2

I just upgraded my Samsung Note 8 phone to Android OS 9.0 When I go to advanced wifi settings, I choose to use Proxy mode manually. Host: 192.168.1.8 Port: 8888 On the computer I turned on the Fiddler software to catch the packets. However, I could not catch any packets coming out from the phone. Before that I was using Android OS 8.0. I can still capture the packet using Fiddler Does Google have better security on Android 9.0

mincasoft
  • 311
  • 3
  • 10

1 Answers1

2

Not sure about your exact set up. I can recommend the following set up which generally works for me on all Android versions (including Android 9 / Pie). Note: this is app specific!

  1. Download and run mitmproxy (https://mitmproxy.org/)
  2. Set up the proxy for the device from the Wifi settings (probably like you did)
  3. Open browser on device and go to: http://mitm.it
  4. Download and install certificate
  5. Add the following to your app's AndroidManifest.xml: <application android:networkSecurityConfig="@xml/network_security_config" ... > ... </application>
  6. Add to your XML resource folder a file named network_security_config.xml and put the following contents:
<!-- SECURITY RISK -  This app's network data can now be intercepted!!! -->
<network-security-config>
    <base-config>
        <trust-anchors>
            <!-- Trust preinstalled CAs -->
            <certificates src="system" />
            <!-- Additionally trust user added CAs -->
            <certificates src="user" />
        </trust-anchors>
    </base-config>
</network-security-config>
  1. Rebuild and launch app, and now you should see the requests go through you mitmproxy (web or console interface)

NOTE: if you want to achieve the same for an already compiled app, you can still follow same logic and steps (use apktool for decompile and re-assemble), unless the developer pinned the certificate via code checks (also can be bypassed by hooking engines like https://www.frida.re). Still possible to circumvent, but outside of this question scope :)

glhfdd

Arseny Levin
  • 664
  • 4
  • 10
  • @ArunKumarMN please describe your full set up: which APK are you trying to monitor traffic for? is it your source code? did you manage to add the required `network_security_config.xml` as described above? can you use `apktool` to make sure the required xml is in there? did you install the mitmproxy certificate? – Arseny Levin Oct 25 '19 at 12:10
  • @ArunKumarMN also can you see non HTTPS traffic? or no traffic at all? – Arseny Levin Oct 25 '19 at 12:11
  • I'm tried different APK https://play.google.com/store/apps/details?id=com.pepkit.ssg – ArunKumar M N Oct 26 '19 at 03:32
  • @ArunKumarMN please try answering the other questions I raised in the comments above. Without these answers I'm having trouble helping you. – Arseny Levin Oct 27 '19 at 13:13
  • Fist of all it is not my source code. network_security_config.xml is already exists. So, I'm not using apktool. I have already installed mitmproxy certificate in my phone. And my mobile model is xiomi Redmi note 7 pro running on Android 9. – ArunKumar M N Oct 28 '19 at 00:45
  • it will not work without overriding values in `network_security_config.xml` to trust your custom certificate. `apktool` can help you do this. good luck! – Arseny Levin Oct 28 '19 at 14:00
  • The problem is, it is working in android without overriding values. But not in android 9 – ArunKumar M N Oct 29 '19 at 01:29
  • Android 7+ ignores all user-installed root certificates this means Android will not trust the Fiddler root certificate. You have to follow wat @ArsenyLevin said for Android versions above 7, and then try both MITMProxy and fiddler – hariszhr Dec 07 '19 at 14:58