I am working on analyzing Android applications from my phone using MITM Proxy. My Android phone version is 4.4.2, SDK is 19 and its rooted. I have performed all WiFi configurations required for MITM. Using manual proxy with the Proxy hostname and gateway set as IP address of host machine and port as 8080. When I run proxy, I can see traffic and clientconnect
message logs which represent that proxy is working just fine. The problem occurs when I analyze the applications like Whatsapp, Facebook etc or open Google browser on my phone. The messages I send through WhatsApp don't get delivered to the recipient during the session. The account details inserted in Facebook form don't get forwarded and display Check your internet connection settings message. The only service that works over the internet is the email. Any attachments sent over email get delivered successfully to the receivers. All other applications fail to work due to connectivity issue.
When I reviewed the proxy communication logs being created for the mitm captured traffic, I could see the following message:
Client Handshake failed. The client may not trust the proxy's certificate for media-sin6-2.cdn.whatsapp.net.
Similar message was noticed in logs for Skype application. This indicates an issue with certificate pinning where the application might not be trusting the certificate provided by proxy. Interestingly, I have CA certificate for mitm installed in my phone added as trusted credential along with JustTrustMe application installed in Xposed Framework to kill SSL certificate pinning.
After going through a number of blogs, articles and tutorials on bypassing certificate pinning, I installed SSL-unpinning 2.0 module for Xposed framework. I tried unpinning both WhatsApp and Skype one by one but it didn't work either. I don't need to patch codes or decompile apk source code. Please guide how can I make my analysis work through bypassing the SSL certificate pinning without making use of BurpSuite/Frida tools.
The sources I reviewed before posting are the following:
https://kov4l3nko.github.io/blog/2018-01-21-justtrustme-android-ssl-pinning/
https://blog.dewhurstsecurity.com/2015/11/10/mobile-security-certificate-pining.html
https://stackoverflow.com/questions/61710190/mitmproxy-not-showing-traffic-for-android-app?rq=1
https://stackoverflow.com/questions/57993712/no-internet-connection-in-android-after-using-mitmproxy
https://www.welivesecurity.com/2016/09/08/avoid-certificate-pinning-latest-versions-android/
Android SSL trust killer mitigation?
Is there no way to bypass certificate pinning without patching apps?
Disable or bypass SSL Pinning/Certificate Pinning on Android 6.0.1