Added certificate pinning bypass support for httpclientandroidlib

camquyt23 · Sep 4, 2016 · d1761ca · d1761ca
1 parent 542f511
commit d1761ca
Showing 1 changed file with 25 additions and 0 deletions.
diff --git a/app/src/main/java/just/trust/me/Main.java b/app/src/main/java/just/trust/me/Main.java
@@ -60,6 +60,9 @@ public class Main implements IXposedHookLoadPackage {
     public void handleLoadPackage(final LoadPackageParam lpparam) throws Throwable {
 
         currentPackageName = lpparam.packageName;
+
+
+
         /* Apache Hooks */
         /* external/apache-http/src/org/apache/http/impl/client/DefaultHttpClient.java */
         /* public DefaultHttpClient() */
@@ -241,6 +244,7 @@ protected void afterHookedMethod(MethodHookParam param) throws Throwable {
                     // Hook OkHttp or third party libraries.
                     Context context = (Context) param.args[0];
                     processOkHttp(context.getClassLoader());
+                    processHttpClientAndroidLib(context.getClassLoader());
                 }
             }
         );
@@ -427,6 +431,27 @@ protected Object replaceHookedMethod(MethodHookParam methodHookParam) throws Thr
         }
     }
 
+    void processHttpClientAndroidLib(ClassLoader classLoader) {
+        /* httpclientandroidlib Hooks */
+        /* public final void verify(String host, String[] cns, String[] subjectAlts, boolean strictWithSubDomains) throws SSLException */
+        Log.d(TAG, "Hooking AbstractVerifier.verify(String, String[], String[], boolean) for: " + currentPackageName);
+
+        try {
+            classLoader.loadClass("ch.boye.httpclientandroidlib.conn.ssl.AbstractVerifier");
+            findAndHookMethod("ch.boye.httpclientandroidlib.conn.ssl.AbstractVerifier", classLoader, "verify",
+                    String.class, String[].class, String[].class, boolean.class,
+                    new XC_MethodReplacement() {
+                        @Override
+                        protected Object replaceHookedMethod(MethodHookParam methodHookParam) throws Throwable {
+                            return null;
+                        }
+                    });
+        } catch (ClassNotFoundException e) {
+            // pass
+            Log.d(TAG, "httpclientandroidlib not found in "  + currentPackageName  + "-- not hooking");
+        }
+    }
+
     class ImSureItsLegitTrustManager implements X509TrustManager {
         @Override
         public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { }