Aug 242013
 

I came across a nice example of a Twisted “man-in-the-middle” style proxy on Stack Overflow. This style of proxy is great for logging traffic between two endpoints, as well as modifying the requests and responses that travel between them.

The original was posted here, and I reproduce the vast majority of the code below with some modifications. My real motivation for posting this is to “get the code out there”, because I had a hard time finding it originally. A big thanks to the original author for posting his code on Stack Overflow.

All you need to do is change the three constants at the top, and add whatever validation/modification logic you want in the dataReceived and write methods. Those four methods are labeled so you know which “hop” the data is taking. A request is going to take the following path: client => proxy => server => proxy => client. For example, the first dataReceived method handles data travelling from the client to your proxy.
 

#!/usr/bin/env python

LISTEN_PORT = 8000
SERVER_PORT = 1234
SERVER_ADDR = "server address"

from twisted.internet import protocol, reactor


# Adapted from http://stackoverflow.com/a/15645169/221061
class ServerProtocol(protocol.Protocol):
    def __init__(self):
        self.buffer = None
        self.client = None

    def connectionMade(self):
        factory = protocol.ClientFactory()
        factory.protocol = ClientProtocol
        factory.server = self

        reactor.connectTCP(SERVER_ADDR, SERVER_PORT, factory)

    # Client => Proxy
    def dataReceived(self, data):
        if self.client:
            self.client.write(data)
        else:
            self.buffer = data

    # Proxy => Client
    def write(self, data):
        self.transport.write(data)


class ClientProtocol(protocol.Protocol):
    def connectionMade(self):
        self.factory.server.client = self
        self.write(self.factory.server.buffer)
        self.factory.server.buffer = ''

    # Server => Proxy
    def dataReceived(self, data):
        self.factory.server.write(data)

    # Proxy => Server
    def write(self, data):
        if data:
            self.transport.write(data)



def main():
    factory = protocol.ServerFactory()
    factory.protocol = ServerProtocol

    reactor.listenTCP(LISTEN_PORT, factory)
    reactor.run()


if __name__ == '__main__':
    main()

 Posted by at 2:14 pm
Dec 042012
 

If you’re trying to debug an app (or website) on Android that is using HTTPS, then this short guide might be for you. I’ll show you how to set up Fiddler and Connectify Me so that you can view your device’s encrypted communications.

Requirements

  • Computer with internet access and WiFi
  • Android device that supports WiFi proxies (Honeycomb or later – older devices might require a proxy app, though I can’t guarantee it will work)

 

Instructions

  1. Install Connectify Hotspot (the free version works fine) and start your hotspot. Side note: Don’t pick a stupid password for your hotspot; you probably don’t want world+dog hopping on your connection.
  2. Connect your Android device to your hotspot (via WiFi settings) and ensure you can access the internet using the connection.
  3. Install Fiddler (but don’t open it yet.)
  4. Install this certificate maker plugin (seems to have moved to here). It replaces the default certificate plugin in Fiddler so that the certificates will be compatible with Android.
  5. Open Fiddler and follow these configuration steps:
    1. Go to Tools | Fiddler Options… | General tab. Uncheck “Show a message when HTTP protocol violations are encountered”
    2. Switch to the HTTPS tab. Check “Capture HTTPS CONNECTS” and then “Decrypt HTTPS traffic”. Click Yes twice on the two dialogs that pops up.
    3. Click the “Export Root Certificate to Desktop” button.
    4. Switch to the Connections tab and check “Allow remote computers to connect”. Click Ok on the dialog.
    5. Take note of the port listed next to “Fiddler listens on port:”. We’ll need it soon.
    6. Close the options dialog.
  6. Exit Fiddler and then reopen it.
  7. On this website, upload the certificate that was exported to your desktop. Then, on your Android device, navigate to the URL the page produces to install the certificate.
  8. Determine the IP address of your computer (using ipconfig at the command line) on the ad-hoc WiFi connection that Connectify Hotspot has created.
  9. Using the instructions on this page (halfway down), configure the WiFi connection on your phone to use the following proxy information:
    1. IP address: What you found in step 9.
    2. Port: From step 5.e.

 

Test it out

Let’s see if everything works. Make sure Fiddler is open on your screen. On your Android device, browse to a random page. You should see the connections on the left-hand side of the Fiddler screen. If all of our HTTPS configurations worked, you should also see HTTPS communications decoded and dumped as well.

It’s possible that not all HTTPS communications will be shown, since some apps might reject the Fiddler root certificate. There’s nothing that can be done about that, unfortunately.

Note that Fiddler will also have changed the proxy settings for your entire computer. Connections from your desktop browser, email clients, etc. will be shown side-by-side with those from your Android device.

Cleanup

When you’re done, you’ll want to do a few things to revert your Android device and computer back to how they were.

  1. Undo the proxy configurations on your Android device.
  2. Uncheck the “Allow remote computers to connect” option in the Fiddler settings
  3. Uninstall Fiddler’s root certificates from both your computer (Google for instructions) and Android device (under settings | Security)
 Posted by at 11:31 pm