Stack Overflow
Stack Overflow

Questions tagged [sslpinning]

44 questions
1
vote
1 answer

Protect Firebase callable functions from man in the middle

I have made my mobile app using firebase on iOS & I use callable functions to communicate with database. When I try to perform a “man in the middle” attack/move using a simple app as Charles, I can see all my calls with the data I send, in plain…
user2206906
  • 1,310
  • 2
  • 13
  • 18
1
vote
0 answers

React native with self signed certificates on M1 chip MacOS

The below is my code for Webservices call, which works fine on both iOS and Android. But for API calls where self signed certificate is used, this does not work. I am using macOS with M1 chip. To fix this, I used the steps mentioned in…
Ambili
  • 11
  • 2
0
votes
0 answers

SSL pinning validation failed: javax.net.ssl.SSLHandshakeException

I'm encountering an javax.net.ssl.SSLHandshakeException with the message "SSL pinning validation failed" when implementing SSL pinning in my Android application. I have already verified that I'm using the correct SHA-256 key for pinning. Here's the…
user2357113
  • 162
  • 2
  • 15
0
votes
0 answers

Can't read traffic through one specific app with Burp

So I'm trying to debug this specific app: https://sahibinden-com.tr.uptodown.com/android To debug I'm using Frida, Genymotion and this script to unpin the certificate: https://codeshare.frida.re/@akabe1/frida-multiple-unpinning/ Since I'm using…
GoekhanDev
  • 326
  • 2
  • 4
  • 20
0
votes
0 answers

Android Emulator freezes with balck screen after modyfying /system and reboot

I create arm AVDs in Android Studio Emulator on my Mac m1. Tried different images: Android 13.0, Android 12.0, Android 11.0 with Google APIs/no google apps. The behavior is the same for all. I push my ca-certificate to /system in order to intercept…
PATAPOsha
  • 372
  • 3
  • 18
0
votes
1 answer

Extracting ssl certificate or expiry date from publickey in swift ios

everyone I want to implement dynamic SSL pinning.So as to implement it through publicKey,I have to update the publicKey when certificate against it expires. I have checked third party library like wultra/SSL pinning ios,but it is little complicated…
Ankit Kumar Gupta
  • 1
0
votes
0 answers

Flutter how to allow to certain certificates on http request? (SSL Pinning)

i am trying to implement SSL pinning to my flutter app. I am using a "certificate.pem" file. I have a custom HttpService class, all the http requests are made from methods which belongs to this class. class HttpService { late IOClient _ioClient;…
Emre Turan
  • 83
  • 1
  • 8
0
votes
0 answers

SSL pinning flutter using Dio package throws HandshakeException

I have pinned (the Facebook SSL certificate) in the assets/certificates path. I am fetching network calls using Dio package. void fetchDataUsingDio() async { final dio = Dio(); ByteData bytes = await…
Navin Kumar
  • 3,393
  • 3
  • 21
  • 46
0
votes
0 answers

SSL pinning in React Native

How to incorporate SSL pinning in React Native using axios for api calls. I came across TrustKit but my continues efforts to use the same ends up crashing my app. I tried both the ways of adding TrustKit. Via…
Veeki
  • 1
  • 1
0
votes
0 answers

SSL public key pinning is not working with HttpClientHandler for Xamarin.iOS, can still be eavesdropped. How do I secure the app against MITM attacks?

I am new to Xamarin Forms and also SSL Pinning. I am looking at an issue regarding SSL pinning in a preexisting app at work. The idea is that, with server certificate (or public key) pinned, the app should close when a proxy (middle man) is…
curiosolio
  • 11
  • 2
0
votes
0 answers

didReceiveAuthenticationChallenge called multiple times

I'm doing a SSL pinning check for a website and I need to tap into the didReceiveAuthenticationChallenge in order to do so. However when I am debugging the application I noticed that the challenge is being called 3 times before finishing and…
SmalliSax
  • 342
  • 3
  • 6
  • 24
0
votes
0 answers

Alternative for SSL/Certificate/Public key pining

We are developing react-native SDK which will be used by another react native app (main app) for some functionalities. From our SDK there are API calls and some contains sensitive data. So with a security check from main found that man-inthe-middel…
someone
  • 6,577
  • 7
  • 37
  • 60
0
votes
0 answers

SSL Pinning for WKWebView. Add multiple certificates to xcode project and use while loading url in WKWebView

How to use all added certificates in XCode project bundle while loading URLs in WKWebView and WKWebView takes a valid certificate for ignoring SSL error. If possible, please provide sample of code.
nirav.25990
  • 11
  • 3
0
votes
0 answers

iOS SSL Pinning index beyond bounds

Sometime I'm getting crashes from firebase: Index 1 beyond bounds [0..0] but in my app I'm checking if serverTrust contains any certificates. Any idea why? position 0 is leaf, position 1 is intermediate and 2 is root. here is code: guard…
Gorthez
  • 391
  • 3
  • 12
0
votes
1 answer

frida.TimedOutError: unexpectedly timed out while initializing suspended process

Describe the bug Timeout occurred on objection explore To Reproduce Steps to reproduce the behavior: Run command objection --gadget "com.apple.AppStore" explore Evidence / Logs / Screenshots Using USB device `iPhone` Traceback (most recent call…
Sha
  • 921
  • 17
  • 46
1
2
3