Comments (14)
The TrustManagerImpl class doesn't exist on older APIs, so we shouldn't try to hook it if it doesn't exist. I'm about to push a fix to my repo, will update you once I confirm it works for me :)
from justtrustme.
Ahh that's what I figured but I couldn't find a reference as to which API started including TrustManagerImpl.
from justtrustme.
@Snwspeckle try installing the bin associated with this: jakev@862716f
from justtrustme.
@jakev I still seem to be getting the errors which are being thrown on line 144. I think this check also needs to be included there?
from justtrustme.
Yup, it does. Doh, missed that one.
from justtrustme.
@jakev Are you going to make the change or should I make it and submit a pull request?
from justtrustme.
Sorry @Snwspeckle - I'm building right now. Link in just a sec.
from justtrustme.
@jakev No problem, I'm busy building other things as well.
About this tool, by having this installed and running, is there anything else I need to configure to prevent an app from making calls using SSL? (I'm trying to discover hidden endpoints for an app.) The reason I ask is because I've installed this tool but with wireshark I still see the app requesting GoDadddy for a certificate.
from justtrustme.
@Snwspeckle please try: jakev@b03a283. I apologize if you still have issues, I don't have an API 17 device with me that has Xposed running ATM.
Note that this tool doesn't prevent an app from making calls using SSL, it aims to disable / bypass certificate checks that might fail when man-in-the-middling an application. If you install this you'll still see encrypted traffic, but if you place a proxy between the app and the remote servers, you should be able to see the traffic. :)
from justtrustme.
@jakev would you mind opening a pull req with the additional check?
from justtrustme.
@Fuzion24 absolutely! I was hoping to hear back from @Snwspeckle to confirm it worked before submitting the pull request.If i don't hear back in a few hours I'll create the pull request.
from justtrustme.
@jakev Sorry for not responding! I got caught up in working on something else. The patch did work and the exceptions are no longer thrown.
Unfortunately, it didn't work for what I needed it to do. Looks like the app I'm working to reverse engineer is written in C++ and is using libcurl for all networking requests which does its own certificate pinning & certificate host verification.
from justtrustme.
from justtrustme.
@jakev Once the pull request has been accepted, I'll go ahead and mark this issue as closed. Thanks for the fix!
from justtrustme.
Related Issues (20)
- can you support magisk? HOT 3
- JustTrustMe causes chrome ssl error failed when connect to TLS website HOT 4
- Could you compile a latest version of apk HOT 5
- I can't visit any website when I turn JustTrustMe on. HOT 9
- What is the license? HOT 2
- It doesn't work with starbucks
- Please public a new release
- SSL Version Error HOT 1
- Why is it invalid after installation?
- Uber-Jump isn't trusting mitm certs
- God help you
- Need new build with new commit
- Just trust me is used in virtual xposed, which cannot be intercepted
- got a app can't receive any https network log even using JustTrustMe
- The client does not trust the proxy certificate
- hook checkServerTrusted error
- #Mitmproxy Unable to decrypt https when using Mitmproxy HOT 5
- Does it work on android 12? HOT 1
- access_denied (49) - When access control was applied the certificate was rejected HOT 1
- trust anchor for certification path not found
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from justtrustme.