Review App Session Cookies

On you are logged into the mobile app, a session is established from the back-end server.

Set-Cookie Information

The android-okhttp-connections.js script will show the response headers, including the set-cookie: header or the Authorization: header which you can evaluate:

frida -U -l android-okhttp-connections.js -f com.godaddy.gx.go

Set-Cookie Example:

Found instance: :status: 200
content-type: application/json; charset=utf-8
date: Wed, 11 Jan 2023 21:30:40 GMT
set-cookie: AWSALB=UhrRSZ5/oc/w8vexUs3na5K5HMXlIX0c3kM1HamGLyG616Zhfzp6jYbtvykNWhUkGnwIzpLC7K7hkRVDdX+LMgxWyl+GDeZzHLmwUaLge0sEOUyWoVpZMOKHLpHb; Expires=Wed, 18 Jan 2023 21:30:40 GMT; Path=/
set-cookie: AWSALBCORS=UhrRSZ5/oc/w8vexUs3na5K5HMXlIX0c3kM1HamGLyG616Zhfzp6jYbtvykNWhUkGnwIzpLC7K7hkRVDdX+LMgxWyl+GDeZzHLmwUaLge0sEOUyWoVpZMOKHLpHb; Expires=Wed, 18 Jan 2023 21:30:40 GMT; Path=/; SameSite=None; Secure
last-modified: Wed, 11 Jan 2023 21:30:40 GMT
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
set-cookie: poynt-production=s%3AV-9XGI8kUgChE6hpDDDDDfAfu5ny8aOE.tp8S%2BHZimTq5pNp7M8iIcDIC7bx6FHGhquPYStK8LBc; Domain=poynt.net; Path=/; Expires=Thu, 12 Jan 2023 21:30:40 GMT; HttpOnly; Secure
content-encoding: gzip
x-envoy-upstream-service-time: 31
set-cookie: 
set-cookie: fb_sessiontraffic=S_TOUCH=&pathway=ddb3f4f7-1042-4f6f-a749-1edcbe12e7ef&V_DATE=&pc=0; Path=/; Domain=poynt.net; Expires=Wed, 11 Jan 2023 21:50:40 GMT
set-cookie: pathway=ddb3f4f7-1042-4f6f-a749-1edcbe12e7ef; Path=/; Domain=poynt.net; Expires=Wed, 11 Jan 2023 21:50:40 GMT
set-cookie: visitor=vid=ddb3f4f7-1042-4f6f-a749-1edcbe12e7ef; Path=/; Domain=poynt.net; Expires=Wed, 10 Jan 2024 21:30:40 GMT
server: envoy
x-cache: Miss from cloudfront
via: 1.1 e28b02d9b123DDbf45d9d0b6b0d179c.cloudfront.net (CloudFront)
x-amz-cf-pop: ATL59-P1
x-amz-cf-id: QO3oFe3Icn7AAAAApfOq98nM5p_0z5DW6gWeMfSmKYM6JyP9QZNzGw==

Authorization Example:

--------------
 -- Method -- 
POST
--------------
Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI3ZDM4YmZkMS1hZjBmL...
POYNT-REQUEST-ID: 29f7777e-446b-4f86-b77b-784f0c03842f
Poynt-Source-App: com.godaddy.poskit
Content-Type: application/json; charset=UTF-8
Content-Length: 168
Host: reporting.poynt.net
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: okhttp/4.9.1