I installed mitmproxy to try and look at some data being sent to a local app. I installed and got everything setup correctly. It seems to be working for almost all of the traffic, except for the traffic i actually need to see. For example, it will display some of the SSL data, but not the data i want. My question is, what kind of protocol would an app use if it’s not using HTTPS? Or if it is using HTTPS, why can’t i see it? I saw the same thing in Fiddler/Wireshark, it decrypted pretty much all the traffic on my PC except what i wanted to see.
There are a couple of possibilities:
- The app is not configured to use your system settings (proxy, etc.) so its traffic doesn’t go through MITM.
- The app uses another protocol such as UDP or raw TCP, rather than HTTP/HTTPS.