m-rey · May 23, 2023 22:19
diff --git a/frida_bypass_com-appmattus-certificatetransparency.js b/frida_bypass_com-appmattus-certificatetransparency.js
 Java.perform(function () {
  var CertificateTransparencyInterceptor = Java.use('com.appmattus.certificatetransparency.internal.verifier.CertificateTransparencyInterceptor');
  var OkHttpClientBuilder = Java.use('okhttp3.OkHttpClient$Builder');

  CertificateTransparencyInterceptor.intercept.implementation = function (chain) {
    var request = chain.request();
    var url = request.url();
    var host = url.host();

    // Dynamically access the VerificationResult classes
    var VerificationResult = Java.use('com.appmattus.certificatetransparency.VerificationResult');
    var VerificationResultSuccessInsecureConnection = Java.use('com.appmattus.certificatetransparency.VerificationResult$Success$InsecureConnection');
    var VerificationResultFailureNoCertificates = Java.use('com.appmattus.certificatetransparency.VerificationResult$Failure$NoCertificates');

    // Create instances of the desired VerificationResult classes
    var success = VerificationResultSuccessInsecureConnection.$new(host);
    var failureNoCertificates = VerificationResultFailureNoCertificates.$new();

    // Log the intercepted details
    console.log('[+] Intercepted:');
    console.log('   - Host:', host);
    console.log('   - URL:', url.toString());

    // Bypass certificate transparency verification
    var certs = chain.connection().handshake().peerCertificates();
    if (certs.length === 0) {
      console.log('   - Certificate transparency bypassed.');
      return failureNoCertificates;
    }

    try {
      // Proceed with the original request
      return chain.proceed(request);
    } catch (e) {
      // Catch SSLPeerUnverifiedException and return intercepted response
      if (e.toString().includes('SSLPeerUnverifiedException')) {
        console.log('   - Certificate transparency failed.');
        return failureNoCertificates;
      }
      throw e;
    }
  };

  OkHttpClientBuilder.build.implementation = function () {
    // Intercept the OkHttpClient creation
    var client = this.build();
    console.log('[+] OkHttpClient created');
    return client;
  };
 });
	Java.perform(function () {
	var CertificateTransparencyInterceptor = Java.use('com.appmattus.certificatetransparency.internal.verifier.CertificateTransparencyInterceptor');
	var OkHttpClientBuilder = Java.use('okhttp3.OkHttpClient$Builder');

	CertificateTransparencyInterceptor.intercept.implementation = function (chain) {
	var request = chain.request();
	var url = request.url();
	var host = url.host();

	// Dynamically access the VerificationResult classes
	var VerificationResult = Java.use('com.appmattus.certificatetransparency.VerificationResult');
	var VerificationResultSuccessInsecureConnection = Java.use('com.appmattus.certificatetransparency.VerificationResult$Success$InsecureConnection');
	var VerificationResultFailureNoCertificates = Java.use('com.appmattus.certificatetransparency.VerificationResult$Failure$NoCertificates');

	// Create instances of the desired VerificationResult classes
	var success = VerificationResultSuccessInsecureConnection.$new(host);
	var failureNoCertificates = VerificationResultFailureNoCertificates.$new();

	// Log the intercepted details
	console.log('[+] Intercepted:');
	console.log(' - Host:', host);
	console.log(' - URL:', url.toString());

	// Bypass certificate transparency verification
	var certs = chain.connection().handshake().peerCertificates();
	if (certs.length === 0) {
	console.log(' - Certificate transparency bypassed.');
	return failureNoCertificates;
	}

	try {
	// Proceed with the original request
	return chain.proceed(request);
	} catch (e) {
	// Catch SSLPeerUnverifiedException and return intercepted response
	if (e.toString().includes('SSLPeerUnverifiedException')) {
	console.log(' - Certificate transparency failed.');
	return failureNoCertificates;
	}
	throw e;
	}
	};

	OkHttpClientBuilder.build.implementation = function () {
	// Intercept the OkHttpClient creation
	var client = this.build();
	console.log('[+] OkHttpClient created');
	return client;
	};
	});