Skip to content

Instantly share code, notes, and snippets.

@ErykDarnowski

ErykDarnowski/README.md

Last active May 1, 2023 13:36
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save ErykDarnowski/eba75ddee6c41fd6bd9d632e21c048aa to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save ErykDarnowski/eba75ddee6c41fd6bd9d632e21c048aa to your computer and use it in GitHub Desktop.
Download ZIP
How to setup & use `mitmproxy` on Linux + Firefox / iOS
Raw
README.md

How to setup & use mitmproxy on Linux + Firefox / iOS

  1. Install it

    apt (Ubuntu / Debian / Mint) 
    sudo apt update -y
sudo apt upgrade -y

sudo apt install mitmproxy -y
    dnf (Fedora / CentOS / Red Hat Enterprise Linux) 
    sudo dnf check-update
sudo dnf upgrade -y

sudo dnf install python3-pip -y
pip install mitmproxy

    *Couldn't find a way to install it with dnf

    pacman (Arch) 
    yes | sudo pacman -Syu mitmproxy

    *Alternatively you can use a Docker image or pip

2. Configure it in the network settings

This example shows how it's done on GNOME (in this case Ubuntu):

  1. Open your network settings window
  2. Open the Network Proxy settings window 1
  3. Click Manual 2
  4. Remove the value from Ignore Hosts 3
  5. Input the address and port of mitmproxy 4

  1. Run it

    • mitmproxy: Nvim / Vim like TUI (Terminal User Interface)
    • mitmweb: WUI (Web User Interface)
    • mitmdump: a non interactive dump (like tcpdump)

  2. Setup the TSL certificate

    Firefox
    1. Click the hamburger menu in the top right corner.
    2. Click Settings -> Privacy & Security
    3. Scroll down to the bottom and click: View Certificates
    4. Make sure you're in the Authorities tab and click: Import
    5. In the file selector window, first make sure you have Show Hidden Files turned on and than select: ~/.mitmproxy/mitmproxy-ca-cert.cer
    6. Check the Trust this CA to identify websites checkbox and click Ok
    7. Click Ok again

    *If some pages sill have issues you have to clear Firefox's cache (to remove the HTTP Strict Transport Security (HSTS) pinned certificates) *For instructions on how to install certificates on other OSs, visit <mitm.it> (you need to have mitmproxy setup and running for this to work though)

    iOS
    1. Make sure you're on the same network as the machine that is running mitmproxy
    2. Open the Settings app
    3. Tap Wi-Fi -> The blue i icon next to the name of the Wi-Fi network you'r connected to
    4. Tap Configure Proxy -> Manual
    5. Input the address (that's the IP address of the computer that's running mitmproxy) and port of mitmproxy
    6. Open Safari (other browsers may not open the proper certificate installation prompt)
    7. Go to <mitm.it>
    8. Press the green Get mitmproxy-ca-cert.pem button below iOS - please read the instructions!
    9. On the download configuration dialog tap Allow
    10. Go back to the Settings app
    11. Move back to it's main page
    12. Tap Profile downloaded (which should be at the top)
    13. On the install profile dialog tap Install and verify it with your passcode
    14. Move back to it's main page again
    15. Tap General -> About -> Certificate Trust Settings (which should be at the bottom)
    16. Tap the switch next to mitmproxy

    *If this does not work right away, double check your settings and/or try switching your iOS device to airplane mode and back. Note that some apps are using certificate pinning and will not work if traffic is being intercepted like this.

Resources

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment