Open JinhaSong opened 4 years ago
It's ask a domain with DNS, not HTTP request, This capture can sniff all HTTP/1.1 request/response. BUT, no HTTPs No One can sniff the HTTPs URL/Body, google used HTTPs and HTTP/2 Of course, you can use a man-in-the-middle attack:
Does the https server need to be in Android or can you point to a dedicated proxy server on the network to mitm?
I want to create an application that filters the http url requested by another browser application using your application. But i was only able to get a partial url via DNS log. Ex) org.fly.android.localvpn I/System.out: DNS: -- 223.5.5.5:53:25224 play.google.com-A
How can I get the full URL requested by another browser application?