1

So on linux, I use transparent mode of mitmdump (mitmproxy without interaction) to build a websites filter and I run it as root on startup so that it cannot be killed if the user does not have sudo permission.

So I want to setup a similar thing for smartphone. It should be standalone rather than say, connect to Internet through PC and let PC does all the work. I am new to Android so forgive me if I am asking stupid questions. My questions are

  1. Many apps like Orbot seem to have HTTP/HTTPS transparent mode (Please recommend if you know something more similar to mitmproxy). But they are GUI based. How do I convert them (or if there exists already) to a silent background service like mitmdump?
  2. Do any of them allow me to add codes like https://docs.mitmproxy.org/stable/addons-scripting/ either directly in the source code or as an automatically called add-on? (Basically, each time a request/response arrive, my function should be triggered to decide whether or not to replace/block it)
  3. If there is no apps similar to mitmproxy, what tools do I need to create such an environment (assuming that I only want to deal requests/responses at HTTP/HTTPS level)?

I do not need to assume any particular Android versions. I just need to make things work first on some version. Please point me to the correct background materials if you feel that they take too long to explain.

Thank you.

  • If you have a rooted phone simply setup mitmproxy as a native init service. You need to build it with Android NDK (which is a hectic task usually for non-Android projects) or compile/link statically. This answer may help understand how proxy works on Android: https://android.stackexchange.com/a/217801/218526. Also have a look at HttpCanary. – Irfan Latif Mar 03 '20 at 21:43
  • There are apps working as "local VPN" (effectively the same as a proxy) for filtering traffic. Mostly those apps are developed for ad filtering, but you can also use it otherwise. In combination with an device admin profile that can be removed/disabled you could enforce this VPN profile to be always active. – Robert Mar 04 '20 at 08:35

0 Answers0