![]() I run my local VMs with QEMU/KVM using virt-manager. I’m using a (graphical) desktop Ubuntu installation (in contrast to the usual AWS server setup) because I find the mitmweb command much nicer than the command line version. I downloaded the Ubuntu 22.04 installation media directly from Ubuntu. use iptables to get traffic from the VPN through the mitmproxy.force traffic from the iPhone to the Ubuntu machine through a wireguard VPN (in this case Tailscale).run a transparent mitmproxy on a Ubuntu machine.I normally write about strictly open-source stuff, but Tailscale is actually phenomenal in making wireguard setup easier, so I’m using it here (I’ve no relationship with Tailscale). In this post I’ll document how I managed to force an iPhone (running some iOS 14) to transparently proxy traffic through a Ubuntu VM running mitmproxy, which in effect allows you to inspect the majority of traffic flowing through your phone even if they are encrypted with TLS. (Spoiler: there’s no magic involved, the devs had implemented certificate pinning wrong, when implemented correctly it’s quite non-trivial to get around on iOS). This post is about the latter, and I will hopefully get around to writing about some more mitmproxy stuff on how I managed to get around the former in another post later on. However, these days apps have gotten wiser (with certificate pinning) and less conformant (by bypassing proxies). In the olden days this used to be pretty straightforward with mitmproxy: you would just set it up on your computer on the same network, and point your phone’s proxy to that computer. The other day I was trying to study an iPhone app and the API calls it makes to its servers. Transparent mitmproxy for iPhone using Tailscale in a VM
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |