eltion / instagram-ssl-pinning-bypass Goto Github PK
View Code? Open in Web Editor NEWBypass Instagram SSL pinning on Android devices.
License: GNU General Public License v3.0
Bypass Instagram SSL pinning on Android devices.
License: GNU General Public License v3.0
while creating patch apk its asking
Enter key password for
can i get password sir
Can you create ssl pinning bypass for instagram lite version?
line 172, 174, 175 has to be reverted, we fixed the issue but later you deleted this code and broken the building:
[...] and not file.filename.startswith("resources.arsc"):
[...]
if not os.path.exists(os.path.join(TEMP_FOLDER, file.filename)) and file.filename.startswith("resources.arsc"):
apk_out.writestr(file.filename, apk_in.read(file.filename), compress_type=zipfile.ZIP_STORED, compresslevel=0)
resources.arsc has to be STORED not COMPRESSED, otherwise it doesn't build a valid apk file on R
Describe the bug
When I first used this guide to bypass android SSL pinning I was able to see all the requests that the Instagram client was making such as Photos, API requests or simply profile informations fetching.
Right now, after some time, I came back on Instagram SSL pinning bypass and all I can see are requests you can see in the image below.
Method
I'm using Frida for bypassing the SSL pinning.
App info
Device info
Proxy tool
mitmproxy: v8.1.1
Logs
I'm using Frida tool for logging.
Thanks so much in advance !!!
thanks Eltion
tg @NpProblem1
Describe the bug
I installed provided in README.md apk file instagram-v275.0.0.27.98-armeabi-v7a.apk, logged in clear account and after some time got banned, because app was not able to access gateway.instagram.com
Method
Patched APK
App info
Device info
Proxy tool
HTTP Toolkit 1.12.3.0
Additional context
Now Instagram is telling me that I have violated their rules and am engaging in bots and unauthorized activities, so now I need to send a selfie of me holding a paper with credentials on it so they can see that I am not a bot and unblock my account.
need the latest version Frida js file. plzzz
Describe the bug
I have installed the patch apk but burp is still showing this unknown_ca error.
Method
Patched APK
App info
Device info
Proxy tool
burp: v2023.6.2.0
Additional context
My phone is a rooted infinix with lineage os 20 gsi running. I have tried using burp without installing the ca certificate, installing it as a user certificate and also installing it as a system certificate but none of these methods have worked for me.
Hey,
Can you help me with similar commands for macOS as you have posted in the readme for Ubuntu?
Brother I can't capture the Instagram app data
How to solve the issue
Only encrypted TLS are showing
Describe the bug
After running the apk patch python script, the patched apk crashes when opened. However, I have downloaded the apks you put on the repo and they work just fine
Method
Patched APK
App info
Device info
Proxy tool
brup: v2022.5.2
I got error with trying to patch apk version 302.1.0.36.111 x86 with patch_apk.py script:
App ABIs: ['x86']
Supported ABIs: ['x86']
Generating keystore...
Generating 2 048 bit RSA key pair and self-signed certificate (SHA256withRSA) with a validity of 8 000 days
for: CN=com.leftenter.android, OU=ID, O=APK, L=Unknown, ST=Unknown, C=XK
[Storing C:\Users\a\PycharmProjects\Instagram-SSL-Pinning-Bypass/temp/release.keystore]
Created config_file at: C:\Users\a\PycharmProjects\Instagram-SSL-Pinning-Bypass/temp\libgadget.config.so
Created script_file at: C:\Users\a\PycharmProjects\Instagram-SSL-Pinning-Bypass/temp\libsslbypass.js.so
Patching for x86
Extracting: lib/x86/libmemalign16.so
Downloading firda-gadget-16.1.4-x86.so.xz
at com.android.apksigner.ApkSignerTool.sign(ApkSignerTool.java:291)
at com.android.apksigner.ApkSignerTool.main(ApkSignerTool.java:84)
Caused by: java.io.IOException: ObjectIdentifier() -- data isn't an object ID (tag = 48)
at java.base/sun.security.util.ObjectIdentifier.(Unknown Source)
at java.base/sun.security.util.DerInputStream.getOID(Unknown Source)
at java.base/com.sun.crypto.provider.PBES2Parameters.engineInit(Unknown Source)
at java.base/java.security.AlgorithmParameters.init(Unknown Source)
... 10 more
First of all, you are appreciated! Secondary I’m hoping to try and run this without root. Is Frida gadget implemented? I saw a line or two in the source code but unsure.
Describe the bug
A clear and concise description of what the bug is.
Method
Patched APK or Frida
App info
Device info
Proxy tool
brup: lasttest
Logs
Frida or logcat logs, screenshots, mitmproxy event logs, Brup event log.
Additional context
Add any other context about the problem here.
Describe the bug
Latest version 264.0.0.22.106 Apk downloaded from here (arm64-v8a, nodpi) and successfully patched on Ubuntu. Patched apk crashed on Pixel 4 XL on startup. No root on device. Patched apk from this git repo works fine (v 256).
Method
Patched APK
App info
Device info
Proxy tool
brup: latest
Logs
root@ubuntu:/home/Instagram-SSL-Pinning-Bypass# python3 patch_apk.py -i com.instagram.original.apk -o ig3.apk
App ABIs: ['arm64-v8a']
Supported ABIs: ['arm64-v8a']
Generating keystore...
Generating 2,048 bit RSA key pair and self-signed certificate (SHA256withRSA) with a validity of 8,000 days
for: CN=com.leftenter.android, OU=ID, O=APK, L=Unknown, ST=Unknown, C=XK
[Storing /home/Instagram-SSL-Pinning-Bypass/temp/release.keystore]
Created config_file at: /home/Instagram-SSL-Pinning-Bypass/temp/libgadget.config.so
Created script_file at: /home/Instagram-SSL-Pinning-Bypass/temp/libsslbypass.js.so
Patching for arm64-v8a
Extracting: lib/arm64-v8a/libmemalign16.so
Downloading firda-gadget-16.0.8-arm64-v8a.so.xz
[==================================================]
Patching: /home/Instagram-SSL-Pinning-Bypass/temp/lib/arm64-v8a/libmemalign16.so
Rebuilding apk file...
Running zipalign...
Signing apk...
Sucessful. Patched file at: ig3.apk
Additional context
Add any other context about the problem here.
I followed your burp documentation,and also installed Burp's CA certificate to my phone(real rooted device not emu),now if I try to log https history then only getting two requests related to "reliability_event_log_upload" and also tried with intercept on/off both way but result were same.
I tried patched APK that are in your repo and also tried frida script with untouched insta apk,If i use mitm proxy it works fine but only problem in burp and fiddler
it's can work on meta threads app?
i tried both 2 menthods on my android phone redmi notr 4 android 7 nothing worked. it is not intercepting connections.please check before posting.
Describe the bug
A clear and concise description of what the bug is.
Method
Patched APK or Frida
App info
Device info
Proxy tool
mitmproxy: v8.1.1
brup: v2022.5.2
Logs
Frida or logcat logs, screenshots, mitmproxy event logs, Brup event log.
Additional context
Add any other context about the problem here.
i just wanted to contact you but i am unable to send you message on twitter and i don't know your email address
thank you
Patched apk fails to install on Android R and above.
adb install output:
adb: failed to install instagram-v239.0.0.14.111-x86.apk: Failure [-124: Failed parse during installPackageLI: Targeting R+ (version 30 and above) requires the resources.arsc of installed APKs to be stored uncompressed and aligned on a 4-byte boundary]
Hi please check your mail, I have send the details about a project
Describe the bug
Instagram crashes right after start
Method
Patched APK with your python patcher
App info
Device info
Proxy tool
brup: v2023.2.3
Logs
logcat logs attached
logcat.logf
Additional context
The patched APK crashes right after start. The files from your repo work without issues.
Here is the stock apk (base.apk) from Google Play and the patched one.
https://drive.google.com/file/d/1VcSC7KZgS4HkGV6AL5_iUj04yXJmkN1m/view?usp=share_link
Any help to get this working is highly appreciated.
it look like than must connect mqtt.Facebook.com , but this link is socket .
Describe the bug
A clear and concise description of what the bug is.
Method
Patched APK
App info
Device info
Proxy tool
charles: v4.6.2
Additional context
有时候能用有时候不能用,能用的时候是可以正常抓包的,不能用的时候手机APP什么数据都加载不进来,APP一片空白
Tiktok ssl pinning can already bypass in rooted android phone/emulator. But I need the pached Apk to run on non rooted phone.
https://www.apkmirror.com/apk/tiktok-pte-ltd/tik-tok-including-musical-ly/tik-tok-including-musical-ly-25-4-4-release/
Describe the bug
While I start frida, the android app start but frida crash. The app don't crash on the device.
frida -U -l ~/instagram-ssl-pinning-bypass.js -f com.instagram.android
After, in mitmproxy, the TCP connection are still encrypted while I copy the mitmproxy certifica in /system/etc/security/cacerts/..
Method
Frida with the patched apk of the repo
App info
Device info
Proxy tool
mitmproxy: v9.0.1
Describe the bug
I can't get it to work. In my terminal i get :
Client TLS handshake failed. The client does not trust the proxy's certificate for infinitedata-pa.googleapis.com (OpenSSL Error([('SSL routines', 'ssl3_read_bytes', 'sslv3 alert certificate unknown')]))
While if I open the Chrome browser I can see the different requests with mitmproxy, and for that I installed the mitmproxy certificate. But in the patched app i only get this error, with tcp unusable informations.
(I tried with and without mitmproxy certificate and instagram patched app and it didnt work :/ )
Method
Patched APK
App info
instagram-v265.0.0.19.301-arm64-v8a.apk
Device info
Proxy tool
mitmproxy: v9.0.1
I'm making a instagram api wrapper, do u know how i can get notifications for events like, get a direct message
please fast as possible!
Hi, can you help me generate a query_hash for /api/v1/launcher/mobileconfig/ ?
SIGNATURE.{"bool_opt_policy":"0","mobileconfigsessionless":"","api_version":"3","unit_type":"1","query_hash":"dae17f1d3276207ebfe78f7a67cc9a04d4b88ff8c88dfc17e148fafb3f655b8e","device_id":"19ab534f-6663-4cf1-bc23-6b243c4db542","fetch_type":"ASYNC_FULL","family_device_id":"88E1F432-B994-45C1-A8CD-0BE4493E4004"}
I followed the Patch APK guide but when I installed the app on my phone it installs successfully but doesn't open. But when I installed an already patched version it works fine.
App info
Device info
Hi, can you add support for Facebook Lite please?
Describe the bug
Instragram has changed their implementation. While libliger.so is included in the APK, it does not seem to be called in the process of SSL certificate verification. On the otherhand, libliger-common_1.so is called, however, the function "_ZN8proxygen15SSLVerification17verifyWithMetricsEbP17x509_store_ctx_stRKNSt6__ndk112basic_stringIcNS3_11char_traitsIcEENS3_9allocatorIcEEEEPNS0_31SSLFailureVerificationCallbacksEPNS0_31SSLSuccessVerificationCallbacksERKNS_15TimeUtilGenericINS3_6chrono12steady_clockEEERNS_10TraceEventE" is not exported.
Tracing the socket close calls (as a result of failing cert verification), we can see that they are coming from libmobilenetworkstack.so:
4036 ms addr=10.0.2.16:42896, lr=0x6fb1e9393c, /data/data/com.instagram.android/lib-compressed/libmobilenetworkstack.so
Method
Frida
App info
Device info
Proxy tool
mitmproxy: v8.1.1
Logs
Frida log:
[][] Waiting for libliger...
[][+] Hooked checkTrustedRecursive
[][+] Hooked SSLContextInit
Additional context
Add any other context about the problem here.
Describe the bug
Hi, I am facing a bug with the Pre Patched apk. When I launch the app for the first time with Burp capturing, Everything seems fine, But when I close the app (after login) and relaunch, the request capturing just stops. Although the app works fine but nothing is captured anymore. Restarting the emulator doesn't help but I'm able to recapture requests by clearing data or reinstalling the app.
Method
Patched APK
App info
Device info
Proxy tool
brup: v2022.12.6
For windows after download build tool and run the patch.py show this print.
where exactly find keytool ?
How to use Burp Suite to sniffer Instagram api?
Hello, I have a doubt, because I am not using an emulator, it is a real machine, I can't go over the wall, how to use mitmproxy to capture packets.
if you know, please guide me, thank you very much.
Describe the bug
Everything was fine until last week, for now I can't do it.
I tried both frida and the patched APK, but I couldn't do both.
when I'm trying to login. long loading started and finally I got "An unknown network error has occured" Error
Method
Both APK and Frida
App info
Device info
Proxy tool
mitmproxy: v8.1.1
Logs
mitm-bypassed-apk.log
logcat-bypassed-apk.log
logcat-with-frida.log
mitm-with-frida.log
Additional context
These logs comes from genymotion
please check.
для ВК и ОК Viber WhatssApp можете сделать такие приложения без SSL ??
I tried using the frida script to bypass the pinning on my phone (arm64-v8a ABI) but it didn't work, i am still getting certificate errors for some reason?
Can you help me with this?
This bypass does not work on Instagram Lite
As itsMoji and my version Instagram introduced in the last 3 months something to check ssl unpinning, when opening the app the first time everything works good with the proxy, but when you close it and reopen it doesn't work anymore and doesn't load any picture. We should investigate maybe on smali source code. I will take a look
An idea would be to find the first version with this new security check and do diffing, but is a bit stressing I guess and will take a while, but is the only one that I have rn.
Nox Player works well but if after the restart you have to log out and log in again so that burp proxy works again.
happened to you too? always registering again after a restart?
Describe the bug
A clear and concise description of what the bug is.
Method
Patched APK or Frida
App info
Device info
Proxy tool
mitmproxy: v8.1.1
brup: v2022.5.2
Logs
Frida or logcat logs, screenshots, mitmproxy event logs, Brup event log.
Additional context
Add any other context about the problem here.
Describe the bug
after running the app it immediately crash for some reason ...
summary steps :
installed burp Certificates
downloaded IG app
downloaded js script
pushed frida and give it the permission
run frida
used the command frida -U -l .\instagram-ssl-pinning-bypass.js -f com.instagram.android
app starts then immediately crash
Method
Patched APK or Frida
App info
Device info
Proxy tool
brup: v2022.5.2
logcat
--------- beginning of system
--------- beginning of crash
--------- beginning of main
01-27 16:46:19.785 3901 3901 V INSTAGRAM_SSL_PINNING_BYPASS: [*][*] Waiting for libliger...
01-27 16:46:19.790 3901 3901 V INSTAGRAM_SSL_PINNING_BYPASS: [*][+] Hooked checkTrustedRecursive
01-27 16:46:20.011 3901 3901 V INSTAGRAM_SSL_PINNING_BYPASS: [*][+] Hooked SSLContextInit
01-27 16:46:28.457 4057 4057 V INSTAGRAM_SSL_PINNING_BYPASS: [*][*] Waiting for libliger...
01-27 16:46:28.459 4057 4057 V INSTAGRAM_SSL_PINNING_BYPASS: [*][+] Hooked checkTrustedRecursive
01-27 16:46:28.534 4057 4057 V INSTAGRAM_SSL_PINNING_BYPASS: [*][+] Hooked SSLContextInit
01-27 16:48:06.974 5326 5326 V INSTAGRAM_SSL_PINNING_BYPASS: [*][*] Waiting for libliger...
01-27 16:48:06.975 5326 5326 V INSTAGRAM_SSL_PINNING_BYPASS: [*][+] Hooked checkTrustedRecursive
01-27 16:48:06.992 5326 5367 V INSTAGRAM_SSL_PINNING_BYPASS: [*][+] Found libliger at: 0xc3d42000
01-27 16:48:06.997 5326 5367 V INSTAGRAM_SSL_PINNING_BYPASS: [*][+] Hooked function: _ZN8proxygen15SSLVerification17verifyWithMetricsEbP17x509_store_ctx_stRKNSt6__ndk112basic_stringIcNS3_11char_traitsIcEENS3_9allocatorIcEEEEPNS0_31SSLFailureVerificationCallbacksEPNS0_31SSLSuccessVerificationCallbacksERKNS_15TimeUtilGenericINS3_6chrono12steady_clockEEERNS_10TraceEventE
01-27 16:48:07.031 5326 5326 V INSTAGRAM_SSL_PINNING_BYPASS: [*][+] Hooked SSLContextInit
01-27 16:48:07.468 5510 5510 V INSTAGRAM_SSL_PINNING_BYPASS: [*][*] Waiting for libliger...
01-27 16:48:07.472 5510 5510 V INSTAGRAM_SSL_PINNING_BYPASS: [*][+] Hooked checkTrustedRecursive
01-27 16:48:07.540 5510 5510 V INSTAGRAM_SSL_PINNING_BYPASS: [*][+] Hooked SSLContextInit
01-27 16:48:36.406 5707 5707 V INSTAGRAM_SSL_PINNING_BYPASS: [*][*] Waiting for libliger...
01-27 16:48:36.407 5707 5707 V INSTAGRAM_SSL_PINNING_BYPASS: [*][+] Hooked checkTrustedRecursive
01-27 16:48:36.450 5707 5707 V INSTAGRAM_SSL_PINNING_BYPASS: [*][+] Hooked SSLContextInit
01-27 16:48:36.960 5707 5720 V INSTAGRAM_SSL_PINNING_BYPASS: [*][+] Found libliger at: 0xcefd6000
01-27 16:48:36.971 5707 5720 V INSTAGRAM_SSL_PINNING_BYPASS: [*][+] Hooked function: _ZN8proxygen15SSLVerification17verifyWithMetricsEbP17x509_store_ctx_stRKNSt6__ndk112basic_stringIcNS3_11char_traitsIcEENS3_9allocatorIcEEEEPNS0_31SSLFailureVerificationCallbacksEPNS0_31SSLSuccessVerificationCallbacksERKNS_15TimeUtilGenericINS3_6chrono12steady_clockEEERNS_10TraceEventE
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.