Raphael/SCHALE.GameServer
Raphael
/
SCHALE.GameServer
2
4
Fork 2
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update Mitrproxy solution #2

Merged
Raphael merged 6 commits from wangeyun/SCHALE.GameServer:master into master 2025-01-01 06:10:57 +00:00
Conversation 0 Commits 6 Files Changed 4 +132 -132
1 changed files with 132 additions and 132 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 0fdb4fee49 - Show all commits

264
Mitmproxy_Readme_EN.md
View File

@ -1,132 +1,132 @@
## Mitmproxy Usage Guide ## Mitmproxy Usage Guide
(By 北野樱奈) (By 北野樱奈)
## Prerequisites ## Prerequisites
- 1. [Download mitmproxy](https://mitmproxy.org/) and install it. 1. [Download mitmproxy](https://mitmproxy.org/) and install it.
- 2. Basic knowledge of WireGuard and Python scripting. 2. Basic knowledge of WireGuard and Python scripting.
- 3. A client device (e.g., Android emulator or smartphone) and a host machine running `mitmproxy`. 3. A client device (e.g., Android emulator or smartphone) and a host machine running `mitmproxy`.
### Installation Steps ### Installation Steps
- **Linux/Mac** - **Linux/Mac**
```markdown ```markdown
# Ubuntu/Debian # Ubuntu/Debian
sudo apt update sudo apt update
sudo apt install mitmproxy sudo apt install mitmproxy
# macOS # macOS
brew install mitmproxy brew install mitmproxy
``` ```
- **Windows**: Download the `.exe` installer from [mitmproxy.org](https://mitmproxy.org/) and follow the instructions to complete the installation. - **Windows**: Download the `.exe` installer from [mitmproxy.org](https://mitmproxy.org/) and follow the instructions to complete the installation.
### Verify Installation ### Verify Installation
Run the following command to verify the installation: Run the following command to verify the installation:
```bash ```bash
mitmproxy --version mitmproxy --version
``` ```
--- ---
## Step 2: Install CA Certificates on Client and Server ## Step 2: Install CA Certificates on Client and Server
To decrypt HTTPS traffic, the client needs to trust the `mitmproxy` CA certificate. To decrypt HTTPS traffic, the client needs to trust the `mitmproxy` CA certificate.
### Steps ### Steps
- 1. Start `mitmproxy` to generate the certificate: - 1. Start `mitmproxy` to generate the certificate:
```bash ```bash
mitmdump mitmdump
``` ```
- 2. On the PC, navigate to `C:\Users\YourUser\.mitmproxy` to locate the certificate file (mitmproxy-ca.p12). - 2. On the PC, navigate to `C:\Users\YourUser\.mitmproxy` to locate the certificate file (mitmproxy-ca.p12).
- 3. In the `mitmproxy` directory, locate `mitmproxy-ca-cert.crt`. - 3. In the `mitmproxy` directory, locate `mitmproxy-ca-cert.crt`.
- 4. Rename `mitmproxy-ca-cert.crt` to `c8750f0d.0`. - 4. Rename `mitmproxy-ca-cert.crt` to `c8750f0d.0`.
- 5. Install the certificate as a system CA. - 5. Install the certificate as a system CA.
--- ---
### For Android Devices ### For Android Devices
- 1. Move the certificate to the system CA directory: 1. Move the certificate to the system CA directory:
```bash ```bash
adb root adb root
adb remount adb remount
adb shell mv /sdcard/c8750f0d.0 /system/etc/security/cacerts/ adb shell mv /sdcard/c8750f0d.0 /system/etc/security/cacerts/
``` ```
- 2. Set the correct permissions: 2. Set the correct permissions:
```bash ```bash
adb shell chmod 644 /system/etc/security/cacerts/c8750f0d.0 adb shell chmod 644 /system/etc/security/cacerts/c8750f0d.0
``` ```
- 3. Reboot the device: 3. Reboot the device:
```bash ```bash
adb reboot adb reboot
``` ```
--- ---
## Step 3: Download the Redirect Script ## Step 3: Download the Redirect Script
Download the script from the repository. Download the script from the repository.
### Note: **Make sure to modify the IP address in `redirect_server.py`.** ### Note: **Make sure to modify the IP address in `redirect_server.py`.**
```python ```python
import gzip import gzip
import json import json
from mitmproxy import http from mitmproxy import http
SERVER_HOST = 'Replace this with your IP' SERVER_HOST = 'Replace this with your IP'
SERVER_PORT = 80 SERVER_PORT = 80
REWRITE_HOST_LIST = [ REWRITE_HOST_LIST = [
'ba-jp-sdk.bluearchive.jp', 'ba-jp-sdk.bluearchive.jp',
'prod-gateway.bluearchiveyostar.com', 'prod-gateway.bluearchiveyostar.com',
'prod-game.bluearchiveyostar.com', 'prod-game.bluearchiveyostar.com',
# 'prod-notice.bluearchiveyostar.com', # 'prod-notice.bluearchiveyostar.com',
# 'prod-logcollector.bluearchiveyostar.com', # 'prod-logcollector.bluearchiveyostar.com',
] ]
``` ```
--- ---
## Step 4: Launch mitmproxy and Load the Script ## Step 4: Launch mitmproxy and Load the Script
Run the following command to start `mitmproxy` with the redirect script: Run the following command to start `mitmproxy` with the redirect script:
```bash ```bash
mitmweb -m wireguard --no-http2 -s redirect_server.py --set termlog_verbosity=warn mitmweb -m wireguard --no-http2 -s redirect_server.py --set termlog_verbosity=warn
``` ```
### Parameter Explanation: ### Parameter Explanation:
- `-m wireguard`: Use WireGuard as the network layer. - `-m wireguard`: Use WireGuard as the network layer.
- `--no-http2`: Disable HTTP/2 to improve compatibility. - `--no-http2`: Disable HTTP/2 to improve compatibility.
- `-s redirect_server.py`: Load the redirect script. - `-s redirect_server.py`: Load the redirect script.
- `--set termlog_verbosity=warn`: Set log level to warnings only. - `--set termlog_verbosity=warn`: Set log level to warnings only.
You can monitor traffic through the `mitmweb` interface at `http://localhost:8081`. You can monitor traffic through the `mitmweb` interface at `http://localhost:8081`.
--- ---
## Step 5: Install and Configure WireGuard ## Step 5: Install and Configure WireGuard
Use WireGuard to route client traffic to `mitmproxy`. Use WireGuard to route client traffic to `mitmproxy`.
### Installation Steps ### Installation Steps
- **Android**: [Download WireGuard](https://play.google.com/store/apps/details?id=com.wireguard.android). - **Android**: [Download WireGuard](https://play.google.com/store/apps/details?id=com.wireguard.android).
- **Other Platforms**: Refer to the [official WireGuard installation guide](https://www.wireguard.com/install/). - **Other Platforms**: Refer to the [official WireGuard installation guide](https://www.wireguard.com/install/).
### Configuration Steps ### Configuration Steps
- 1. Open the WireGuard client, click the `+` button in the bottom left corner, and select **Scan QR Code**. 1. Open the WireGuard client, click the `+` button in the bottom left corner, and select **Scan QR Code**.
- 2. The emulator will display a scanner window. Select **Real-time Screenshot**. 2. The emulator will display a scanner window. Select **Real-time Screenshot**.
- 3. Position the screenshot over the QR code in the Mitmproxy browser page (accessible via settings). 3. Position the screenshot over the QR code in the Mitmproxy browser page (accessible via settings).
- 4. Enable the configuration. 4. Enable the configuration.
--- ---
## Troubleshooting ## Troubleshooting
### Error: Client TLS handshake failed. The client does not trust the proxy's certificate for yostar-oversea-netsdk-logging.ap-southeast-1.log.aliyuncs.com (OpenSSL Error([('SSL routines', '', 'ssl/tls alert certificate unknown')])) ### Error: Client TLS handshake failed. The client does not trust the proxy's certificate for yostar-oversea-netsdk-logging.ap-southeast-1.log.aliyuncs.com (OpenSSL Error([('SSL routines', '', 'ssl/tls alert certificate unknown')]))
- Ensure that both the PC and client have the same Mitmproxy certificate installed. - Ensure that both the PC and client have the same Mitmproxy certificate installed.
- Verify that the Mitmproxy certificate is properly installed on both ends. - Verify that the Mitmproxy certificate is properly installed on both ends.
### Android Certificate Disappears After Installation ### Android Certificate Disappears After Installation
- Use the MT Manager to grant SU (superuser) permissions. - Use the MT Manager to grant SU (superuser) permissions.
- Navigate to `/system/etc/security/cacerts/`. - Navigate to `/system/etc/security/cacerts/`.
- Locate `c8750f0d.0` and set the permissions to 664. The user group should be set to root. - Locate `c8750f0d.0` and set the permissions to 664. The user group should be set to root.
--- ---