tracker-control-android icon indicating copy to clipboard operation
tracker-control-android copied to clipboard

Published 20 hours ago verified publisher icon TrackerControl

Intercept & capture HTTPS data

Open mlsem opened this issue 4 years ago • 3 comments

NOTE : this issue is a feature request, I let admins qualify it by adding labels. ALSO this issue if accepted, need to be enriched with more details

The aim of TC app is blocking or allowing trackers traffic in an Android device. We need to allow "Uncategorised" and "Essential" with some apps in order to use them ex : social apps.

The idea is capturing HTTPS traffic so we could see the collected data behind those apps. Some apps do not use trackers detected by TC, so TC is not able to block them, so we don't have any idea about the traffic and the data collected.

Feature: Capture HTTPS traffic and collected data

data collected with trackers allowed in TC

Scenario: show data traffic in "Trafic log" activity Given : the user start traffic log activity When : the user select a line in traffic log activity Then : the user see a menu with a line marked " see HTTPS data traffic"

data collected with trackers not detected with TC

Scenario: show data traffic activity ( screen ) Given : the user see the line "see HTTPS data traffic" When : the user touch the line "see HTTPS data traffic" Then :the user see the HTTPS traffic intercepting activity with params ( Method used, Body request)

mlsem avatar Jun 28 '21 15:06 mlsem

Thanks! I'd love to add this. The issue is that Android (since version 7) doesn't allow users to install root certificates anymore that would enable such interception. Also, many apps use certificate pinning and even installing root certificates isn't enough.

There's actually a (very old) version of TrackerControl that used to be able (theoretically) to intercept and decrypt HTTPS traffic: https://github.com/OxfordHCC/tracker-control-android/tree/AntMonitor

This is because it was based on AntMonitor, a library that embeds HTTPS decryption:

https://github.com/UCI-Networking-Group/AntMonitor

Recent versions of TrackerControl are based on NetGuard and don't have this (theoretical) ability anymore.

kasnder avatar Jun 28 '21 19:06 kasnder

Thanks @kasnder , actually I was sure about apps using certificate pinning, it will not be easy, or maybe not even possible, I have tow possible ideas :

  1. working on devices under Android 7 version
  2. Than we could start working on Android above Android 7

What do you think ?

mlsem avatar Jul 01 '21 15:07 mlsem

Almost no one uses Android below version 7, so we'd need a solution for 7+!

kasnder avatar Jul 02 '21 12:07 kasnder