-
-
Notifications
You must be signed in to change notification settings - Fork 3.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
some data does not go through mitm on android 4.4.4 (TLS handshake failed) ? #6854
Comments
a lil update , i've seen that when i query the data , there is a log on the terminal saying
i re-ran the mitm , " also set everything to unbounded . same thing happen , i also tried to force it by setting up everything to tls1.2 and received the same error when querying the info . i checked via wireshark , and the handshake is done on TLS1.2 i also tried to edit ciphers_client to , TLS1.2 TLS1.1 SSL3 , and received this error every time
i even tried to match the cipher_client to what i saw on wireshark , with forcing TLS1.2 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 then i tried ciphers_client and ciphers_server , then ciphers_server alone , same thing happen on all ocassion i still got
|
i wonder to myself , is that possible to view the encrypted info in wireshark ? |
Have you tried an older mitmproxy version? Depending on which OpenSSL version is pulled in, it may not have support for TLS 1.1 compiled in anymore. |
i have not , which version should i try ? do i need reset the certificate aswell or i can keep the one that was created by the latest version ? thanks ! |
so i tried v10 v9 v8 v7 and in V7 i got a different error
so i changed the tls version to SSL3 and it worked (yet some of the handshake are and TLS version: TLSv1.3 so not sure about that , anyway no more errors . however , there is still data that i dont see ... , the same data that i query does not show up . |
Problem Description
A clear and concise description of what the bug is.
some of the data of an app goes through mitm , and some does not .
there is an application that i investigating right now , for it to work it need internet , to query data .
for example when updating the application or when going into a browser i see all the data that going through (some of the data is via websocket)
however querying the data in the application which basically fetch the data from the server is not seen by MITM
Steps to reproduce the behavior:
installed a root ca on an costume old android 4.4.4 on a rockchip board, i dont have root on it because it is a highly customized android if i attempt to root the device , the device will be permately disable by the provider (the device cost around 800$) .
the way i installed the root certificate is to dump the whole emmc memory , mount the system partition , add the root ca into the folder umount and reflash the emmc - system partition .
to install the cert i followed the guide on the website
https://docs.mitmproxy.org/stable/howto-install-system-trusted-ca-android/
hashed_name=
openssl x509 -inform PEM -subject_hash_old -in mitmproxy-ca-cert.cer | head -1
&& cp mitmproxy-ca-cert.cer $hashed_name.0it worked well because i am able to see https data from the browser and some apps on the device .
however this particular request is not showing on mitm .
System Information
Paste the output of "mitmproxy --version" here.
running on the latest , mitmproxy-10.3.0-linux-x86_64
The text was updated successfully, but these errors were encountered: