Skip to content

Instantly share code, notes, and snippets.

@jannegpriv

jannegpriv/mitmproxy_on_mac.md

Last active October 14, 2022 08:26
Show Gist options
  • Save jannegpriv/85567221ade0045c76b08f6e774b51c3 to your computer and use it in GitHub Desktop.
Save jannegpriv/85567221ade0045c76b08f6e774b51c3 to your computer and use it in GitHub Desktop.
Download ZIP
Man in the middle proxy on MAC
Raw
mitmproxy_on_mac.md

Man in the middle proxy on MAC.

To be able to reverse engineer Web APIs it is very convenient to use a man-in-the-middle proxy that can in detail reveal what is being sent over the line.

For MAC I recommend to use the mitmproxy which is very easy to install and use. To install just use brew:

brew install mitmproxy

mitmproxy is opensource and can be found on github.

Start the mitmproxy

Start the mitmproxy and use port 8090 by entering the following in a terminal:

mitmproxy -p 8090

Configure proxy settings for Web-browser

If you want to intercept traffic from your browser, just configure your MAC's Network to use HTTP/HTTPS proxy. I use WiFi to connect to my ASUS router, hence I just go to 'System Preferences/Network/Wi-Fi and then chose Advanced/Proxies and check Web Proxy (HTTP) and Secure Web Proxy (HTTPS) to use 127.0.0.1:8090.

Cofigure proxy settings for mobile phone

If you want to intercept traffic from your mobile then configure your phones WiFi connection to use a manual proxy pointing to the IP address of your MAC and the port 8090.

Install mitm certificate on your OS

You need to install the mitm certificate on the device you want to intercept traffic from. Start a browser on the device, and visit the magic domain mitm.it

and surf to your website of interest and you should see a lot of requests in the terminal where you started mitmproxy.

It is possible to use filter in the command window for mitmproxy by pressing 'f' and then entering a string filter. To quit the session press 'q' followed by yes.

Proxy from Java code

If you want to be able to use a proxy from your Java code it is possible to configure your HTTPClient to use a proxy, for OpenHAB using Jetty it is done as shown below:

   @Reference
    protected void setHttpClientFactory(HttpClientFactory httpClientFactory) {
        logger.debug("setHttpClientFactory this: {}", this);
        this.httpClient = httpClientFactory.getCommonHttpClient();
        if (DEBUG) {
            this.httpClient = new HttpClient(new SslContextFactory());
            try {
                this.httpClient.start();
            } catch (Exception e) {
                logger.error("Exception: {}", e.getMessage());
            }

            logger.debug("setHttpClientFactory configure proxy!");
            ProxyConfiguration proxyConfig = httpClient.getProxyConfiguration();
            HttpProxy proxy = new HttpProxy("127.0.0.1", 8090);
            proxyConfig.getProxies().add(proxy);
        }
    }
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment