2023-06-14

mitmproxy

https://docs.mitmproxy.org/stable/

mitmproxy is a set of tools that provide an interactive, SSL/TLS-capable intercepting proxy for HTTP/1, HTTP/2, and WebSockets.

This post shows you how to intercept network traffic from iPhone using mitmproxy on Mac.

Install mitmproxy on Mac

❯ brew install mitmproxy

Run mitmproxy

❯ mitmproxy

Get IP address from Mac

System Preferences -> Network -> Wi-Fi -> Advanced... -> TCP/IP -> IPv4 Address: 10.0.0.3 (your IP will differ)

or run following command

❯ ifconfig en0 | grep netmask | awk '{print $2}'
10.0.0.3

Configure iPhone to use mitmproxy

Settings -> Wi-Fi -> (i) -> HTTP PROXY | Configure Proxy

  1. Off -> Manual
  2. Set Server to IPv4 address from above
  3. Set Port to 8080
< Back      Configure Proxy

Off
Manual                   ✅
Automatic

Server              10.0.0.3
Port                   8080

Download configuration profile

Visit http://mitm.it with Safari on your iPhone.

If you see below message when visiting http://mitm.it, make sure: (1) mitmproxy is running and (2) iPhone is configured to use mitmproxy from above.

If you can see this, traffic is not passing through mitmproxy

On http://mitm.it, click Get mitmproxy-ca-cer.pem for iOS -> Allow

This website is trying to download a configuration profile. Do you want to allow this?

                        Ignore   Allow

Click open Show Instructions (below Get mitmproxy-ca-cer.pem) and follow the instructions.

iOS 13+

1. Use Safari to download the certificate.
   Other browsers may not open the 
   proper installation prompt.
   
2. Install the new Profile (Settings ->
   General -> VPN & Device
   Management).

3. Important: Go to Settings -> 
   General -> About -> 
   Certificate Trust Settings.
   Toggle mitmproxy to ON.

1. Use Safari to download the certificate

We just downloaded above.

2. Install the new Profile

Settings -> General -> VPN & Device Management

Select the downloaded profile, mitmproxy.

VPN                     Not Connected >

Sign In to Work or School Account...

DOWNLOADED PROFILE
mitmproxy                             >

Press Install -> confirm Install

Cancel     Install Profile     Install

mitmproxy

Signed by   mitmproxy
            Not Verified
Contains    Certificate

More Details                         >

Remove Downloaded Profile

Profile is installed.

         Profile Installed        Done

mitmproxy

Signed by   mitmproxy
            Verified ✅
Contains    Certificate

More Details                         >

3. Certificate Trust Settings

Settings -> General -> About -> Certificate Trust Settings

Toggle mitmproxy to ON

< About     Certificate Trust Settings

Trust Store Version         2023032800
Trust Asset Version                 20

ENABLE FULL TRUST FOR ROOT CERTIFICATES
mitmproxy                        (🔘 )

Learn more about trusted certificates

Ready

Run mitmproxy or mitmweb

❯ mitmweb

[00:06:12.402] HTTP(S) proxy listening at *:8080.
[00:06:12.404] Web server listening at http://127.0.0.1:8081/

Use

Now use your iPhone and network traffic from/to your iPhone will be logged on http://127.0.0.1:8081