Setting-up mitmproxy on macOS to intercept https requests

Due to the need of intercepting https requests to investigate security issues on iOS handsets, I was looking for solutions for such purpose. Charles is one of the most-famous pieces of software for the category. Indeed, it’s easy-to-use and has intuitive UI. However, the 30-min limitation of its trial version is somewhat hindering my progress, and the company I am working for hasn’t purchased licenses of it.

Hence I started looking for a free alternative of Charles, and I got mitmproxy. Let’s start from the installation of it.

Installation

One may install it on macOS through Homebrew. To do it, open a terminal console and type:

brew install mitmproxy

There are other ways to install mitmproxy. What are cited in official documents are: via pip3 for Linux and Windows platform. Also, One can get the official mitmproxy image through DockerHub. If you are going to installing mitmproxy on macOS, Check here for the detail.

Once mitmproxy is installed, you may start using it by simply typing the command in a terminal console:

mitmproxy

There are a bunch of options available, you may check those options and usages by:

mitmproxy --help

Once mitmproxy started successfully, then what’s coming next is setting-up the proxy of your target device and installing mitm certificate on it.

Setting-up proxy

Now we would need to set the computer running mitmproxy as the proxy of the target device. Suppose an iOS handset is the target device and it’s connected to the Internet through the LAN where the PC, running mitmproxy with IP 192.168.1.1, is also connected to.

Click on ‘Settings’.

Click on ‘Wi-Fi’.

Click on the info icon of your Wi-Fi connection, assuming the iOS handset is connected to the PC where mitmproxy is running.

Press ‘Configure Proxy’ to setup http proxy for interception of traffics.

Set proxy to ‘Manual’ and give the IP of the PC running mitmproxy and the port to 8080(default).

If you don’t know the IP address of you PC, open System Preferences... > Network and you’ll see:

You may find the IP address from macOS’ system settings.

Installing mitm CA certificate

Now open the URL mitm.it from your handset’s browser and choose the one that apply to your handset. In this case click on Apple

Connect to the URL to install mitm CA certificate.

It’s important that you need to trust the CA certificate. To do so, trust the certificate through the switch in Settings > About > Certificate Trust Settings. For any solution that rely on CA certificate need it to work properly, including Charles.

Trust mitm certificate

Now, you are ready to roll! Let’s see the https traffic!

Once you do some actions making http/https requests, you may see something alike:

The intercepted HTTPS requests.

The detail view

Pressing ? to see Help

The help view

Happy MITM!

Reference

• mitmproxy docs