Skip to content

Instantly share code, notes, and snippets.

@himanshudas

himanshudas/gist:b988c98b2f50094b2bffeac235c57448

Created March 5, 2020 03:21
Show Gist options
  • Save himanshudas/b988c98b2f50094b2bffeac235c57448 to your computer and use it in GitHub Desktop.
Save himanshudas/b988c98b2f50094b2bffeac235c57448 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
gistfile1.txt
setTimeout(function() {
Java.perform(function () {
try{
var Squareup_OkHostnameVerifier_Activity = Java.use('com.squareup.okhttp.internal.tls.OkHostnameVerifier');
Squareup_OkHostnameVerifier_Activity.verify.overload('java.lang.String', 'java.security.cert.X509Certificate').implementation = function (str1, str2) {
console.log('[+] Bypassing Squareup OkHostnameVerifier {1}: ' + str1);
return true;
catch(err){
console.log(err.stack);
}
});
}, 0);
@himanshudas
Copy link
Author

try {
var okhttp3_Activity = Java.use('okhttp3.CertificatePinner');
okhttp3_Activity.check.overload('java.lang.String', 'java.util.List').implementation = function (str) {
console.log('[+] Bypassing OkHTTPv3 {1}: ' + str);
return true;
};
// This method of CertificatePinner.check could be found in some old Android app
okhttp3_Activity.check.overload('java.lang.String', 'java.security.cert.Certificate').implementation = function (str) {
console.log('[+] Bypassing OkHTTPv3 {2}: ' + str);
return true;
};

    } catch (err) {
        console.log('[-] OkHTTPv3 pinner not found');
        //console.log(err);
    }

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment