robert arles robert.arles.us

robert.arles.us

Github Twitter?
about1 android1 backlight1 bash1 bayesian probability1 bayesian probablilty1 browsermob2 django5 docker1 firstpost1 flask1 go2 golang2 hugo1 init1 java1 jenkins2 jinja1 keyboard1 linux1 lubuntu1 mitmproxy1 nerdlynews1 nginx1 nltk1 pageloadstats2 pelican1 python11 qa automation1 rabot2 saucelabs1 selenium4 threading1 ubuntu2 webdriver4

MITMProxy

Automating Android + MITMProxy, Injecting the Proxy Cert

I’ve created a bash script to get, and then inject an MITMProxy cert into an Android Emulator This presumably works with an actual device, but untested as I don’t currently have one. This process assumes that you have a running Android emulator, the adb tools installed, and a MITMProxy running. It will grab the cert from the proxy, use it to create the file needed, and insert it into the Android device.


#!/bin/bash

proxyhost="127.0.0.1"
proxyport="8080"

# if this script fails, do not leave a pem file (the wrong one!) for other processes to use
rm mitmproxy-ca-cert.pem 2> /dev/null

show_help(){
  echo "Get Cert file from proxy, create and inject cert hash into attached android device."
  echo ""
  echo "No arguments supplied"
  echo "Usage: $0 [-h proxyhost] [-p proxyport]"
  echo "Defaults to $proxyhost:$proxyport"
}

# loop through the command line options
while getopts "h:p:?" opt; do
      case $opt in
        h)  proxyhost=$OPTARG
            ;;
        p)  proxyport=$OPTARG
            ;;
        \?)
            show_help
            exit 1
            ;;
      esac
done
shift $((OPTIND -1))

# get the pem from the proxy server
echo "Downloading Cert (pem) file from url http://mitm.it/cert/pem on proxy $proxyhost:$proxyport"
curl --proxy $proxyhost:$proxyport mitm.it/cert/pem > mitmproxy-ca-cert.pem

# get the hash of the pem file for use as the file name to put on the android device
echo "Setting CERT_HASH"
CERT_HASH="$(openssl x509 -inform PEM -subject_hash_old -in mitmproxy-ca-cert.pem | head -1)"
echo "CERT_HASH=$CERT_HASH"

# export the PEM data into the file
echo "Exporting pem data to file $CERT_HASH.0"
openssl x509 -inform PEM -text -in mitmproxy-ca-cert.pem -out /dev/null >> $CERT_HASH.0

# get root on android
# note: this does not work on google PLAY (prod) images, only google API (debug) images
adb root
adb remount

# put the new cert info on the android device
echo "adb push $CERT_HASH.0 /system/etc/security/cacerts/"
adb push $CERT_HASH.0 /system/etc/security/cacerts/
echo "adb shell 'chmod 644 /system/etc/security/cacerts/$CERT_HASH.0'"
adb shell "chmod 644 /system/etc/security/cacerts/$CERT_HASH.0"
echo "adb shell 'ls -l /system/etc/security/cacerts/$CERT_HASH.0'"
adb shell "ls -l /system/etc/security/cacerts/$CERT_HASH.0"
echo "rebooting..."
adb reboot

-