Skip to content

Instantly share code, notes, and snippets.

@joshenders
Last active July 23, 2023 14:49
Show Gist options
  • Save joshenders/2b0dc14c89a8769f64a7 to your computer and use it in GitHub Desktop.
Save joshenders/2b0dc14c89a8769f64a7 to your computer and use it in GitHub Desktop.
mitmproxy configuration for iPad

Successful mitmproxy-3.7 setup tested on OS X 10.13.6 and iPhone X running 12.1.4

Enable IP forwarding and disable ICMP redirects to keep the iPad sending traffic to the proxy

sudo sysctl -w net.inet.ip.forwarding=1
sudo sysctl -w net.inet.ip.redirect=0

net.inet.ip.forwarding
Enable IP forwarding between interfaces

IP forwarding is the process of forwarding internet packets from one network to another. By default the FreeBSD system will not forward IP packets between various network interfaces. In other words, routing functions (also known as gateway functions) are disabled.

type: boolean, default: off

net.inet.ip.redirect
Enable sending IP redirects

Allow (1) or disallow (0) send ICMP redirections when forwarding. This option is ignored unless the host is routing IP packets. Normally, this option should be enabled on all systems.

type: boolean, dafault: 1

Create a new file with the following pf rules. Replace ext_if and ext_ip with the appropriate values for your network configuration.

ext_if = "en0"
ext_ip = "192.168.1.141"

rdr on $ext_if inet proto tcp from any to any port 80 -> $ext_ip port 8080
rdr on $ext_if inet proto tcp from any to any port 443 -> $ext_ip port 8080

Load your file with pfctl and then enable pf

sudo pfctl -vf pf.conf
sudo pfctl -e

Add pfctl to /etc/sudoers

ALL ALL=NOPASSWD: /sbin/pfctl -s state

Start mitmproxy

mitmproxy --mode transparent --listen-port 8080 --showhost

Statically configure the IP address of the machine running mitmproxy as a router on the iPad, make sure both devices are on the same network and any AP isolation mode is disabled. You can also get creative with DHCP, ARP spoofing, DNS spoofing, DNAT on your router or what have you.

Install the CA cert on the iPad by visiting http://mitm.it in clicking the Apple and following the prompts. After it's installed, you must perform an additional step to enable full trust for the mitmproxy root certificate.

Navigate to: Settings > General > About > Certificate Trust Settings. Toggle the switch for mitmproxy under the, "ENABLE FULL TRUST FOR ROOT CERTIFICATES" heading.

If you fail to do this, you will see the following error in the mitmproxy capture window:

Client Handshake failed. The client may not trust the proxy's certificate ...

[1] http://www.cisco.com/c/en/us/support/docs/ip/routing-information-protocol-rip/13714-43.html
[2] http://docs.mitmproxy.org/en/stable/transparent/osx.html
[3] https://notroot.wordpress.com/2010/10/22/freebsd-net-inet-ip-sysctls-explained/

@joshenders
Copy link
Author

This process appears to work for running against a device Simulator with Xcode: https://www.tooploox.com/blog/intercept-network-traffic-with-mitmproxy-in-ios-simulator

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment