search

ProxymanApp / Proxyman

Modern. Native. Delightful Web Debugging Proxy for macOS, iOS, and Android ⚡️
https://proxyman.io
5.58k stars 187 forks source link

Does not intercept traffic from the XLN Audio program #1092

Closed Drovosek01 closed 2 years ago

Drovosek01 commented 2 years ago

Proxyman version? (Ex. Proxyman 1.4.3)

v2.35.3 (23530)

macOS Version? (Ex. mac 10.14)

macOS 10.14.6

Hello.

I installed the "XLN Online Installer" application, through which other programs from XLN can be installed, and with the help of Proxyman I wanted to get direct links to the program installers, but Proxyman did not show any traffic from the "XLN Online Installer" program.

Here are links to this program, I hope you can make Proxyman able to intercept its traffic. Thanks. https://www.xlnaudio.com/demos https://www.xlnaudio.com/api/download/96

NghiaTranUIT commented 2 years ago

I've downloaded and tested it @Drovosek01

This app is a cross-platform app, which is mainly written in C++ and C++ Network libraries, such as Poco. As a result, this app doesn't respect the HTTP/HTTPS Proxy System Config, so Proxyman could not capture it. The only solution is that we might find a setting to override the HTTP/HTTPS Proxy in "XLN Online Installer", but I could not find these settings in its Preference.

I'd like to say that it's designed to prevent Mitm app to intercept its traffic, so there is no way to do it unless the developer of the app allows us 👍

Drovosek01 commented 2 years ago

I also noticed that Lulu was able to track that the XLN application was trying to access the Internet and asked me to block or allow the connection. Unfortunately, Lulu does not show the full address of the request, but only the domain. Also, Lulu installs its own kext or some other extension during installation. I hope you will be able to make sure that Proxyman, for example, also installs its kext and can intercept absolutely all traffic.

In any case, thank you for your answer and for your time.

Drovosek01 commented 2 years ago

I tried another application - Radio Silence. It does not require any additional permissions or kexts and it was able to see requests from XLN Online Installer.

image

image

NghiaTranUIT commented 2 years ago

Radio Silence and Lulu work under a lower networking layer (TCP/UDP), so they can capture all traffic from the Mac machine. It's the same with Wireshark. However, these apps could not intercept HTTPS traffic because the HTTP layer is a higher layer than TCP/UDP.

On the other hand, Proxyman, Fidder or Charles Proxy primarily works on the HTTP layer, so they can easily intercept the HTTPS traffic.

NghiaTranUIT commented 2 years ago

Regarding the kext, we don't have any plan to implement KEXT since it's deprecated by Apple since macOS 10.15 (https://support.apple.com/en-vn/guide/deployment/depa5fb8376f/web)

Drovosek01 commented 2 years ago

I understood you. Thank you for the detailed answer.