Skip to content

culturally/Snapchat-SSL-Pinning-bypass-iOS

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
README.md
README.md
 
 

Repository files navigation

Snapchat

Snapchat iOS with SSL pinning bypassed / Snapchat with certificate pinning bypassed. Get your private api endpoints now!

Available to bypass latest iOS version.

Support Me

Bitcoin: 1DebianQ5wjKFQMa82rCtaZV79gF74YeiQ
Solana: 4a91vFCz8SjnqWiJpFuLWwWFpWdT9dZq13hG4o8icv2n
Litecoin: MFi28zedB78kaNiRpi9eBkFRTtGZNoxcWv

Info

  • Current version which was bypassed: 13.65 (13.65 is private and not for release)
  • You can now intercept all requests
  • iOS Only
  • Tested on iOS 15.4.1
  • Any support is appreciated

Installation

  1. Download the IPA file
  2. Sideload the file (I personally suggest Sideloadly or TrollStore)
  3. Set up the proxy before starting the app (Was tested only with mitmproxy)
  4. Intercept

Bypassed:

Icon Bundle ID Version File Type Download
com.toyopagroup.picaboo 13.25 IPA Click here
com.toyopagroup.picaboo 11.91 IPA Click here

Other apps

Facebook Instagram

Wanna learn how to bypass SSL pinning in apps or Do you have custom request for an App?

Message me on Telegram: @undecryptable Other apps available

Evidence

{B9BB51D6-381E-44FE-818F-FA6A56468A4F}

What is SSL pinning?

SSL pinning, also known as certificate pinning or public key pinning, is a security mechanism used in digital communication to enhance the security of a connection, particularly within the context of Secure Sockets Layer (SSL) or its successor, Transport Layer Security (TLS).

When a client (such as a web browser or a mobile app) connects to a server over HTTPS, the server presents its SSL/TLS certificate to prove its identity. Normally, the client verifies the server's certificate by checking if it is signed by a trusted Certificate Authority (CA). However, SSL pinning adds an extra layer of security by requiring the client to validate the server's certificate against a known, pre-configured set of certificates or public keys, rather than solely relying on the CA's trust chain.

You can learn and read about SSL Pinning here: https://yinsolutions.org/blogs/ssl-pinning.html

Disclaimer

This project is for educational purposes only. It demonstrates bypassing SSL pinning in binaries, such as those used by Snapchat, to help developers and researchers understand security vulnerabilities.

There is no intent to harm, exploit, or encourage illegal activities. If Instagram/Meta or any other party has concerns, please contact me at 0day@yin.sh, and I will address the issue or take down the project as requested.

Use of this project is at your own risk; the creator is not responsible for any misuse.

About

Snapchat without SSL certificate pinning for iOS. Latest version 13.25

Topics

api snapchat-api snap ssl-pinning certificate-pinning ssl-pinning-bypass snap-api snapchat-ssl-pinning snapchat-bypass certificate-pinning-bypass

Resources

Readme
Activity

Stars

7 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases 2

Snapchat13.25.ipa Latest
Feb 27, 2025
+ 1 release