Hi All!
I’ve just started to use mitmproxy to reverse engineer an Android app (after working around the certificate pinning it does). But I’ve hit a bit of a problem at this point, namely the following error message:
TlsException("SSL handshake error: Error([('SSL routines', 'ssl3_read_bytes', 'sslv3 alert handshake failure')],)",)
I can see the outgoing requests (URLs and headers), from the client (the app), but nothing from the upstream server.
It seems that a potential solution is to compile my own Openssl with SSLV3 support, as described here, which I did, however, no dice. I’ve also tried changing the ssl_version_server and ssl_insecure options.
So my question is: Is there anything else I can do ?
Is there a way to see what particular version of SSL / TLS and cyphers the app / client used on its request ? (So I can use those exact ones) ?
The SSL Labs report for the site is here: https://www.ssllabs.com/ssltest/analyze.html?d=api.aliexpress.com, and it also works fine both in browser and curl (giving the expected 404).
After a bit more digging, it also works in the browser on the device, giving the 404 message, and, i do actually get the proper response from the server if I hit “replay” in mitmproxy. So why is it initially failing ? I’m starting to think that it’s the app doing something strange.
Any ideas ?
Thanks 