Set up the malicious proxy server
- The malicious proxy server mitmproxy runs in the Linux environment. So the first step is to set up a virtual Linux environment. (Ignore this setp if you use Linux as your primary OS.)
- Download VirtualBox and then install it.
- Download a distribution of Linux. Recommend Lubuntu, which has low hardware requirements. Download Lubuntu
- Create a new Virtual Machine in VirtualBox like this. You can use defaults for all following settings.(shown as Figure )
Figure 1: Create New Virtual Machine
- Start your VM and select start-up disk as your Lubuntu which you just downloaded like this. (shown as Figure 2)
Figure 2: Select start-up disk
- Finish Lubuntu installation. You can use defaults for most settings.
- Set Network adapter of your VM works on as Bridged Adapter. Make sure it could be reached by your smart phone. (shown as Figure 3)
Figure 3: Setting Network
- Install mitmproxy on your virtual Linux machine
- First, install pip on your Linux. pip is a tool for installing and managing Python packages. On Debian and Ubuntu, use commands:
$ sudo apt-get install python-pip
- Install mitmproxy. If pip is installed, use commands: (for detailed instructions, please check )
pip install mitmproxy
If error occurs, please check all packages used by mitmproxy have been installed.
- Strat mitmproxy in Terminal by commands:
Detailed usages (For testing purpose, DO NOT add the root certificate to trust list on smart phone.)
- Use the following command to get the VM’s IP address (or the proxy’s IP address) which is to be used by the smartphone
- Optional malicious proxy (this part is optional, if you do not want to use mitmproxy )
Besides mitmproxy, “Charles” and “Fiddler” could also be used as malicious proxy. Please be aware that different proxies use different ways to generate fake certificates. For more information, please check those on related reference.
Read Also: Setup your Smartphone proxy