Raphael/SCHALE.GameServer
Raphael
/
SCHALE.GameServer
2
4
Fork 2
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update Mitrproxy solution (#2) 

Update Mitrproxy solution

Reviewed-on: #2
Co-authored-by: 挽歌歌吖 <wangeyun@outlook.com>
Co-committed-by: 挽歌歌吖 <wangeyun@outlook.com>
This commit is contained in:
挽歌歌吖 2025-01-01 06:10:56 +00:00 committed by Raphael
parent 40846cca3c
commit 8a1a7b811c
4 changed files with 265 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

132
Mitmproxy_Readme_EN.md Normal file
View File

@ -0,0 +1,132 @@
## Mitmproxy Usage Guide
(By 北野樱奈)
## Prerequisites
1. [Download mitmproxy](https://mitmproxy.org/) and install it.
2. Basic knowledge of WireGuard and Python scripting.
3. A client device (e.g., Android emulator or smartphone) and a host machine running `mitmproxy`.
### Installation Steps
- **Linux/Mac**
```markdown
# Ubuntu/Debian
sudo apt update
sudo apt install mitmproxy
# macOS
brew install mitmproxy
```
- **Windows**: Download the `.exe` installer from [mitmproxy.org](https://mitmproxy.org/) and follow the instructions to complete the installation.
### Verify Installation
Run the following command to verify the installation:
```bash
mitmproxy --version
```
---
## Step 2: Install CA Certificates on Client and Server
To decrypt HTTPS traffic, the client needs to trust the `mitmproxy` CA certificate.
### Steps
1. Start `mitmproxy` to generate the certificate:
```bash
mitmdump
```
2. On the PC, navigate to `C:\Users\YourUser\.mitmproxy` to locate the certificate file (mitmproxy-ca.p12).
3. In the `mitmproxy` directory, locate `mitmproxy-ca-cert.crt`.
4. Rename `mitmproxy-ca-cert.crt` to `c8750f0d.0`.
5. Install the certificate as a system CA.
---
### For Android Devices
1. Move the certificate to the system CA directory:
```bash
adb root
adb remount
adb shell mv /sdcard/c8750f0d.0 /system/etc/security/cacerts/
```
2. Set the correct permissions:
```bash
adb shell chmod 644 /system/etc/security/cacerts/c8750f0d.0
```
3. Reboot the device:
```bash
adb reboot
```
---
## Step 3: Download the Redirect Script
Download the script from the repository.
### Note: **Make sure to modify the IP address in `redirect_server.py`.**
```python
import gzip
import json
from mitmproxy import http
SERVER_HOST = 'Replace this with your IP'
SERVER_PORT = 80
REWRITE_HOST_LIST = [
'ba-jp-sdk.bluearchive.jp',
'prod-gateway.bluearchiveyostar.com',
'prod-game.bluearchiveyostar.com',
# 'prod-notice.bluearchiveyostar.com',
# 'prod-logcollector.bluearchiveyostar.com',
]
```
---
## Step 4: Launch mitmproxy and Load the Script
Run the following command to start `mitmproxy` with the redirect script:
```bash
mitmweb -m wireguard --no-http2 -s redirect_server.py --set termlog_verbosity=warn --ignore Your IP
```
### Parameter Explanation:
- `-m wireguard`: Use WireGuard as the network layer.
- `--no-http2`: Disable HTTP/2 to improve compatibility.
- `-s redirect_server.py`: Load the redirect script.
- `--set termlog_verbosity=warn`: Set log level to warnings only.
You can monitor traffic through the `mitmweb` interface at `http://localhost:8081`.
---
## Step 5: Install and Configure WireGuard
Use WireGuard to route client traffic to `mitmproxy`.
### Installation Steps
- **Android**: [Download WireGuard](https://play.google.com/store/apps/details?id=com.wireguard.android).
- **Other Platforms**: Refer to the [official WireGuard installation guide](https://www.wireguard.com/install/).
### Configuration Steps
1. Open the WireGuard client, click the `+` button in the bottom left corner, and select **Scan QR Code**.
2. The emulator will display a scanner window. Select **Real-time Screenshot**.
3. Position the screenshot over the QR code in the Mitmproxy browser page (accessible via settings).
4. Enable the configuration.
---
## Troubleshooting
### Error: Client TLS handshake failed. The client does not trust the proxy's certificate for yostar-oversea-netsdk-logging.ap-southeast-1.log.aliyuncs.com (OpenSSL Error([('SSL routines', '', 'ssl/tls alert certificate unknown')]))
- Ensure that both the PC and client have the same Mitmproxy certificate installed.
- Verify that the Mitmproxy certificate is properly installed on both ends.
### Android Certificate Disappears After Installation
- Use the MT Manager to grant SU (superuser) permissions.
- Navigate to `/system/etc/security/cacerts/`.
- Locate `c8750f0d.0` and set the permissions to 664. The user group should be set to root.
---

129
Mitmproxy_Readme_ZH.md Normal file
View File

@ -0,0 +1,129 @@
## Mitmproxy方案使用教程
By 北野樱奈)
## 前置要求
1. [下载 mitmproxy](https://mitmproxy.org/) 并安装。
2. 具备 WireGuard 和 Python 脚本的基本知识。
3. 一台客户端设备(例如 Android 模拟器或手机)以及运行 `mitmproxy` 的主机。
### 安装步骤
- Linux/Mac
```markdown
# Ubuntu/Debian
sudo apt update
sudo apt install mitmproxy
# macOS
brew install mitmproxy
```
- **Windows**: 从 [mitmproxy.org](https://mitmproxy.org/) 下载 `.exe` 安装程序,并按说明完成安装。
### 验证安装
运行以下命令验证安装是否成功:
```bash
mitmproxy --version
```
---
## 第二步:在客户端以及服务端安装 CA 证书
为了解密 HTTPS 流量,客户端需要信任 `mitmproxy` 的 CA 证书。
### 操作步骤
1. 启动 `mitmproxy`生成证书:
```bash
mitmdump
```
2. 在电脑端的C:\Users\用户\ .mitmproxy安装电脑证书mitmproxy-ca.p12
3. mitmproxy的目录下会有mitmproxy-ca-cert.crt
4. 将 mitmproxy-ca-cert.crt 重命名为 c8750f0d.0
5. 将证书安装为系统 CA
---
1. 将证书移动到系统 CA 目录:
```bash
adb root
adb remount
adb shell mv /sdcard/c8750f0d.0 /system/etc/security/cacerts/
```
2. 设置正确的权限:
```bash
adb shell chmod 644 /system/etc/security/cacerts/c8750f0d.0
```
3. 重启设备:
```bash
adb reboot
```
---
---
## 第三步:下载重定向脚本
可以从仓库下载脚本
### 注意:`请一定要修改redirect_server.py内的IP地址`
```python
import gzip
import json
from mitmproxy import http
SERVER_HOST = '修改这里'
SERVER_PORT = 80
REWRITE_HOST_LIST = [
'ba-jp-sdk.bluearchive.jp',
'prod-gateway.bluearchiveyostar.com',
'prod-game.bluearchiveyostar.com',
# 'prod-notice.bluearchiveyostar.com',
# 'prod-logcollector.bluearchiveyostar.com',
]
```
---
## 第四步:启动 mitmproxy 并加载脚本
运行以下命令以使用重定向脚本启动 `mitmproxy`
```bash
mitmweb -m wireguard --no-http2 -s redirect_server.py --set termlog_verbosity=warn --ignore 这里输入你的IP地址
```
### 参数说明:
- `-m wireguard`: 使用 WireGuard 作为网络层。
- `--no-http2`: 禁用 HTTP/2 以提高兼容性。
- `-s redirect_server.py`: 加载重定向脚本。
- `--set termlog_verbosity=warn`: 设置日志级别为警告。
你可以通过 `http://localhost:8081` 访问 `mitmweb` 界面监控流量。
---
## 第五步:安装并配置 WireGuard
使用 WireGuard 将客户端流量路由到 `mitmproxy`
### 安装步骤
- **Android**: [下载 WireGuard](https://play.google.com/store/apps/details?id=com.wireguard.android)。
- **其他平台**: 参考 [WireGuard 官方安装指南](https://www.wireguard.com/install/)。
### 配置步骤
1. 打开 WireGuard 客户端,点击左下角+号,选择扫描二维码
2. 选择后模拟器会弹出扫一扫窗口,选择实时截屏
3. 选择截屏后会有获取图像窗口移动到Mitmproxy浏览器页面上的二维码没有的话在设置里面
4. 启用该配置。
---
## 故障排查
### Client TLS handshake failed. The client does not trust the proxy's certificate for yostar-oversea-netsdk-logging.ap-southeast-1.log.aliyuncs.com (OpenSSL Error([('SSL routines', '', 'ssl/tls alert certificate unknown')]))
- 确保电脑端以及客户端证书为内容一样的
- 确保双端安装了Mitmproxy证书
### 安卓端安装后证书消失?
- 可以使用MT管理器授予SU权限
- 然后前往/system/etc/security/cacerts/
- 找到 c8750f0d.0 给予 664 权限。用户组为 root
---

2
README.md
View File

@ -1,7 +1,7 @@
# SCHALE.GameServer
### [中文教程](README_zh.md) (by shunner114514)
### [Mitmproxy Solution](Mitmproxy_Readme_EN.md) (by KitanoSakura)
## Prerequisites
- Some computer knowledge

3
README_zh.md
View File

@ -1,5 +1,8 @@
# SCHALE.GameServer
**本文基于[https://github.com/rafi1212122/SCHALE.GameServer](https://github.com/rafi1212122/SCHALE.GameServer)及个人操作经验编写资源配置文件请到以上链接获取若有任何疑问请到Discord社群询问**
### [Mitmproxy方案使用教程](Mitmproxy_Readme_ZH.md) (by 北野樱奈)
## 安装准备阶段
### 1.安装[SQL Server Express 2022](https://go.microsoft.com/fwlink/p/?linkid=2216019&clcid=0x804&culture=zh-cn&country=cn)
* 打开你下载的安装程序