For a project working I need to inspect the HTTP requests sent and received from my Android device. I'm using this tool Fiddler2 to monitor the traffic. In order to get it working I had to pass the traffic through a proxy. Now my phone is a Huawei U8180. Its runs Android 2.2 so it doesn't have a direct way to proxy settings. I used this app called Proxy Settings to gain access to set the proxy settings.
It almost works. I can see the traffic say, if I navigate to a website using the proxy web browser in that app (The app comes with a proxy browser). But not using my phone's normal browser. Neither I can see any HTTP requests sent by any of my apps installed in my device.
If anyone has any experience using Fiddler2 with Android, I'd really appreciate your input. I'm open to try any other alternatives to accomplish this if you got any.
Thanks.
Typically, Android users will use a tool like iptables to capture traffic from apps that don't support a proxy setting. This has some implications for HTTPS decryption; see the Fiddler Discussion Group (Help > Fiddler Community) for discussion of how to adjust Fiddler's HTTPS settings to accommodate iptables-redirected HTTPS connections.
Related
I have an android phone that I want to monitor the HTTP/https traffic using tools like CHARLES PROXY
but the phone not on the same network as the CHARLES PROXY host. is there a way to do that without using an external server?
There is no need for an external server. You need to route the traffic from your phone to the device where the intercepter is running. You could create a mitm setup with a tool like https://mitmproxy.org/. Btw you will need a routed phone, something like xposed-ProxyOn.. Then you can intercept app specific traffic. But if you try to intercept https traffic from apps they use certificate pinning you wont get a connection to the app server
Recently I have a problem in inspecting network requests and responses happened in Android System WebView.
The problem is that our app sometimes failed to load some urls with Android System WebView, but we can not get enough information to trace these cases.
Tools like Fiddler or Charles have some limitations like I should have access to that Android device, right?
And I also tried tools like Chrome Remote Debugging, this tool was amazing to debug problems in Android System WebView, but I should have Android device and development machine connected via USB, right?
So, is there any helpful things for me to inspect network requests and responses happened in Android System WebView remotely?
Thanks all.
Use Charles Proxy for inspecting network requests, it is pretty easy to use
this article will help
https://medium.com/#hackupstate/using-charles-proxy-to-debug-android-ssl-traffic-e61fc38760f7
add ssl proxy settings for the domain you want so that you can see the responses and requests clearly with headers and value you are sending in the body or in headers
if you want only remote debugging in chrome for webview
follow this
https://developers.google.com/web/tools/chrome-devtools/remote-debugging/?utm_source=dcc&utm_medium=redirect&utm_campaign=2016q3
I want to monitor HTTPS traffic from my application to remote server. I am trying to follow this instruction and it works for HTTP (without s), but not for HTTPS.
What is wrong? Should I write some custom code in my application to use https-proxy ?
The easiest way to do this is to use CharlesProxy to proxy your device or emulator traffic for you. The only extra step you need to do is to install the CharlesProxy SSL certificate on your device/emulator which is very straight forward:
Download the certificate from Charles Proxy (it's in their help menu) and place it on your device, then install via security settings on your device.
You then configure your device or emulators network connection to use a manual proxy and set it to the Charles Proxy address and port. Enable SSL proxying and your SSL connections will be securely routed end-to-end via Charles and Charles will be able to show you the content of requests and responses in the clear.
I'm using WireShark for sniffing, it allow you to monitor and filter raw data. But because you using https and all transactions encrypted i suppose it can't help you. May be you can switch from https to http for debug, and later when all will be works fine change protocol back to https
Do you mean you can't see the traffic at all or do you get it encrypted? Is this a web application or native application? which Android version are you using? phone or emulator?
Normally, if you set up the proxy properly, you will get the traffic, but encrypted so you can't read it. In order to see the actual content in Fiddler you would need your device to trust Fiddler's root certificate (used to create fake certificates on the fly). See this:
http://www.fiddler2.com/fiddler/help/httpsdecryption.asp
Unfortunately, I have not found a way to add root certificates to an android device other than
rooting it and replacing the certificate store (like this)
https means http secure, so it obviously can't be sniffed so easily. what would be the point if it would be the same unsecure thing as normal http?
you have to learn a bit more about secure network comunications. or, long story short, at least you will have to learn how to use a specilly devised http proxy like charles http://www.charlesproxy.com/documentation/welcome/ so you will be able to monitor you own https traffic in a clear form.
Would anyone know how to configure the emulator to make ssl connections via a proxy ?
I use the -http-proxy option when starting the emulator. I can access any website except those with https protocol.
Any idea ?
I've experienced similar problems with Android during a web project lately. The site works fine using ordinary HTTP from Android but when using HTTPS it works now and then. Some requests just fail and we get "Web page not found"-errors. The connections are sometimes very slow. After some further tests and investigation I found out that the problem was general for all HTTPS sites, not only for our site.
According to a bug report for Android others are reporting the same problem and Android has been hit by it since version 1.5:
http://code.google.com/p/android/issues/detail?id=3334
I removed the APN proxy in my HTC Desire, as stated in the bug report above, and then Android performed as expected on HTTPS sites. For our purpose we have made an exception for Android telephone so they are routed to the ordinary HTTP site instead.
In other words, it seems like Android has a general problem with proxies and that may be the cause of problem with the emulator. Vote on the bug, just follow the link above.
There are several possible reasons for that:
Can you access the HTTPS site with your real phone? If not, then probably the involved certificate is not considered as trusted from the app/webview. If you need to consider a certificate as trusted within your app, look at the following tutorial
Can you access HTTPS sites at all via your proxy from a webbrowser? Our enterprise proxy server does not allow HTTPS traffic (for whatever reason) at all. You could also sniff the traffic with Wireshark etc. to see if anything is sent back from the proxy or an error occurred.
What type of problem did you get when you try to connect to the website? Can you provide a stacktrace or LogCat output?
I'm at complete odds over configuring a proxy to inspect the HTTP(S) traffic for the app I'm developing. I've tried running Fiddler2 and Charles Web Proxy, both run on 127.0.0.1:888, and starting up the Android emulator with the parameter:
-http-proxy http://127.0.0.1:8888
To test it out I open the Android browser. I see in Fiddler2 that the request is routed through the proxy. However, only RARELY does the request receive a successful response. In most, and when I say most I mean 99% of the time, the request is retried and fails again with the Android browser telling me "The server failed to communicate".
Has anyone found a way to configure Fiddler2 or Charles for debugging HTTP(S) traffic through the Android emulator?
The -http-proxy emulator option works for me (with a real HTTP proxy behind it), so not sure what the problem with Charles would be.
An alternative is to capture the network traffic directly, then analyse it afterwards using Wireshark — which can do SSL decryption, if you have the private key.
I was able to view the traffic with an HTTP sniffer instead of a proxy. I used HTTPScoop, which is a nice little app.
Also the nice thing about using HTTPScoop is that I can also see traffic on my actual device when I turn on internet sharing and have my phone use the wifi from my mac. So this is a good deal for debugging what happens on the phone itself AND the emulator.
This way it doesn't matter what emulator you use, because the sniffer sees the traffic independent of the emulator, device, compiler settings etc.
I had the same problem with Charles using the Emulator from the Android development tools r12. It should be working when you download r11 and replace the emulator in r12 with the one from r11. The bug is tracked here.
To get r11 copy the download link from the download page and change r12 to r11.