I am trying to access an secure url by using a DefaultHttpClient.
I am creating BKS file using portecel tool.
The jks file created using the same is working fine in java program but the bks is throwing the following exception:
java.io.IOException: Read error: Failure in SSL library, usually a protocol error
I am able to open the bks file in a keystore explorer and see the details.
The same is working fine in Android 2.3 but not in 2.2
let me know if anybody has faced such problem and solved it.
I encountered the same problem in one of my applications. After googling a bit I found a bugreport from k9mail which refers to this bugreport on Android 2.2 and some more posts all indicating this is a framework bug in 2.2.
I found several sources like this one mentioning that importing the certificates server-side has to be done in some specific order, in order for Android to accept it. Since I have no control over the server I didn't pursue this option and I have no clue if it actually works; however, it might be interesting for you to investigate further.
Check whether the server want client authentication.
I had this problem with Retrofit Library. I solved this change, "https://10.0.3.2:4567" to "http://10.0.3.2:4567" in my URL connection.
Related
I'm really new to android traffic intercepting. I just wanted to intercept a 3rd party app's API requests for some research. I started from official frida docs and reached up to the step unpinning the SSL certificate using this guide.
I managed to successfully setup frida server on android device and it's running fine.
But whenever I try to bypass any app's certificate pinning I'm getting the same error below. I have tried many different apps having certificate pinning and all results the same error.
I'm using the following command for unpinning.
frida -U -l ./frida-script.js -f tech.httptoolkit.pinning_demo
I'm using this script to bypass certificate pinning and getting the following results.
Spawned `com.snapchat.android`. Use %resume to let the main thread start executing!
Error: getPackageInfoNoCheck(): has more than one overload, use .overload(<signature>) to choose from:
.overload('android.content.pm.ApplicationInfo', 'android.content.res.CompatibilityInfo')
.overload('android.content.pm.ApplicationInfo', 'android.content.res.CompatibilityInfo', 'boolean')
at X (frida/node_modules/frida-java-bridge/lib/class-factory.js:569)
at K (frida/node_modules/frida-java-bridge/lib/class-factory.js:564)
at set (frida/node_modules/frida-java-bridge/lib/class-factory.js:932)
at <anonymous> (frida/node_modules/frida-java-bridge/index.js:224)
at <anonymous> (frida/node_modules/frida-java-bridge/lib/vm.js:12)
at _performPendingVmOpsWhenReady (frida/node_modules/frida-java-bridge/index.js:244)
at perform (frida/node_modules/frida-java-bridge/index.js:204)
at <anonymous> (/frida/repl-2.js:520)
at apply (native)
at <anonymous> (frida/runtime/core.js:51)
[Android Emulator 5554::tech.httptoolkit.pinning_demo]->
Using the %resume doesn't do anything and I still get error certificate rejected from the app server it's sending the requests to.
The error is same for even the demo app linked in the frida certificate unpinning guide.
Sorry if the explanation isn't enough and I'll be really thankful if someone is up to help.
Thank you.
Not 100% confirmed, but this appears to be a bug in Frida, either in the latest version of Frida (15.2.2) or Android (13).
See https://github.com/frida/frida/issues/2218 for more info.
Tim is correct, this is a bug, probably on a13 devices. The trick is to run %reload in the frida shell after the error, this will cause the script to run and magically no error
https://github.com/frida/frida/issues/2218#issuecomment-1239983236
After downloading Termux from the Google Play store, FDroid, and Github, I got the error
Unable to Install
Termux was unable to install the bootstrap packages.
Check your network connection and try again.
I looked through Github and found this this reply saying to try to connect to http://termux.net/bootstrap/ in a browser. I tried with the phone I'm trying to put Termux on (Galaxy s5 with Android 6.0.1) and got a response saying 'connection timed out'. I tried on my desktop which is on the same network, and got the same response. I made a simple python script using the requests module on a Replit server and got the same response with error 522.
It seems like the Termux.net website isnt working for some reason, maybe because of a WiFi setting that has to get changed? What else do I try?
Issue is that old links for bootstrap package for Android versions 5 and 6 are not available anymore, for example domain https://termux.net is down and you can not access it.
You can fix this issue by following this wiki:
https://github.com/termux/termux-app/wiki/Termux-on-android-5-or-6
You can install artifacts from this link:
https://github.com/termux/termux-app/actions/runs/2619084610
*Zipped APK file termux-app_v0.118.0+605dd6c-apt-android-5-github-debug_armeabi-v7a can be downloaded from this link:
https://github.com/termux/termux-app/suites/7230045376/artifacts/289921940
*Note: Direct APK link will only work if you are signed in with your GitHub account
works great, just download the apk from link above and install
Thanks nexayq, just make sure you allow installation from unknown sources in your android settings.
Tested on two phones the ones with armeabi64-v8a works to know this just download device info hw from playstore
I am getting problem while intercepting HTTPS requests in Burp (intercepting tool) from android emulator ,
I am successfully able to intercept HTTP (not HTTPS) requests via BURP in android emulator ,
I saw lot of tutorials, to first grab the .cert certificate from BURP in firefox , then convert it into android supporting format and copying it to android system .
This is the exact problem I am facing :
1. I am unable to convert that SSL certificate .
2. I tried just copying a dummy certificate just to test if copy pasting is working fine or not , I got error privileges error , I also tried
running command , "adb shell" and run that command adb push but still having problem to define the path of converted Certificate path , as my certificate is on main machine .
Hoping the solutions for both problems, Also it would be helpful If someone
can give me the exact command needed to convert that SSL Certicate .
Thanks
I am trying to authenticate my android application over a https connection to the server.
I a getting the following exception while trying to authenticate. While looked up for solution, there were lots of suggestions about binding certificate with apk, ignoring the certificate validation etc.
Detailed StackTrace
The problem is, in few phones and emulators this authentication over https works perfectly fine. And in my phone as well as in my emulator it doesn't go through. So looks like its more of a device issue than code one.
Has anyone else have faced this kind of issue and sorted out?
The error meaning is: the SSL certificate chain (from the server certificate to a trust anchor in the Root CA store) has been rebuild by the application but the validation of this chain failed for any reason.
In the stacktrace the underlying error is java.security.NoSuchProviderException: AndroidOpenSSL. It means that the application tries to instantiate a signature validation object with a cryptographic provider which is not present in the android system. This error makes me thinking that it may be an android version issue.
Can you tell us the target API level used to build your application? And what are the versions of the terminals on which the application works and does not work?
Normally when I right-click my app engine project and choose "Generate cloud endpoint client library" using the Google plugin for Eclipse, it generates the client libraries and automatically copies them into the Android client project.
However, for no apparent reason, the client library is no longer being copied to the client project. In fact, it has been removed (so now I have a lot of errors in my project because it can't find the libraries).
I've tried re-generating the client library which completes without any errors but the problem persists. Interestingly, it seems to complete the process slightly faster than it used to.
I've tried cleaning all projects.
I've tried manually adding the generated source folders from endpoint-libs, but I can't because the generated folders no longer exist. There is also no longer any reference to them in the Java build path for the client project.
I've tried checking out an older version of the code where I know the plugin worked, and the problem occurred there too which leads me to believe it is not a problem in my code.
I also tried deleting the project in eclipse and re-importing everything.
What happened? I've used the generate function many times before and it worked every time until now. I think it started after doing a project clean.
An Update
I followed the suggestion here and was able to generate the client library for one of my endpoints, but the actual .jar file which is needed was not generated (the generated readme file even specifically states the filename and location of the jar but it does not exist).
The issue tracker shows that this issue was resolved (https://code.google.com/p/googleappengine/issues/detail?id=9746).
Also #howettl posted above in the comments that this issue was fixed.
There were some questions in the issue tracking about remote servers being involved and the fix not requiring an update to the GPE. This appears to be related to the fact that there is a Google web service used by the GPE for generating some of the cloud endpoint code.
If this web service is not working (routing issue, server issue, etc), or you don't have a connection to the internet, you will not be able to generate (or regenerate) cloud endpoints for your project.
Also if your generation is slow, it might be due to your internet connection speed.