I have an android phone that I want to monitor the HTTP/https traffic using tools like CHARLES PROXY
but the phone not on the same network as the CHARLES PROXY host. is there a way to do that without using an external server?
There is no need for an external server. You need to route the traffic from your phone to the device where the intercepter is running. You could create a mitm setup with a tool like https://mitmproxy.org/. Btw you will need a routed phone, something like xposed-ProxyOn.. Then you can intercept app specific traffic. But if you try to intercept https traffic from apps they use certificate pinning you wont get a connection to the app server
Related
Is there a way to send network traffic from an Android application to a computer, without using another app. Something like embedding a proxy inside the application. I am currently using PCAPdroid to accomplish this, but would like to do it without an app.
I am currently using PCAPdroid to send traffic from an app on my phone to my PC, in order to analyze it's HTTPS traffic.
I have the following setup:
Mobile Clients (Android and iOS) are communicating with 3 servers directly using HTTPS rest requests with json body.
I want to host a server in the middle and send all requests when the application is used in one of the non-PROD environments and log every request and response. In real time the developers or QAs to open a web page and see in real time every activity the application is doing.
Also: Apply some filters, for example only requests to a specific address, or everything but specific address. Apply delays and change the request/response body or status code - like in Fiddler.
In order to achieve this today I have to host Fiddler or Charles proxy and setup the computer as proxy server to every device.
What can you advise me to use?
You can host a Fiddler proxy on your server. Also in the Fiddler settings, don't forget to mark the 'Decrypt HTTPS' setting if you want to see the HTTPS traffic.
Fiddler will give you a certificate which you will need to install on mobile devices so that Fiddler can decrypt HTTPS connections.
Set your proxy in the Wifi settings.
Make sure that your app uses the proxy settings which are set in the Wifi Settings. I have seen some apps which ignore the proxy settings.
you can setup a wifi proxy server and ask all the the devices to connect through that wifi proxy server...Now you can monitor traffic on that proxy server...
On Linux server you can use squid to setup wifi proxy -http://computernetworkingnotes.com/network-administrations/squid-server.html
To setup wifi proxy on android device go to Go to Settings/Wi-Fi-> "Show advanced options"-> "Proxy settings" and choose "manual"
For a project working I need to inspect the HTTP requests sent and received from my Android device. I'm using this tool Fiddler2 to monitor the traffic. In order to get it working I had to pass the traffic through a proxy. Now my phone is a Huawei U8180. Its runs Android 2.2 so it doesn't have a direct way to proxy settings. I used this app called Proxy Settings to gain access to set the proxy settings.
It almost works. I can see the traffic say, if I navigate to a website using the proxy web browser in that app (The app comes with a proxy browser). But not using my phone's normal browser. Neither I can see any HTTP requests sent by any of my apps installed in my device.
If anyone has any experience using Fiddler2 with Android, I'd really appreciate your input. I'm open to try any other alternatives to accomplish this if you got any.
Thanks.
Typically, Android users will use a tool like iptables to capture traffic from apps that don't support a proxy setting. This has some implications for HTTPS decryption; see the Fiddler Discussion Group (Help > Fiddler Community) for discussion of how to adjust Fiddler's HTTPS settings to accommodate iptables-redirected HTTPS connections.
Is it possible to route android gmail app traffic through my own HTTP proxy?
I know that I can install certificates onto android phone but I am not sure if gmail app has hard coded certificate information?
I was able to use Fiddler with Android ICS by changing proxy settings on wi-fi network
I want to monitor HTTPS traffic from my application to remote server. I am trying to follow this instruction and it works for HTTP (without s), but not for HTTPS.
What is wrong? Should I write some custom code in my application to use https-proxy ?
The easiest way to do this is to use CharlesProxy to proxy your device or emulator traffic for you. The only extra step you need to do is to install the CharlesProxy SSL certificate on your device/emulator which is very straight forward:
Download the certificate from Charles Proxy (it's in their help menu) and place it on your device, then install via security settings on your device.
You then configure your device or emulators network connection to use a manual proxy and set it to the Charles Proxy address and port. Enable SSL proxying and your SSL connections will be securely routed end-to-end via Charles and Charles will be able to show you the content of requests and responses in the clear.
I'm using WireShark for sniffing, it allow you to monitor and filter raw data. But because you using https and all transactions encrypted i suppose it can't help you. May be you can switch from https to http for debug, and later when all will be works fine change protocol back to https
Do you mean you can't see the traffic at all or do you get it encrypted? Is this a web application or native application? which Android version are you using? phone or emulator?
Normally, if you set up the proxy properly, you will get the traffic, but encrypted so you can't read it. In order to see the actual content in Fiddler you would need your device to trust Fiddler's root certificate (used to create fake certificates on the fly). See this:
http://www.fiddler2.com/fiddler/help/httpsdecryption.asp
Unfortunately, I have not found a way to add root certificates to an android device other than
rooting it and replacing the certificate store (like this)
https means http secure, so it obviously can't be sniffed so easily. what would be the point if it would be the same unsecure thing as normal http?
you have to learn a bit more about secure network comunications. or, long story short, at least you will have to learn how to use a specilly devised http proxy like charles http://www.charlesproxy.com/documentation/welcome/ so you will be able to monitor you own https traffic in a clear form.