5,594,564 Members 33,055 Now Online
XDA Developers Android and Mobile Development Forum

[Q] How do i analyse ssl network traffic in apps on uncommon ports?

Tip us?
 
selemine
Old
#1  
Junior Member - OP
Thanks Meter 10
Posts: 29
Join Date: Nov 2011
Default [Q] How do i analyse ssl network traffic in apps on uncommon ports?

I recently started looking into the data applications, especially the free ones send to the net.
I wanted to know if they leak personal data to their coders.
Therefore i decided to redirect connections through a proxy software on my computer.
I installed http://www.charlesproxy.com/ and added their ssl ca to the trusted certificates on my cellphone.
It was quite intresting to see what kind of requests certain apps make to the internet, especially when you look inside the ssl encrypted connections.

I then found out that some connections seemed to be missing from that analysis, not enough traffic showed up in the proxy compared to the network activity.
So i used https://play.google.com/store/apps/d...d=lv.n3o.shark and the resulting file was quite a few times bigger.
It contained connections to other ports than 80/443 which i saw in charles.

So my questions are: Does Android ignore the proxy for non http(s) requests?
How can i redirect EVERY request to my computer and strip the ssl from it to look inside?
I suspect some of the applications to use basic stuff like json, xmpp and xml but cannot proof it currently.
As a beginner, i might also be using the wrong tools.
 
gordon1986
Old
#2  
Junior Member
Thanks Meter 0
Posts: 16
Join Date: Feb 2014
You may be able to run tcpdump on your router to see what exactly your phone is connecting to, then see if it corresponds to your proxy traffic.
 
selemine
Old
#3  
Junior Member - OP
Thanks Meter 10
Posts: 29
Join Date: Nov 2011
that does not help to look inside the ssl encrypted tunnel unfortunately
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes