Capture TLS handshake



  • I would like to capture TLS handshakes coming from Android. I was able to install a certificate using https://android.stackexchange.com/a/70123 , then I started a server:

    openssl s_server -key my_site.key -cert my_site.crt -msg
    

    and I set a proxy in the Android Emulator:

    127.0.0.1:4433
    

    but if I browse to any pages on the Android device, I get this result:

    ERR_CONNECTION_REFUSED
    

    and this result in OpenSSL:

    <<< ??? [length 0005]
        43 4f 4e 4e 45
    ERROR
    24500:error:1408F09B:SSL routines:ssl3_get_record:https proxy request:../
    openssl-1.1.1l/ssl/record/ssl3_record.c:325:
    shutting down SSL
    CONNECTION CLOSED
    

    What am I doing wrong?



  • I ended up writing my own proxy to solve this [1], inspired by another project [2].

    To capture TLS handshake, go to Android Chrome App info, then Storage, then MANAGE SPACE, then CLEAR ALL DATA, then OK. Then start the server, and go to Android Emulator Extended Controls. Choose Manual proxy configuration, then enter:

    127.0.0.1:8080
    

    and click Apply. Then start Android Chrome.

    1. https://github.com/89z/parse/tree/master/cmd/proxy
    2. https://github.com/spritesprite/proxychannel



Suggested Topics

  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2