https://github.com/culturally/facebook-ios-ssl-pinning-bypass
iOS Facebook with SSL pinning / certificate pinning bypassed. Latest version 483.0.0
https://github.com/culturally/facebook-ios-ssl-pinning-bypass
bypass certificate-pinning facebook facebook-api facebook-login fb ios ios-facebook ipa ssl ssl-certificates ssl-pinning
Last synced: 3 months ago
JSON representation
iOS Facebook with SSL pinning / certificate pinning bypassed. Latest version 483.0.0
- Host: GitHub
- URL: https://github.com/culturally/facebook-ios-ssl-pinning-bypass
- Owner: culturally
- Created: 2024-06-12T11:58:55.000Z (about 1 year ago)
- Default Branch: main
- Last Pushed: 2024-11-17T10:27:24.000Z (7 months ago)
- Last Synced: 2025-01-28T01:44:51.237Z (5 months ago)
- Topics: bypass, certificate-pinning, facebook, facebook-api, facebook-login, fb, ios, ios-facebook, ipa, ssl, ssl-certificates, ssl-pinning
- Homepage:
- Size: 283 KB
- Stars: 11
- Watchers: 1
- Forks: 5
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Facebook
Facebook iOS with SSL pinning bypassed / Facebook with certificate pinning bypassed.
Get your private api endpoints now!
## Support Me
**Bitcoin:** 1LightUfhnFKgZqcsfiKoxciQbPB384PqM
**Solana:** 4a91vFCz8SjnqWiJpFuLWwWFpWdT9dZq13hG4o8icv2n
**Litecoin:** MFi28zedB78kaNiRpi9eBkFRTtGZNoxcWv
## Info
- Current version which was bypassed: 466.0.0
- You can now intercept all requests
- iOS Only
- Tested on iOS 15.4.1
- Any support is appreciated
## Installation
1. Download the IPA file
2. Sideload the file (I personally suggest [Sideloadly](https://sideloadly.io/) or [TrollStore](https://github.com/opa334/TrollStore))
3. Set up the proxy before starting the app (Was tested only with mitmproxy)
4. Intercept
## Bypassed:
| Icon | Bundle ID | Version | File Type | Download |
| ------------------ |:------:|:------:|:------:|:------:|
| 
| [com.facebook.Facebook](https://github.com/culturally/Facebook-iOS-SSL-pinning-bypass/releases/download/483.0.0/Facebook483.0.0.ipa) | 483.0.0 | IPA | [Click here](https://github.com/culturally/Facebook-iOS-SSL-pinning-bypass/releases/download/483.0.0/Facebook483.0.0.ipa) |
| | [com.facebook.Facebook](https://github.com/culturally/Facebook-iOS-SSL-pinning-bypass/releases/download/466.0.0/Facebook466.0.0.ipa) | 466.0.0 | IPA | [Click here](https://github.com/culturally/Facebook-iOS-SSL-pinning-bypass/releases/download/466.0.0/Facebook466.0.0.ipa) |
## Wanna learn how to bypass SSL pinning in apps or Do you have custom request for an App?
Message me on Telegram: [@undecryptable](https://t.me/undecryptable)
Other apps available
## Evidence
## What is SSL pinning?
SSL pinning, also known as certificate pinning or public key pinning, is a security mechanism used in digital communication to enhance the security of a connection, particularly within the context of Secure Sockets Layer (SSL) or its successor, Transport Layer Security (TLS).
When a client (such as a web browser or a mobile app) connects to a server over HTTPS, the server presents its SSL/TLS certificate to prove its identity. Normally, the client verifies the server's certificate by checking if it is signed by a trusted Certificate Authority (CA). However, SSL pinning adds an extra layer of security by requiring the client to validate the server's certificate against a known, pre-configured set of certificates or public keys, rather than solely relying on the CA's trust chain.
## Disclaimer
This project is for educational purposes only. It demonstrates bypassing SSL pinning in binaries, such as those used by Instagram/Meta, to help developers and researchers understand security vulnerabilities.
There is no intent to harm, exploit, or encourage illegal activities. If Instagram/Meta or any other party has concerns, please contact me at [email protected], and I will address the issue or take down the project as requested.
Use of this project is at your own risk; the creator is not responsible for any misuse.