Being a QA Engineer you might have come across a situation when you want to have a look
at what API calls your iOS app is making.
The data which you are looking at, how it reaches you.
If you do a quick google search you will find there are numerous options available.
Then why mitmproxy?
For me, I prefer mitmproxy as it can be used within the shell.
Some of the other tools which get the job done are Charles Proxy and Burp Suite
mitmproxy comes very handy when you need to intercept network calls and gets the job
done with the very minimal effort required to set it up. For instance, you might want to
know what your favorite social app(What’s app, Instagram etc.) what data it is sending
behind the scenes.
The tool takes 10 minutes to install and get started with. This can be used across all
platforms but we’ll take the case for a macOS.
How Mitmproxy works
Mitmproxy sits in the middle of connection(classic man in the middle) between your
phone/computer and the internet.
For more information check out this blog.
We are going to look at the flow of traffic between our favorite app and the internet on large.
App sends information to Mitmproxy and then tell Mitmproxy to send all information to the
internet at large, which will then send back information and on and on. Your phone and
computer send information to a router which in turn directs it to the company’s servers or
mobile app you are trying to interact with. Mitmproxy decrypts SSL encrypted or HTTPS
traffic for you to see. The traffic is sent in packets. Mitmproxy unencrypts it for us by
installing a certificate on your phone or computer such that is sends Mitmproxy the
information which is easy to understand from a user’s perspective.
Installation
For folks using a mac machine, it’s a delight to set up mitmproxy and get it up and running.
Mitmproxy can be installed easily using Homebrew.
If you don’t have homebrew set up open the terminal and paste the following :
/usr/bin/ruby -e "$(curl -fsSL
https://raw.githubusercontent.com/Homebrew/install/master/install)"
Wait for the installation to be completed.
Install mitmproxy using :
brew install mitmproxy
Once the above step is done type mitmproxy in terminal window
mitm proxy first look
On a Mac Machine Go to System Preference → Network. On the left side, you can find
which network is working wifi or you are connected to a wired network. It is recommended
that you use wifi. Unplug the ethernet if you are connected to a wired network.
Click on Advance and click on TCP/IP tab. Check out the image for reference.
Network Settings
You’ll need the highlighted IPv4 address.
Setting up your iPhone
1. First, we need to send iPhone’s information to your computer.
2. Go to Settings → Wi-Fi and click on the blue “i” next to the name of the network your
iPhone is connected to then scroll Down to HTTP PROXY
3. Tap on Configure Proxy and Select manual. Use the Ipv4 address as server address and
port as 8080(mitm proxy works on 8080 as default)
Settinngs for an iPhone
4. Start mitmproxy on your Mac's terminal. On your iPhone launch safari and in address
bar type address mitm.it
5 . Select Apple and install the certificate. To verify go to Settings → General → Profile (iOS
11) and Settings → General → Device Management on iOS 9 and above devices.
We are almost there, to finish Navigate to Settings → General → About → Certificate Trust
Settings. (iOS 10 and above devices). Turn on the toggle button to trust the mitm root
certificate.
Horray! we are all good and ready to roll !.
You should see something like this on your computer while browsing your favorite app
which should show HTTP and HTTPS packets. No HTTPS means you have problems with
your certificate installation and no packets at all could indicate a problem with your
network settings.
Setting up your Android Phone.
1.For Android, you’ll have to navigate to Settings → WiFi. Long press on network name and
tap on Modify network.(Depends upon the device you are using)
2. Next step is to change the Proxy Settings. Tap on Show Advance options and you’ll
find Host Name, Port. Use the same information as we did when setting up the iPhone.
3. Open your favorite browser(Chrome) on your Android and address bar type address
mitm.it. This is similar to what we did on Safari while setting up the iPhone.
4. Open the certificate, as a security measure Android OS prompts you to set up a
pin/pattern if not set before. Refer to screenshot. You might want to save it with a name. In
my case, i saved it with mitm.
Now you should now be able to see traffic starting to appear in your terminal. I am
using Box app in my case to monitor http traffic.
Few Pointers :
If you hit ENTER on any request, you can see more information such as request and
response headers.
You can use TAB to switch between Request, Response and Detail tabs.
Hit q to go back to the request list.