Hey community!
This module disables the freshly introduced (v.0.30.0) certificate pinning of the Pokemon Go app, making MITM interception/analysis/projects working and possible again.
Download
Download from Xposed repo: repo.xposed.info/module/de.rastapasta.android.xposed.pokemongo
Or from GitHub: github.com/rastapasta/pokemon-go-xposed
Background:
I'm a developer of some Pokemon Go MITM projects (like github.com/rastapasta/pokemon-go-mitm) and got confronted with the freshly introduced certificate pinning in the newest Pokemon Go version. The native code requests the certificate trust chain of the connection to the API and checks if the certificates are issued by the correct authorities.
To fix that, I simply hooked into com.nianticlabs.nia.network.NianticTrustManager's checkServerTrusted method and made sure that the requested trust chain is always identical to the expected version.
Enjoy!
This module disables the freshly introduced (v.0.30.0) certificate pinning of the Pokemon Go app, making MITM interception/analysis/projects working and possible again.
Download
Download from Xposed repo: repo.xposed.info/module/de.rastapasta.android.xposed.pokemongo
Or from GitHub: github.com/rastapasta/pokemon-go-xposed
Background:
I'm a developer of some Pokemon Go MITM projects (like github.com/rastapasta/pokemon-go-mitm) and got confronted with the freshly introduced certificate pinning in the newest Pokemon Go version. The native code requests the certificate trust chain of the connection to the API and checks if the certificates are issued by the correct authorities.
To fix that, I simply hooked into com.nianticlabs.nia.network.NianticTrustManager's checkServerTrusted method and made sure that the requested trust chain is always identical to the expected version.
Enjoy!
No comments:
Post a Comment