From 557e9fb9f535e6db3af634bf2c36114f17b14e42 Mon Sep 17 00:00:00 2001
From: eleguevel <eleguevel@quarkslab.com>
Date: Tue, 29 Nov 2022 11:06:01 +0100
Subject: [PATCH] fix(agent): okhttp3 sslpinning bypass

From https://github.com/sensepost/objection/pull/572#pullrequestreview-1156159313
---
 agent/src/android/pinning.ts | 31 +++++++++++++++++--------------
 1 file changed, 17 insertions(+), 14 deletions(-)

diff --git a/agent/src/android/pinning.ts b/agent/src/android/pinning.ts
index c1522910..b78764ae 100644
--- a/agent/src/android/pinning.ts
+++ b/agent/src/android/pinning.ts
@@ -144,20 +144,23 @@ const okHttp3CertificatePinnerCheckOkHttp = (ident: string): any | undefined =>
   return wrapJavaPerform(() => {
     try {
       const certificatePinner: CertificatePinner = Java.use("okhttp3.CertificatePinner");
-      send(c.blackBright(`Found okhttp3.CertificatePinner, overriding CertificatePinner.check$okhttp()`));
-
-      const CertificatePinnerCheckOkHttp = certificatePinner.check$okhttp.overload("java.lang.String", "u15");
-
-      // tslint:disable-next-line:only-arrow-functions
-      CertificatePinnerCheckOkHttp.implementation = function () {
-        qsend(quiet,
-          c.blackBright(`[${ident}] `) + `Called check$okhttp ` +
-          c.green(`OkHTTP 3.x CertificatePinner.check$okhttp()`) +
-          `, not throwing an exception.`,
-        );
-      };
-
-      return CertificatePinnerCheckOkHttp;
+      const CertificatePinnerCheckOkHttpOverloads = [];
+
+      certificatePinner["check$okhttp"].overloads.forEach((overload) => {
+          // preserve the implementations so that we can create a proper job
+          CertificatePinnerCheckOkHttpOverloads.push(overload);
+
+          // get the argument types for this overload
+          const calleeArgTypes = overload.argumentTypes.map((arg) => arg.className);
+          send(c.blackBright(`Found okhttp3.CertificatePinner.check$okhttp(${calleeArgTypes.join(", ")}), overriding ...`));
+          overload.implementation = function () {
+              qsend(quiet, c.blackBright(`[${ident}] `) + `Called check$okhttp ` +
+                  c.green(`OkHTTP 3.x CertificatePinner.check$okhttp()`) +
+                  `, not throwing an exception.`);
+          }
+      });
+
+      return CertificatePinnerCheckOkHttpOverloads;
 
     } catch (err) {
       if ((err as Error).message.indexOf("ClassNotFoundException") === 0) {