WIP: Back to mitmproxy

2025-08-17 23:36:06 +02:00 · 2025-08-17 23:36:06 +02:00 · e3f97f5488
commit e3f97f5488
parent 2a836ea6cb
7 changed files with 51 additions and 21 deletions
--- a/android/conf/docker-entrypoint.sh
+++ b/android/conf/docker-entrypoint.sh
@ -3,8 +3,22 @@ npm i -C /code
 bash /conf/wait_for_sd.sh

 adb shell su root /tmp/frida-server &
+apt-get install iptables -y 

-cd /frida-scripts && perl -i -0777p -e 's|CERT_PEM = .*?;|CERT_PEM = `'"$(cat /certificates/ca.pem | sed -z 's/\n/\\n/g')"'`;|gsm' config.js
+# configuring the pinning / unpinning scripts
+perl -i -0777p -e 's|CERT_PEM = .*?;|CERT_PEM = `'"$(cat /certificates/mitmproxy-ca-cert.pem | sed -z 's/\n/\\n/g')"'`;|gsm' /frida-scripts/config.js
+perl -i -0777p -e 's|const PROXY_SUPPORTS_SOCKS5 = false|const PROXY_SUPPORTS_SOCKS5 = true|gsm' /frida-scripts/config.js
+perl -i -0777p -e 's|const BLOCK_HTTP3 = true|const BLOCK_HTTP3 = true|gsm' /frida-scripts/config.js
+perl -i -0777p -e 's|const PROXY_PORT = 8000|const PROXY_PORT = 8000|gsm' /frida-scripts/config.js
+
+# configuring forwarding the proxy info to mitmproxy
 adb reverse tcp:8000 tcp:8000

+# iptables -t nat -A OUTPUT -p tcp --dport 8000 -j DNAT --to-destination $(getent hosts mitmproxy | awk '{ print $1 }'):8000
+
+iptables -t nat -A OUTPUT -m addrtype --src-type LOCAL --dst-type LOCAL -p tcp --dport 8000 -j DNAT --to-destination $(getent hosts mitmproxy | awk '{ print $1 }'):1080
+iptables -t nat -A POSTROUTING -m addrtype --src-type LOCAL --dst-type UNICAST -j MASQUERADE
+
+# iptables -t nat -A POSTROUTING -p tcp -d mitmproxy --dport 8000 -j SNAT --to-source 127.0.0.1:8000
+
 node /code/index.mjs
--- a/android/entrypoint.sh
+++ b/android/entrypoint.sh
@ -1,23 +1,23 @@
 #!/bin/bash
 set -e
-node /proxy_cache_thing/dist/index.js &
-CACHE_PID=$!
+# node /proxy_cache_thing/dist/index.js &
+# CACHE_PID=$!

-/httptoolkit-server/bin/run start -c /certificates &
-HTTPTOOLKIT_SERVER_PID=$!
+# /httptoolkit-server/bin/run start -c /certificates &
+# HTTPTOOLKIT_SERVER_PID=$!

 bash /conf/docker-entrypoint.sh &
 ANDROID_PID=$!

 function check_dead() {
-	if ! ps -p $CACHE_PID > /dev/null; then
-		echo "[ERROR] The proxy cache died, exiting...";
-		exit 1;
-	fi
-	if ! ps -p $HTTPTOOLKIT_SERVER_PID > /dev/null; then
-		echo "[ERROR] The httptoolkit_server died, exiting...";
-		exit 1;
-	fi
+	# if ! ps -p $CACHE_PID > /dev/null; then
+	# 	echo "[ERROR] The proxy cache died, exiting...";
+	# 	exit 1;
+	# fi
+	# if ! ps -p $HTTPTOOLKIT_SERVER_PID > /dev/null; then
+	# 	echo "[ERROR] The httptoolkit_server died, exiting...";
+	# 	exit 1;
+	# fi
 	if ! ps -p $ANDROID_PID > /dev/null; then
 		echo "[ERROR] The android emulator died, exiting...";
 		exit 1;
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@ -11,6 +11,7 @@ services:
    container_name: android
    sysctls:
      - net.ipv6.conf.all.disable_ipv6=1
+      - net.ipv4.conf.all.route_localnet=1
    cap_add:
      - NET_ADMIN
    devices: 
@ -30,6 +31,13 @@ services:
      - $PWD/certificates:/certificates
      - $PWD/android/code:/code

+  mitmproxy:
+    build: ./mitmproxy
+    networks:
+      - rent_gen_android
+    volumes:
+      - $PWD/certificates:/root/.mitmproxy
+    container_name: mitmproxy
  httptoolkit_ui:
    build:
      context: ./httptoolkit_ui/
--- a/http_server/code/index.html
+++ b/http_server/code/index.html
@ -90,12 +90,12 @@
        </div>

        <div class="tabcontent active" id="httptoolkit-tab">
-          <iframe
-            id="httptoolkit-frame"
-            style="flex-grow: 1"
-            src="http://localhost:9080/"
-            title="httptoolkit"
-          ></iframe>
+          <!-- <iframe -->
+          <!--   id="httptoolkit-frame" -->
+          <!--   style="flex-grow: 1" -->
+          <!--   src="http://localhost:9080/" -->
+          <!--   title="httptoolkit" -->
+          <!-- ></iframe> -->
        </div>
        <div class="tabcontent" id="controls-tab">
          <form id="set_coords" onsubmit="main.coords_handler(event)">
--- a/http_server/code/src/main.ts
+++ b/http_server/code/src/main.ts
@ -294,4 +294,4 @@ installed_apps_loop();
 open_ports_loop();
 screenshot_loop();
 start_notifications();
-start_traffic_log();
+// start_traffic_log();
--- a/mitmproxy/Dockerfile
+++ b/mitmproxy/Dockerfile
@ -0,0 +1,8 @@
+FROM mitmproxy/mitmproxy
+
+USER root
+WORKDIR /root
+
+# CMD bash -c 'echo hello from mitmproxy && mitmdump -w /root/.mitmproxy/dump --set mode="socks5@0.0.0.0:1080"'
+cmd sleep 1000000000
+#--set mode="regular@0.0.0.0:8000"
--- a/pre_android/Dockerfile
+++ b/pre_android/Dockerfile
@ -4,7 +4,7 @@ ENV PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/andro

 RUN sdkmanager --channel=2 "system-images;android-35;google_apis;x86_64" \
 	&& echo no | avdmanager create avd -n virtual_dev -b google_apis/x86_64 -k "system-images;android-35;google_apis;x86_64" \
-	&& apt-get update && apt-get install -y iproute2 iputils-ping npm git libxml2-utils telnet bc aapt python3 python3-pip \
+	&& apt-get update && apt-get install -y iptables iproute2 iputils-ping npm git libxml2-utils telnet bc aapt python3 python3-pip \
 	&& pip install frida-tools && git clone https://github.com/httptoolkit/frida-interception-and-unpinning /frida-scripts

 CMD bash /preconf/docker-entrypoint.sh