Open lanrat opened 3 years ago
Issue-Label Bot is automatically applying the label feature_request
to this issue, with a confidence of 0.81. Please mark this comment with :thumbsup: or :thumbsdown: to give our bot feedback!
Links: app homepage, dashboard and code for this bot.
This would be great. I know HeadSpin has a solution that somehow mirrors network traffic over the USB connection. I have no idea how it works; but if they can do it, then it is certainly possible.
I'm currently pointing my devices to a private WiFi network with a port mirror that packetbeat uses to ingest traffic into ElasticSearch. It isn't perfect (No MITM or SSL decryption) but it at least gives me a general idea where stuff is going.
I believe what I'm describing is called reverse tethering: having the phone use the ADB connection for its network access. Once that's done the host can do any network analysis we want using existing tools like wireshark/tcpdump, sslstrip, etc..
It looks like the gnirehtet project already does reverse tethering by simulating a local VPN. So that may be a good starting point to get this added to STF.
I've managed this task, whit the help of gnirehtet + global_http_proxy_host + socat + burp, actually this is a manual operation, I'm not sure how and when I can integrate this to the codebase.
However I'm going to report the necessary steps to provide this functionality:
global_http_proxy_host
and global_https_proxy_host
in the target device adb shell settings put global http_proxy 10.0.2.2:8080
gnirehtet autorun
socat TCP4-LISTEN:8080,fork,reuseaddr TCP4:<YOUR_MITM_PROXY_IP_AND:PORT>
That's all now you can browse and use any app and all http/https traffic will be proxied to your desidered host, and control your device from the comfort of your browser.
Is your feature request related to a problem? Please describe. No problem, just a feature request.
Describe the solution you'd like It would be nice to be able to capture the network traffic going to/from the device. Even better if it would be possible to MITM the traffic to selectively block/edit requests.
Describe alternatives you've considered There are 3rd party apps/solutions that already do this. Most commonly by adding a VPN provider to capture the traffic, however having a solution built into STF would be much easier and allow for more automations.