0

In a topology like:

phone --> proxy (man in the middle) --> server

Where the proxy is supposed to capture the packets that are sent from my phone, which I would like to visualize on Wireshark, what are the possible reasons for the proxy to not intercept the packets?

By the way, I've installed on my phone a certificate that the proxy trusts.

My proxy is listening at port 8080 by default, so I redirected the traffic coming from ports 80 and 443 to 8080.

I've tried this with mitmproxy and charles but none of them intercepts the packets. They enable me to intercept browser traffic and the traffic coming from applications like Instagram, WhatsApp... but not the traffic coming from the application (on my phone) I am interested in. I am using an android device.

It's been more than 2 weeks that I am trying to solve this problem or just understand why is it happening? Thank you.

yosra
  • 702
  • 1
  • 11
  • 24
  • 1
    Which android OS version you have on your device? Since Android 7, the trusted CA is changed https://android-developers.googleblog.com/2016/07/changes-to-trusted-certificate.html, you have to enable network security configuration in your manifest xml https://developer.android.com/training/articles/security-config or use emulator/devices with android 6 – Kevin Cui May 31 '19 at 17:19
  • Hi @KevinCui Yes you are right! But I am on Android 6.0.1. I've tried using Xposed along with SSLUnpinning so I can bypass the certificate verification that my app may be doing (BTW I'm working in production environment) but it doesn't work, neither my proxy nor wireshark (which is installed on my proxy) intercept packets from the application. – yosra Jun 03 '19 at 08:14

0 Answers0