Transparent mode shows nothing captured #4985
Unanswered
BeyondEvil
asked this question in
Q&A
Replies: 1 comment
-
Your current error seems to be that the server TLS handshake fails because mitmproxy does not trust the server's certificate. As a quick workaround you can set |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
On my iPhone 12 mini running iOS 14.8.1 I have a 3rd party application from which I want to capture all the traffic.
I first tried mitmproxy in "regular" mode and was able to capture some traffic, but clearly not all.
So I wanted to try to see if I could capture all the traffic using "transparent" mode.
I've followed the instructions here
$ sudo pfctl -e No ALTQ support in kernel ALTQ related functions disabled pfctl: pf already enabled
$ sudo cat /etc/sudoers | grep pfctl ALL ALL=NOPASSWD: /sbin/pfctl -s state
I'm running macOS Catalina 10.15.7.
I've given my phone a manual IP with
router
set to the IP of my Mac: 192.168.1.77 (en0
, see below).But it won't connect using WiFi (as you can see on the screenshots I only get 4G).
What am I doing wrong? How can I troubleshoot further.
Thanks 🙏
Ok, made (some) progress.
I tethered my iPhone to my mac using a USB cable and updated the
pf.conf
to usebridge100
instead ofen0
.However, now mitm crashes...
I'm very new to this field, but it looks like what's happening is that the TLS handshake fails, and when mitm tries to "force" it, the server disconnects which mitm can't handle and then pukes (
Unexpected EOF
).But what's the root issue here, why does it reject the cert?
I wonder if this is what I've run into: https://docs.mitmproxy.org/stable/concepts-certificates/#certificate-pinning
The app/company, Ajax Systems, is extremely security aware, so it wouldn't surprise me.
Beta Was this translation helpful? Give feedback.
All reactions