Frida and Charles can't inspect requests to firestore.googleapis.com

Question

I know this question is very similar to this one: Using Charles proxy to decrypt googleapis.com, but it is very old and I think google changed some stuff about their APIs.

I'm using Charles to inspect HTTP requests from an android app (which is not mine). This app uses SSL pinning, so I bypassed it with this tutorial: https://lucy-janewalsh.com/blog/2019/10/29/unpinning-an-app

This works perfectly for every domain, except firestore.googleapis.com.

Charles gives me this error:

No request was made. Possibly the SSL certificate was rejected.

Do you know if this is possible to inspect requests made to this address?

Thanks

Answer 1

That tutorial only disables SSLPinning by the conscrypt library and only if the app that uses this library has not been obfuscated. If the app is obfuscated the class can not be found and the pinning will remain active. Also keep in mind that conscrypt is based on my experience not very often used by Android apps. Other libraries that provide SSLPinning like OKHttp are way more often used (e.g. covered by this Frida snippet.

In your case everything depends on the app you try to intercept the traffic of. Decompile it e.g. using Jadx or your favorite app decompiler and try to identify the used library/method for SSL pinning. If the app is obfuscated (class names changed) then most likly you have to write your own frida code to disable pinning (or at least adapt the class names form an existing frida code snippet that performs unpinning for the SSL-library used in your app).