Can't mitmproxy with Android Nougat 7.1.1


#1

After having updated my phone (Nexus 5x) with the latest android release (7.1.1), proxying doesn’t seem to work anymore.

I’m still able to proxy with an older android phone through the same mitmproxy session.

All i get is the wifi signal icon with a little x on the lower right corner of the same icon.

  • i’ve checked and double-checked certs
  • i’ve forgotten and re-added network as well as proxy ip and port.

I understand that certain apps compiled for a specific android api version will require changes to the apk to make proxying work again, but this is only for newer apps… i can’t get anything to go through the proxy.


#2

For anybody that may be struggling with this, the Nexus 5x and the Pixel C with the Android Nougat (7.1.1) update appears to have a bug, whereby once the wifi connection restarts, proxying the connection will not work.

To get the proxy to work, at least when debugging your apps…

Set the proxy & port on on the active wifi connection AND DO NOT restart your wifi connection. This appears to work for as long as your wifi connection is not dropped.

Once wifi is restarted (either manually, out of range, whatever) - the proxying doesn’t work anymore despite the settings persisting. To get it working again…

  1. remove proxy settings
  2. restart wifi
  3. add proxy settings AND AGAIN, DO NOT restart wifi connection afterwards.

Hopefully, this will help someone avoid this issue.


#3

Sorry for gravedigging, but I came across this issue while doing some reversing.

It appears that Nougat enforces security checks on user installed certificates, which must be explicitly disabled by each application. Reference: https://serializethoughts.com/2016/09/10/905/

The solution for now is to either unpack the APK and insert that XML in it or just use a device running an older version of Android.


#4

Looks like we missed this as well - sorry @ffernand!

This question has been raised on Github as well - see https://github.com/mitmproxy/mitmproxy/issues/2054#issuecomment-281836486.