Intercept HTTP/HTTPS TLS trafficΒΆ

Use open source project mitmproxy and have visibility into what iOS apps (or anything else) are sending back to their mother ship.

  1. Launch mitmproxy:

docker run --rm -it -p 9080:8080 -p 9081:8081 mitmproxy/mitmproxy mitmweb --web-host 0.0.0.0

  1. Set up the proxy on the iPhone navigate to http://192.168.1.36/9080 and follow the instructions to install and trust the certificates. Some applications like instagram will not work as the app is using certificate pinning which will reject the mitmproxy generated CA. There is no way to work around certificate pinning without jailbreaking or patching the application code.

  2. View the live traces in http://192.168.1.36:9081/ similar to the network tab of the developer console in chrome.

To avoid installing the new CA every time use the below to persist the CA:

docker run --rm -it -v ~/blog/_static/projects/mitm:/home/mitmproxy/.mitmproxy -p 9080:8080 -p 9081:8081 mitmproxy/mitmproxy mitmweb --web-host 0.0.0.0

Comments

comments powered by Disqus