Disabling OkHttp’s SSL Pinning on Android Apps

Using the Android emulator with a proxy.

Decompiling the App

Decompiling an app with apktool.

Removing the pin

Finding uses of CertificatePinner with grep.
Adding a certificate in Smali.

Rebuilding the APK

Rebuilding the APK.
Generating a key using keytool.

--

--

--

I’m a cybersecurity consultant who develops software. I help agile teams deliver secure digital experiences to their customers.

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Jonathan Cooper

Jonathan Cooper

I’m a cybersecurity consultant who develops software. I help agile teams deliver secure digital experiences to their customers.

More from Medium

Android Studio & HMS Core Kit Integration

Android Studio

Creating a Custom Month and Year Picker in Android

HMS Core Integration with Android Studio 4.1.1 — part 1

How to use LiveData in Android