Sniff iPhone HTTP Traffic using mitmproxy

Sniffing traffic is a very hackish thing to do. So if you are against hacking things, stop reading.

There are a couple of ways to sniff the HTTP traffic. Using Wireshark, which has a nice user interface, is one of the mos popular ways. Today, I am going to introduce another tool call mitmproxy.

mitmproxy is an SSL-capable man-in-the-middle proxy. It was the very tool that was used to discover the misdeeds of Path.

 

How to use mitmproxy?

  1. Download mitmproxy, and install. You could install from source and run sudo python setup.py install
  2. Go to your Terminal and run mitmproxy.
  3. Obtain the IP address of your computer by running ifconfig en1 (or whatever that you are using).
  4. Set the proxy on your iPhone by going to your connected wifi settings. Set HTTP Proxy to “Manual”, and enter the IP of  your computer with port as 8080.
  5. Start sniffing! Refer to the console tool guide. Press ‘?’ to bring up the list of commands.

Share and Enjoy
    Tagged with: ,
    Posted in Development, How-to
    • http://twitter.com/alcidiogalan alcidio galan

      mitmproxy: Error starting proxy server: Address already in use
      how can it be fixed :(

    • xxx

      I had a tomcat running on port 8080.

      Check out the whether the port is free: netstat -tlapn | grep 8080.

      Stop tomcat if that’s the service that occupies the port: service tomcat6 stop

    • Denis

      ps ax | grep mitm
      and then `kill #`
      # – the ID of the process mitm is running on

    • Nahid Alam

      Tried this, but doesnt work. If I try to browse, the page is either
      blank or tells ‘error connecting to the proxy server’. Also, no message
      in the mitmproxy window.