A Bash script modifies app networks configurations and makes any apk MITM-ready.
Usage:
./apkmitm.sh <apk>
Options:
<apk> target apk file
--help display this help message
Since Android 7 (API level 24), secure connections from apps won't trust user-added CA store by default. It means, in many cases, simply adding proxy CA on the device won't be enough to intercept HTTPS requests from proxy tool. In addition, some network security configurations are required to be added in app source code, in order to enable the trust of user-added proxy CA store. This script automates the process to add these additional network configurations and then recompile target apk, ready for MITM.
-
Decompile target apk with apktool
-
Add
res/xml/network_security_config
, which enables app trusts user-added CA -
Modify
AndroidManifest.xml
to apply network configurations fromres/xml/network_security_config.xml
, also addandroid:debuggable="true"
-
Build apk with the changes above
-
Generate a new keystore
-
Sign apk with self-signed keystore