Ch0pin
Bypassing Unity pinning possible?
Unity based applications have their own additional certificate checks like described for example in https://docs.unity3d.com/ScriptReference/Networking.CertificateHandler.ValidateCertificate.html
Your various unpinning modules are nice, but the universal and the specific ones both don't cover the Unity methods yet. Would be nice if you could extend your toolset.
Niantics Ingress, Blizzards Hearthstone Trading Card Game https://play.google.com/store/apps/details?id=com.micropets.runner&showAllReviews=true too
https://play.google.com/store/apps/details?id=se.maginteractive.quizduel2
too
Blizzards Hearthstone Trading Card Game doesn't use SSL pinning and neither does quizduel2. I couldn't install the micropetsrunner game to check.
The checks you mentioned are optional and don't seem to be implemented in these games.
@TheDauntless how did you get anything out of these applications other than firebase logging? I stand by my initial claim, these apps do not trust the android cert store with manually added system&user certificates.
@yoshimo Just booted the app again. This is the quiz app:
Yes, the payloads are encrypted, but that has nothing to do with SSL pinning.
For heartstone, there are requests to telemetry-in.battle.net and txql0v-inapps.appsflyersdk.com and a few that don't listen to proxy settings (api.blizzard.com and cdn.blz-contentstack.com). I don't know which data you're after specifically, but I haven't received any error related to TLS pinning on any of the Unity apps proposed in this thread.
This is all without any Frida or Medusa scripts or anything else that interferes with TLS verification. The only thing installed related to TLS is my MagiskTrustUser certs module
If you're having trouble MITM'ing, maybe try following my checklist.