diff --git a/Mitmproxy_Readme_EN.md b/Mitmproxy_Readme_EN.md index 1a99539..2bd6e63 100644 --- a/Mitmproxy_Readme_EN.md +++ b/Mitmproxy_Readme_EN.md @@ -1,132 +1,132 @@ -## Mitmproxy Usage Guide -(By 北野樱奈) - -## Prerequisites -- 1. [Download mitmproxy](https://mitmproxy.org/) and install it. -- 2. Basic knowledge of WireGuard and Python scripting. -- 3. A client device (e.g., Android emulator or smartphone) and a host machine running `mitmproxy`. - -### Installation Steps -- **Linux/Mac** -```markdown -# Ubuntu/Debian - -sudo apt update -sudo apt install mitmproxy - -# macOS -brew install mitmproxy -``` -- **Windows**: Download the `.exe` installer from [mitmproxy.org](https://mitmproxy.org/) and follow the instructions to complete the installation. - -### Verify Installation -Run the following command to verify the installation: -```bash -mitmproxy --version -``` - ---- - -## Step 2: Install CA Certificates on Client and Server - -To decrypt HTTPS traffic, the client needs to trust the `mitmproxy` CA certificate. - -### Steps -- 1. Start `mitmproxy` to generate the certificate: - ```bash - mitmdump - ``` -- 2. On the PC, navigate to `C:\Users\YourUser\.mitmproxy` to locate the certificate file (mitmproxy-ca.p12). -- 3. In the `mitmproxy` directory, locate `mitmproxy-ca-cert.crt`. -- 4. Rename `mitmproxy-ca-cert.crt` to `c8750f0d.0`. -- 5. Install the certificate as a system CA. - ---- - -### For Android Devices -- 1. Move the certificate to the system CA directory: - ```bash - adb root - adb remount - adb shell mv /sdcard/c8750f0d.0 /system/etc/security/cacerts/ - ``` -- 2. Set the correct permissions: - ```bash - adb shell chmod 644 /system/etc/security/cacerts/c8750f0d.0 - ``` -- 3. Reboot the device: - ```bash - adb reboot - ``` - ---- - -## Step 3: Download the Redirect Script - -Download the script from the repository. - -### Note: **Make sure to modify the IP address in `redirect_server.py`.** -```python -import gzip -import json -from mitmproxy import http - -SERVER_HOST = 'Replace this with your IP' -SERVER_PORT = 80 - -REWRITE_HOST_LIST = [ - 'ba-jp-sdk.bluearchive.jp', - 'prod-gateway.bluearchiveyostar.com', - 'prod-game.bluearchiveyostar.com', - # 'prod-notice.bluearchiveyostar.com', - # 'prod-logcollector.bluearchiveyostar.com', -] -``` - ---- - -## Step 4: Launch mitmproxy and Load the Script - -Run the following command to start `mitmproxy` with the redirect script: -```bash -mitmweb -m wireguard --no-http2 -s redirect_server.py --set termlog_verbosity=warn -``` - -### Parameter Explanation: -- `-m wireguard`: Use WireGuard as the network layer. -- `--no-http2`: Disable HTTP/2 to improve compatibility. -- `-s redirect_server.py`: Load the redirect script. -- `--set termlog_verbosity=warn`: Set log level to warnings only. - -You can monitor traffic through the `mitmweb` interface at `http://localhost:8081`. - ---- - -## Step 5: Install and Configure WireGuard - -Use WireGuard to route client traffic to `mitmproxy`. - -### Installation Steps -- **Android**: [Download WireGuard](https://play.google.com/store/apps/details?id=com.wireguard.android). -- **Other Platforms**: Refer to the [official WireGuard installation guide](https://www.wireguard.com/install/). - -### Configuration Steps -- 1. Open the WireGuard client, click the `+` button in the bottom left corner, and select **Scan QR Code**. -- 2. The emulator will display a scanner window. Select **Real-time Screenshot**. -- 3. Position the screenshot over the QR code in the Mitmproxy browser page (accessible via settings). -- 4. Enable the configuration. - ---- - -## Troubleshooting - -### Error: Client TLS handshake failed. The client does not trust the proxy's certificate for yostar-oversea-netsdk-logging.ap-southeast-1.log.aliyuncs.com (OpenSSL Error([('SSL routines', '', 'ssl/tls alert certificate unknown')])) -- Ensure that both the PC and client have the same Mitmproxy certificate installed. -- Verify that the Mitmproxy certificate is properly installed on both ends. - -### Android Certificate Disappears After Installation -- Use the MT Manager to grant SU (superuser) permissions. -- Navigate to `/system/etc/security/cacerts/`. -- Locate `c8750f0d.0` and set the permissions to 664. The user group should be set to root. - ---- +## Mitmproxy Usage Guide +(By 北野樱奈) + +## Prerequisites + 1. [Download mitmproxy](https://mitmproxy.org/) and install it. + 2. Basic knowledge of WireGuard and Python scripting. + 3. A client device (e.g., Android emulator or smartphone) and a host machine running `mitmproxy`. + +### Installation Steps +- **Linux/Mac** +```markdown +# Ubuntu/Debian + +sudo apt update +sudo apt install mitmproxy + +# macOS +brew install mitmproxy +``` +- **Windows**: Download the `.exe` installer from [mitmproxy.org](https://mitmproxy.org/) and follow the instructions to complete the installation. + +### Verify Installation +Run the following command to verify the installation: +```bash +mitmproxy --version +``` + +--- + +## Step 2: Install CA Certificates on Client and Server + +To decrypt HTTPS traffic, the client needs to trust the `mitmproxy` CA certificate. + +### Steps +- 1. Start `mitmproxy` to generate the certificate: + ```bash + mitmdump + ``` +- 2. On the PC, navigate to `C:\Users\YourUser\.mitmproxy` to locate the certificate file (mitmproxy-ca.p12). +- 3. In the `mitmproxy` directory, locate `mitmproxy-ca-cert.crt`. +- 4. Rename `mitmproxy-ca-cert.crt` to `c8750f0d.0`. +- 5. Install the certificate as a system CA. + +--- + +### For Android Devices + 1. Move the certificate to the system CA directory: + ```bash + adb root + adb remount + adb shell mv /sdcard/c8750f0d.0 /system/etc/security/cacerts/ + ``` + 2. Set the correct permissions: + ```bash + adb shell chmod 644 /system/etc/security/cacerts/c8750f0d.0 + ``` + 3. Reboot the device: + ```bash + adb reboot + ``` + +--- + +## Step 3: Download the Redirect Script + +Download the script from the repository. + +### Note: **Make sure to modify the IP address in `redirect_server.py`.** +```python +import gzip +import json +from mitmproxy import http + +SERVER_HOST = 'Replace this with your IP' +SERVER_PORT = 80 + +REWRITE_HOST_LIST = [ + 'ba-jp-sdk.bluearchive.jp', + 'prod-gateway.bluearchiveyostar.com', + 'prod-game.bluearchiveyostar.com', + # 'prod-notice.bluearchiveyostar.com', + # 'prod-logcollector.bluearchiveyostar.com', +] +``` + +--- + +## Step 4: Launch mitmproxy and Load the Script + +Run the following command to start `mitmproxy` with the redirect script: +```bash +mitmweb -m wireguard --no-http2 -s redirect_server.py --set termlog_verbosity=warn +``` + +### Parameter Explanation: +- `-m wireguard`: Use WireGuard as the network layer. +- `--no-http2`: Disable HTTP/2 to improve compatibility. +- `-s redirect_server.py`: Load the redirect script. +- `--set termlog_verbosity=warn`: Set log level to warnings only. + +You can monitor traffic through the `mitmweb` interface at `http://localhost:8081`. + +--- + +## Step 5: Install and Configure WireGuard + +Use WireGuard to route client traffic to `mitmproxy`. + +### Installation Steps +- **Android**: [Download WireGuard](https://play.google.com/store/apps/details?id=com.wireguard.android). +- **Other Platforms**: Refer to the [official WireGuard installation guide](https://www.wireguard.com/install/). + +### Configuration Steps + 1. Open the WireGuard client, click the `+` button in the bottom left corner, and select **Scan QR Code**. + 2. The emulator will display a scanner window. Select **Real-time Screenshot**. + 3. Position the screenshot over the QR code in the Mitmproxy browser page (accessible via settings). + 4. Enable the configuration. + +--- + +## Troubleshooting + +### Error: Client TLS handshake failed. The client does not trust the proxy's certificate for yostar-oversea-netsdk-logging.ap-southeast-1.log.aliyuncs.com (OpenSSL Error([('SSL routines', '', 'ssl/tls alert certificate unknown')])) +- Ensure that both the PC and client have the same Mitmproxy certificate installed. +- Verify that the Mitmproxy certificate is properly installed on both ends. + +### Android Certificate Disappears After Installation +- Use the MT Manager to grant SU (superuser) permissions. +- Navigate to `/system/etc/security/cacerts/`. +- Locate `c8750f0d.0` and set the permissions to 664. The user group should be set to root. + +---