emanuele-f
commented
1 year ago In order for this to work with HTTPS connections, this "translation" from SOCKS5 to HTTP proxy must be done after the data is decrypted. I can think about two different ways to do this.
If mitmproxy allowed us to combine the SOCKS5 listener with an upstream HTTP server, mitmproxy would do the translation, and burp/fiddler should just work. At the current stage, it seems like this is not supported, see https://github.com/mitmproxy/mitmproxy/issues/3845 (it talks about transparent mode but the same should apply to socks5).
The second approach, which you can use right now but only with burp, is to use the burp invisible proxy mode together with the PCAPdroid port mapping (#274, you can find it in the latest beta). Basically you need to configure port mapping rules to redirect the TLS traffic to burp (e.g. port 443 -> your_pc_ip:burp_port), then in Burp you need to enable the transparent mode and configure "Request handling" rules to redirect the traffic back to its destination. This "Request handling" step is what makes this approach not very practical, as you need to manually create rules for each remote server.
westinyang
I hope to support HTTP proxies and redirect all traffic to HTTP proxy, so that you can use tools such as Burpsuite or Fillder, to catch the computer on the computer. (MITMPROXY supports proxy HTTP and SOCKS5, but Burpsuite, Fiddler only supports HTTP)