make sure android related utilities are on system paths
mate ~/.bash_profile
need the following
#android studio
export PATH=~/Library/Android/sdk/tools:$PATH
export PATH=~/Library/Android/sdk/platform-tools:$PATH
export PATH=~/Library/Android/sdk/emulator:$PATH
export PATH=~/Library/Android/sdk/build-tools/35.0.1:$PATH
verify weibo app CA behavior
Apps can decide to ignore the system certificate store and maintain their own CA certificates.
To verify the behavior of the app, check network_security_config.xml.
apktool d com.sina.weibo_14.12.0_liqucn.com.apk
check res/xml/network_security_config.xml
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<base-config cleartextTrafficPermitted="true" />
<debug-overrides>
<trust-anchors>
<certificates src="user" />
</trust-anchors>
</debug-overrides>
</network-security-config>
install mitmproxy
brew install mitmproxy
#run it at least once
mitmproxy
# ~/.mitmproxy dir is created
now ~/.mitmproxy/mitmproxy-ca-cert.cer is created
cd ~/.mitmproxy/
hashed_name=`openssl x509 -inform PEM -subject_hash_old -in mitmproxy-ca-cert.cer | head -1` && cp mitmproxy-ca-cert.cer $hashed_name.0
ls
c8750f0d.0 is created
create emulator
emulator -list-avds
not every emulator works with mitmproxy!
but Nexus_S_API_30 works! (API 35 does not work)
put the cert onto emulator system partition
adb push ~/.mitmproxy/c8750f0d.0 /system/etc/security/cacerts
adb shell chmod 664 /system/etc/security/cacerts/c8750f0d.0
adb ls /system/etc/security/cacerts
if successful: then you see the mitmproxy cert in the Trusted Credentials in Android system setting!
merely moving the certs into the system certs it not enough: sometimes the certs still does not show up in the system setting.
then each time run the following to start the modified image
emulator -avd Nexus_S_API_30 -writable-system
run mitmproxy
mitmweb
change the emulator network setting:
127.0.0.1:8080
don’t forget to click apply after the change.
install the weibo app to capture the traffics.