to hook pinning function, feel free to share patch here https://github.com/karek314/hexbytescanner-hooks :) |
|
The only way to bypass facebook SSL pinning for now is by using frida and objection. |
a very complicated way. :( okay… |
|
and others
First of all, very cool project!
I was trying out the latest release with the Facebook app and it's not working for me. Tried a reboot. Works fine in Safari. Console notifies of it being loaded. Screenshot from Charles Proxy included. Tried with Burp also, same error. Apple App Store gets intercepted just fine.
The text was updated successfully, but these errors were encountered: