sunary/readme.md

## readme.md

      
    Raw
  

              readme.md
            
          
    Decompile android


Download apktool from https://ibotpeaches.github.io/Apktool/
Unpack apk file: java -jar d apktool.jar app.apk
Modify AndroidManifest.xml by adding android:networkSecurityConfig="@xml/network_security_config" attribute to application element.
Create file /res/xml/network_security_config.xml with following content:

<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<base-config>
    <trust-anchors>
        <certificates src="system" />
        <certificates src="user" />
    </trust-anchors>
</base-config>
</network-security-config>


Build patched apk: java -jar apktool.jar b app -o app_patched.apk
Generate keys to sign apk: keytool -genkey -alias keys -keystore keys
Sign apk file: jarsigner -verbose -keystore keys app_patched.apk keys
If necessary convert apk to jar for further analysis: d2j-dex2jar.sh app.apk
Source: https://stackoverflow.com/questions/52862256/charles-proxy-for-mobile-apps-that-use-ssl-pinning

rooted device


Android：

    JustTrustMe (based on Xposed)
    Android-SSL-TrustKiller (Cydia Substrate)


iOS：

    SSL Kill Switch 2 (based on Cydia)