Athul Jayaram athuljayaram

Tested on Workplace for Android version 362.0.0.29.109. This approach might work in other Facebook/Meta applications. Thank you Imre Rad for helping me analyze the binary.

How does it work?

The Workplace Android app uses the Fizz open source TLS-1.3 library to communicate with the backend APIs. This library is written in C++, and is compiled to native code. It is running as a native library attached to the Android app.

The certificate verification is implemented in fizz/client/ClientProtocol.cpp, on line 1944. The easiest way to bypass this check is to patch the if (state.verifier()) { check on line 1942.

Disable SSL Pinning on Instagram for Android

Create the file /data/data/com.instagram.android/shared_prefs/devprefs.xml and add the following content. (You will need root access to modify it)

<?xml version='1.0' encoding='utf-8' standalone='yes' ?>
<map>
    <string name="debug_allow_user_certs_ttl">1557909551442:86400000</string>
    <boolean name="debug_allow_user_certs" value="true" />
    <boolean name="debug_disable_liger_fizz" value="true" />

	- name: awss3
	type: regex
	regex:
	- '[a-zA-Z0-9.-]+\.s3\.amazonaws\.com'
	- 's3://([^/]+)'
	- '[a-zA-Z0-9.-]+.s3\.[a-zA-Z0-9.-]+\.amazonaws\.com'
	- '[a-zA-Z0-9.-]+\.s3-website-[a-z0-9-]+\.amazonaws\.com'
	- '[a-zA-Z0-9.-]+\.s3\.amazonaws\.com'

	- name: awsapps

	#!/usr/bin/env bash

	# Print usage
	function usage {
	echo -n "$(basename $0) CIDR...
	$(basename $0) [OPTION] CIDR...

	This script prints the ip range or full list of ip addresses for one or more CIDR.

	Options: