|
|
|
|
|
|
by dingsbumps
3780 days ago
|
|
|
I might be misunderstanding you, but I don't think Public Key Pinning is intended to prevent this scenario at all. Public Key Pinning is a method for a client to authenticate a server. If you decompile the app and recompile it with the public key of your MITM server, the app would of course connect to your MITM server. Or, it seems to me, if you have that level of control over the client, you could just disable public key pinning checks completely. |
|
|