So on linux, I use transparent mode of mitmdump (mitmproxy without interaction) to build a websites filter and I run it as root on startup so that it cannot be killed if the user does not have sudo permission.
So I want to setup a similar thing for smartphone. It should be standalone rather than say, connect to Internet through PC and let PC does all the work. I am new to Android so forgive me if I am asking stupid questions. My questions are
- Many apps like Orbot seem to have HTTP/HTTPS transparent mode (Please recommend if you know something more similar to mitmproxy). But they are GUI based. How do I convert them (or if there exists already) to a silent background service like mitmdump?
- Do any of them allow me to add codes like https://docs.mitmproxy.org/stable/addons-scripting/ either directly in the source code or as an automatically called add-on? (Basically, each time a request/response arrive, my function should be triggered to decide whether or not to replace/block it)
- If there is no apps similar to mitmproxy, what tools do I need to create such an environment (assuming that I only want to deal requests/responses at HTTP/HTTPS level)?
I do not need to assume any particular Android versions. I just need to make things work first on some version. Please point me to the correct background materials if you feel that they take too long to explain.
Thank you.
mitmproxy
as a nativeinit
service. You need to build it with Android NDK (which is a hectic task usually for non-Android projects) or compile/link statically. This answer may help understand how proxy works on Android: https://android.stackexchange.com/a/217801/218526. Also have a look at HttpCanary. – Irfan Latif Mar 03 '20 at 21:43