How to sniff Pandora's API

[skiphansen]

I'm interested in trying to reverse engineer Pandora's play playlist API, but I don't know where to start. I've snipped the connection between my Android APP and Pandor's cloud while playing a playlist but all of the API comms are over a TLSV1.2 connection.

I gather that if I had the clear text I'd still need to use this tool to decrypt it further, but the links are dead and I don't know Dart.
I'm an embedded program and do 95% of my work in C.

Any hints on how to get the plaintext? Do I need to play DNS games and run an TLS proxy?

[hacker1024]

You will need a MITM tool and a way to get the Pandora app to trust a self-signed certificate (either by modding the app or Android itself).

My go-to is HTTP Toolkit (the free version is fine) and a rooted Android device (IIRC this can be an emulator). HTTP Toolkit sets everything up over ADB with one click.

For more advanced stuff, like scripting and my own Pandora MITM tool, I use mitmproxy - though this requires manually installing the CA on Android. I find this Magisk Module useful for that.