Comments (8)
emanuele-f
commented on June 11, 2024
1
I saw other fixes done in 10.2.2 so I will update the addon to use the latest version. I will share a beta version here, officially this will be available in PCAPdroid 1.7.0
from pcapdroid.
vvyushmanov
commented on June 11, 2024
1
Hi!
I've tested both --ignore-hosts/--allow-hosts (--ignore-hosts .*:5061 and --allow-hosts .*:443) and the fix works! thx
It successfully bypasses the packets on the remote 5061 port and does what I needed it to do :)
from pcapdroid.
emanuele-f
commented on June 11, 2024
1
Great! I've added this info to https://emanuele-f.github.io/PCAPdroid/tls_decryption#331-exclude-specific-hostsports . For now this is enough to address this task, if there are other needs in the future we can evaluate them
from pcapdroid.
vvyushmanov
commented on June 11, 2024
I've followed mitmproxy documentation, tried the following options
--ignore-hosts .*:5061- didn't work, for some reason, the port is not taken into consideration, although the docs state it should be--tcp .*--tcpraw
Basically, one of 2 options would resolve this:
- A way to intercept/decode HTTPS (port 443) traffic ONLY
- A way to give custom certificate for mitmproxy (which is possible, but it's unclear how to give a path to it within PCAPDroid)
from pcapdroid.
vvyushmanov
commented on June 11, 2024
I've also tried setting up external mitmproxy, and it seems to respect the --ignore-hosts=.*:5061 parameter.
So, it looks like this (respecting the port, and not the host only) is something they've added relatively recently.
Is it possible to update the mitmproxy addon to respect the host:port parameters for allow/ignore host options?
from pcapdroid.
emanuele-f
commented on June 11, 2024
What about --ignore-hosts :5061? I would avoid adding a whitelist for this, working with an ip or domain decryption rule does not work for your use case?
from pcapdroid.
vvyushmanov
commented on June 11, 2024
Thanks for the reply!
Yeah, this is the exact option I was trying to use in the "mitmproxy additional options".
It is working on the latest mitmproxy for Linux, but does not work on the version embedded with the addon.
I did some digging and found this issue on mitmproxy Github mitmproxy/mitmproxy#6325
mitmproxy/mitmproxy#6594
mitmproxy/mitmproxy#6614
Turns out, this was fixed just recently.
Can you please apply these fixes or update to the latest mitmproxy version?
from pcapdroid.
emanuele-f
commented on June 11, 2024
The issue you had with the --ignore-hosts option was probably related to my patches to remove the aioquic_mitmproxy and mitmproxy_rs native module from mitmproxy. This is fixed in emanuele-f/mitmproxy@88cc641 .
For the mitmproxy 10.2.2 update, since the rework done in mitmproxy/mitmproxy@6e38a56 introduces non-trivial conflicts with my patches, I've just backported the --ignore-hosts/--allow-hosts fixes to 10.1.6.
All the fixes are now available in v1.1 release of PCAPdroid-mitm. You can test it with the following beta apk: PCAPdroid_1.6.9-1bab9e0.apk. Let me know how it works for you
from pcapdroid.
Related Issues (20)
- no network connection in specific app when using PCAPDroid HOT 12
- Log: [AppsResolver] Could not retrieve package HOT 1
- Filtering by Prepared Hosts HOT 1
- sslkeylogfile.txt produces "Duplicated entry" warnings in scapy, fails to decrypt traffic HOT 2
- PCAPdroid Trailer not work,lua plugin is loaded normally HOT 8
- Feature request: Geo location block
- ICMP traffic not available HOT 2
- App crashes on Android permissions reset
- Start on boot doesn't seem to work HOT 3
- High cpu usage when use it through root mode, and libcapd.so process doesn't be killed HOT 6
- Implement PCAPdroid trailer equivalent in pcapng
- Garbage characters in PCAPdtoid trailer app name HOT 6
- Save mitmproxy capture HOT 1
- I want to thank those for being patient with me. I didn't know anything about the internet until I got hacked. I have a big problem with reading much more than 2 sentences and I loose focus and skip a quarter page.
- Add network interface information HOT 1
- Mention the Blacklist source when Malware connection is detected and other disclosures HOT 3
- Improve connections error reporting
- PCAPdroid block Eset Endpoint Security virus signature updates. HOT 4
- Tips to see all truncated data? HOT 8
- 8f30907d0f2ef354c2b31bdee340c2b11dda0fb0
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from pcapdroid.