Hi,
I am investigating an android app that uses cert pinning and therefore cannot use mitmproxy to intercept the traffic. I have used frida to hook the SSL_read/write/new functions and there I am receiving the HTTP traffic within my python script. I would like to create a flow dump of the traffic and uses mitmdump capabilities and parsing methods. I am finding it difficult to hook the read/write buffers into a Flow. It seems that it is tightly coupled with a TCP/SSL connection. Can you advice me how can I easily create a flowdump that will be accepted by mitmdump?
Thanks,
Hi @pavel-lazar,
I think there are two ways you can go for: First, use something like https://github.com/iSECPartners/Android-SSL-TrustKiller to disable cert pinning and use mitmproxy regularly. Second, if you want to create mitmproxy dump files from plain connection logs, you can use the netlib.http.http1.read primitives for this. Here’s an example where we are doing something similar: https://github.com/jbremer/httpreplay/blob/master/httpreplay/main.py#L49
Hi,
Thanks for the response. Since I prefer not to rely on the exact way an app is doing the cert pinning in java (which ssl-trust-killer relies on) and I think SSL_read/write hooks are more general I will try the second approach.