From e3f97f5488df63dcbec6a666faf27b4f661e4fd3 Mon Sep 17 00:00:00 2001 From: Andrii Dokhniak Date: Sun, 17 Aug 2025 23:36:06 +0200 Subject: [PATCH] WIP: Back to mitmproxy --- android/conf/docker-entrypoint.sh | 16 +++++++++++++++- android/entrypoint.sh | 24 ++++++++++++------------ docker-compose.yaml | 8 ++++++++ http_server/code/index.html | 12 ++++++------ http_server/code/src/main.ts | 2 +- mitmproxy/Dockerfile | 8 ++++++++ pre_android/Dockerfile | 2 +- 7 files changed, 51 insertions(+), 21 deletions(-) create mode 100644 mitmproxy/Dockerfile diff --git a/android/conf/docker-entrypoint.sh b/android/conf/docker-entrypoint.sh index 3446143..645d2c2 100644 --- a/android/conf/docker-entrypoint.sh +++ b/android/conf/docker-entrypoint.sh @@ -3,8 +3,22 @@ npm i -C /code bash /conf/wait_for_sd.sh adb shell su root /tmp/frida-server & +apt-get install iptables -y -cd /frida-scripts && perl -i -0777p -e 's|CERT_PEM = .*?;|CERT_PEM = `'"$(cat /certificates/ca.pem | sed -z 's/\n/\\n/g')"'`;|gsm' config.js +# configuring the pinning / unpinning scripts +perl -i -0777p -e 's|CERT_PEM = .*?;|CERT_PEM = `'"$(cat /certificates/mitmproxy-ca-cert.pem | sed -z 's/\n/\\n/g')"'`;|gsm' /frida-scripts/config.js +perl -i -0777p -e 's|const PROXY_SUPPORTS_SOCKS5 = false|const PROXY_SUPPORTS_SOCKS5 = true|gsm' /frida-scripts/config.js +perl -i -0777p -e 's|const BLOCK_HTTP3 = true|const BLOCK_HTTP3 = true|gsm' /frida-scripts/config.js +perl -i -0777p -e 's|const PROXY_PORT = 8000|const PROXY_PORT = 8000|gsm' /frida-scripts/config.js + +# configuring forwarding the proxy info to mitmproxy adb reverse tcp:8000 tcp:8000 +# iptables -t nat -A OUTPUT -p tcp --dport 8000 -j DNAT --to-destination $(getent hosts mitmproxy | awk '{ print $1 }'):8000 + +iptables -t nat -A OUTPUT -m addrtype --src-type LOCAL --dst-type LOCAL -p tcp --dport 8000 -j DNAT --to-destination $(getent hosts mitmproxy | awk '{ print $1 }'):1080 +iptables -t nat -A POSTROUTING -m addrtype --src-type LOCAL --dst-type UNICAST -j MASQUERADE + +# iptables -t nat -A POSTROUTING -p tcp -d mitmproxy --dport 8000 -j SNAT --to-source 127.0.0.1:8000 + node /code/index.mjs diff --git a/android/entrypoint.sh b/android/entrypoint.sh index 8c4dd8e..ecb5f2e 100755 --- a/android/entrypoint.sh +++ b/android/entrypoint.sh @@ -1,23 +1,23 @@ #!/bin/bash set -e -node /proxy_cache_thing/dist/index.js & -CACHE_PID=$! +# node /proxy_cache_thing/dist/index.js & +# CACHE_PID=$! -/httptoolkit-server/bin/run start -c /certificates & -HTTPTOOLKIT_SERVER_PID=$! +# /httptoolkit-server/bin/run start -c /certificates & +# HTTPTOOLKIT_SERVER_PID=$! bash /conf/docker-entrypoint.sh & ANDROID_PID=$! function check_dead() { - if ! ps -p $CACHE_PID > /dev/null; then - echo "[ERROR] The proxy cache died, exiting..."; - exit 1; - fi - if ! ps -p $HTTPTOOLKIT_SERVER_PID > /dev/null; then - echo "[ERROR] The httptoolkit_server died, exiting..."; - exit 1; - fi + # if ! ps -p $CACHE_PID > /dev/null; then + # echo "[ERROR] The proxy cache died, exiting..."; + # exit 1; + # fi + # if ! ps -p $HTTPTOOLKIT_SERVER_PID > /dev/null; then + # echo "[ERROR] The httptoolkit_server died, exiting..."; + # exit 1; + # fi if ! ps -p $ANDROID_PID > /dev/null; then echo "[ERROR] The android emulator died, exiting..."; exit 1; diff --git a/docker-compose.yaml b/docker-compose.yaml index 0b693af..f374de8 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -11,6 +11,7 @@ services: container_name: android sysctls: - net.ipv6.conf.all.disable_ipv6=1 + - net.ipv4.conf.all.route_localnet=1 cap_add: - NET_ADMIN devices: @@ -30,6 +31,13 @@ services: - $PWD/certificates:/certificates - $PWD/android/code:/code + mitmproxy: + build: ./mitmproxy + networks: + - rent_gen_android + volumes: + - $PWD/certificates:/root/.mitmproxy + container_name: mitmproxy httptoolkit_ui: build: context: ./httptoolkit_ui/ diff --git a/http_server/code/index.html b/http_server/code/index.html index 3ac14b2..2dd1c6c 100644 --- a/http_server/code/index.html +++ b/http_server/code/index.html @@ -90,12 +90,12 @@
- + + + + + +
diff --git a/http_server/code/src/main.ts b/http_server/code/src/main.ts index c20b4c5..07e8a15 100644 --- a/http_server/code/src/main.ts +++ b/http_server/code/src/main.ts @@ -294,4 +294,4 @@ installed_apps_loop(); open_ports_loop(); screenshot_loop(); start_notifications(); -start_traffic_log(); +// start_traffic_log(); diff --git a/mitmproxy/Dockerfile b/mitmproxy/Dockerfile new file mode 100644 index 0000000..0fe6425 --- /dev/null +++ b/mitmproxy/Dockerfile @@ -0,0 +1,8 @@ +FROM mitmproxy/mitmproxy + +USER root +WORKDIR /root + +# CMD bash -c 'echo hello from mitmproxy && mitmdump -w /root/.mitmproxy/dump --set mode="socks5@0.0.0.0:1080"' +cmd sleep 1000000000 +#--set mode="regular@0.0.0.0:8000" diff --git a/pre_android/Dockerfile b/pre_android/Dockerfile index b3c5238..9363c80 100644 --- a/pre_android/Dockerfile +++ b/pre_android/Dockerfile @@ -4,7 +4,7 @@ ENV PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/andro RUN sdkmanager --channel=2 "system-images;android-35;google_apis;x86_64" \ && echo no | avdmanager create avd -n virtual_dev -b google_apis/x86_64 -k "system-images;android-35;google_apis;x86_64" \ - && apt-get update && apt-get install -y iproute2 iputils-ping npm git libxml2-utils telnet bc aapt python3 python3-pip \ + && apt-get update && apt-get install -y iptables iproute2 iputils-ping npm git libxml2-utils telnet bc aapt python3 python3-pip \ && pip install frida-tools && git clone https://github.com/httptoolkit/frida-interception-and-unpinning /frida-scripts CMD bash /preconf/docker-entrypoint.sh