Welcome to XDA

Search to go directly to your device's forum

Register an account

Unlock full posting privileges

Ask a question

No registration required
Post Reply

[Q] How do i analyse ssl network traffic in apps on uncommon ports?

OP selemine

28th February 2014, 06:19 PM   |  #1  
OP Member
Thanks Meter: 23
 
49 posts
Join Date:Joined: Nov 2011
I recently started looking into the data applications, especially the free ones send to the net.
I wanted to know if they leak personal data to their coders.
Therefore i decided to redirect connections through a proxy software on my computer.
I installed http://www.charlesproxy.com/ and added their ssl ca to the trusted certificates on my cellphone.
It was quite intresting to see what kind of requests certain apps make to the internet, especially when you look inside the ssl encrypted connections.

I then found out that some connections seemed to be missing from that analysis, not enough traffic showed up in the proxy compared to the network activity.
So i used https://play.google.com/store/apps/d...d=lv.n3o.shark and the resulting file was quite a few times bigger.
It contained connections to other ports than 80/443 which i saw in charles.

So my questions are: Does Android ignore the proxy for non http(s) requests?
How can i redirect EVERY request to my computer and strip the ssl from it to look inside?
I suspect some of the applications to use basic stuff like json, xmpp and xml but cannot proof it currently.
As a beginner, i might also be using the wrong tools.
1st March 2014, 01:09 AM   |  #2  
Junior Member
Thanks Meter: 0
 
16 posts
Join Date:Joined: Feb 2014
You may be able to run tcpdump on your router to see what exactly your phone is connecting to, then see if it corresponds to your proxy traffic.
1st March 2014, 06:16 PM   |  #3  
OP Member
Thanks Meter: 23
 
49 posts
Join Date:Joined: Nov 2011
that does not help to look inside the ssl encrypted tunnel unfortunately
Post Reply Subscribe to Thread
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes