The requirement

For a client I was working with recently, there was a need to intercept data on a network. Certain actions needed to be taken after applying business logic on the intercepted data.

The Approach

After evaluating other tools, we thought we’d a spike on MITMProxy, a man-in-the-middle proxy for both HTTP and HTTPS with an interactive console interface. It provides various modes of proxying like :

Regular Transparent Proxy √ Reverse Proxy Upstream Proxy

The are explained in detail here Operation modes.

We were looking to setup a Transparent proxy as we had control over the devices connected to the Network, so setting up the certificates on them would not be an issue.

The Setup

I have a Mac running MacOS HighSierra and a Android test device connected to the same Wi-Fi network. I have MITMProxy installed using Brew, pre-built binaries can also be downloaded from their releases page.

mitmproxy uses pf packet filter to implement transparent mode. On OSX it is integrated in versions since OSX Lion. This means mitmproxy does not support transparent mode for earlier versions of OSX.

Installation of Certificates on device

MITMProxy supports both HTTPS and HTTP, by installing its custom certificates on the client devices. Start the proxy in basic mode by running

mitmproxy --host

You will be able to see the interactive console. Now update the Wi-Fi settings -> Select Network -> Advanced Settings -> Proxy configuration. Add the IP address of the host as the proxy.

Setting up proxy config in settings