I have configured the android Phone (Samsung Galaxy S8) to use proxy. I can connect to mitm.it. I can also see some requests captured by Mitmproxy.
However, I got no internet connection when I try to search anything in Google.
Any hints on what happened and how to fix it?
Android 7.1 and higher do not longer allow the use of custom certificates manually added by the user but if you have a phone with super user access, you can make it work via ADB.
Android stores its system certificates in /system/etc/security/cacerts/. If you take a look at your device, you will see that the certificates have hashed names, eg. "a1234b0d.0". To intercept app traffic, you need to find out the hash of your certificate
openssl x509 -inform PEM -subject_hash_old -in mitmproxy-ca-cert.pem | head -1
Then rename your certificate accordingly
mv mitmproxy-ca-cert.pem <your_hash_value_in_here_without_carets>.0
And finally move it to where your device's system certificates are. For this, however, you need to remount the system directory first in order to get write access
adb shell su -c "mount -o rw,remount,rw /system"
adb push your_certificate /sdcard/your_certificate
adb shell su -c "mv /sdcard/your_certificate /system/etc/security/cacerts/your_certificate"
adb shell su -c "chmod 644 /system/etc/security/cacerts/your_certificate"
adb reboot
If that doesn't work, I can remember (not the source, though) reading about Android Nougat also not regarding certificates that expire in more than 2 years. The certificates created by mitmproxy should be fine. Burpsuite or Fiddler ones did not work for me though.
Google Apps use certificate pinning and so it can detect the "fake" http://mitm.it/cert/pem that you downloaded to your phone.
