0

I’m trying to intercept TLS traffic on port 8443 between an Android app and an IPcam (8443 is the webcam’s port) on my LAN, on-the-fly (like Burp Suite does with HTTP(S)). Protocol in 8443 is not HTTPS.

I tried Burp Suite and mitmproxy by setting the Android proxy and adding the CA certificate—nothing appeared. I realized proxies in Android settings only work with HTTP/HTTPS, so traffic to port 8443 bypasses them.

Using mitmproxy with WireGuard (WireGuard server on my mitm computer) showed traffic, but the Android app broke due to routing issues: WireGuard "server" forwarded requests but didn’t maintain sockets for responses, hence ICMP port unreachable sent by my computer to webcam.

The only remaining option seems to be ARP spoofing/poisoning, but I also need my MITM machine to maintain two TLS sessions simultaneously: one with the app (pretending to be the webcam) and one with the webcam (pretending to be the app), without SSL stripping.

Is there a tool or method for this? I tried Bettercap, but it doesn’t seem to support a “double TLS session” MITM.

PCAPDroid works, but does not allow me to manipulate requests on-the-fly.

Improve this question
2
  • 1
    Cross posted to Stackoverflow: stackoverflow.com/q/79770602/150978 Commented Sep 21 at 9:52
  • 1
    Is your phone rooted? If not you can't intercept TLS traffic as you need a rooted device to install the mitmproxy root CA certificate as system (not as user) certificate. Commented Sep 22 at 7:17

0

Reset to default

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.