不要在Android

不要在Android

关注
发信
关注(28)粉丝(399)

不要在Android 9 Pie上使用代理

本文介绍了不要在Android 9 Pie上使用代理的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我刚刚将Samsung Note 8手机升级到Android OS 9.0
当我进入高级wifi设置时,我选择手动使用代理模式。
主机:192.168.1.8
端口:8888
在计算机上,我打开了Fiddler软件以捕获数据包。但是,我无法捕获来自电话的任何数据包。在此之前,我使用的是Android OS 8.0。我仍然可以使用Fiddler
捕获数据包。Google是否在Android 9.0上具有更好的安全性

I just upgraded my Samsung Note 8 phone to Android OS 9.0When I go to advanced wifi settings, I choose to use Proxy mode manually.Host: 192.168.1.8Port: 8888On the computer I turned on the Fiddler software to catch the packets. However, I could not catch any packets coming out from the phone. Before that I was using Android OS 8.0. I can still capture the packet using FiddlerDoes Google have better security on Android 9.0

推荐答案

不确定您的确切身份建立。我可以推荐以下设置,该设置通常适用于所有Android版本(包括Android 9 / Pie)。注意:这是特定于应用程序的!

Not sure about your exact set up. I can recommend the following set up which generally works for me on all Android versions (including Android 9 / Pie). Note: this is app specific!


  1. 下载并运行mitmproxy()

  2. 从Wifi设置中为设备设置代理(可能与您一样)

  3. 在设备上打开浏览器,然后转到:

  4. 下载并安装证书

  5. 将以下内容添加到应用的AndroidManifest.xml中:< application android:networkSecurityConfig = @ xml / network_security_config ...> ...< / application>

  6. 将名为 network_security_config.xml ,然后输入以下内容:

  1. Download and run mitmproxy (https://mitmproxy.org/)
  2. Set up the proxy for the device from the Wifi settings (probably like you did)
  3. Open browser on device and go to: http://mitm.it
  4. Download and install certificate
  5. Add the following to your app's AndroidManifest.xml: <application android:networkSecurityConfig="@xml/network_security_config" ... > ... </application>
  6. Add to your XML resource folder a file named network_security_config.xml and put the following contents:



<!-- SECURITY RISK -  This app's network data can now be intercepted!!! -->
<network-security-config>
    <base-config>
        <trust-anchors>
            <!-- Trust preinstalled CAs -->
            <certificates src="system" />
            <!-- Additionally trust user added CAs -->
            <certificates src="user" />
        </trust-anchors>
    </base-config>
</network-security-config>




  1. 重建并启动应用程序,现在您应该看到请求通过了mitmproxy(Web或控制台界面)

注意:对于已经编译的应用程序,相同的操作,您仍然可以遵循相同的逻辑和步骤(使用 apktool 进行反编译和重新组装),除非开发人员通过代码检查将证书固定(也可以通过之类的挂钩引擎来绕过。仍然可以规避,但不在此问题范围内:)

NOTE: if you want to achieve the same for an already compiled app, you can still follow same logic and steps (use apktool for decompile and re-assemble), unless the developer pinned the certificate via code checks (also can be bypassed by hooking engines like https://www.frida.re). Still possible to circumvent, but outside of this question scope :)

glhfdd

这篇关于不要在Android 9 Pie上使用代理的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

08-04 15:46
Powered by LMLPHP ©2024 不要在Android 0.034045