1

From the official description:

HTTP Catcher is a web debugging proxy. It can be used to intercept, inspect, modify and replay web traffic.

Can someone explain to me how HTTP Catcher manages to do this? I have seen logs (sent to me by a colleague) where it seems that HTTP Catcher can show SSL traffic in clear for traffic from a separate application (which we are developing).

Shouldn't this be impossible for a separate application? Did we misconfigure something?

Note, it seems no certificate was added for HTTP Catcher in to the local store (that would explain how it is able to MITM without the app complaining about it).

(Regretfully I cannot share the screenshots, as they contain sensitive information.)

fgysin
  • 715
  • 1
  • 9
  • 13
  • HTTP catcher is doing MITM like many similar products. – Steffen Ullrich Jan 13 '20 at 14:56
  • @SteffenUllrich, sure, but shouldn't the app whose traffic is intercepted fail during the SSL handshake due to the untrusted certificate? Notably, the question you linked is solved by manually adding some certificate of an intercepting MITM proxy, which the above situation explicitly *doesn't* do. – fgysin Jan 16 '20 at 07:04
  • Have you checked that installing the app did not add new CA to the trust store? – Steffen Ullrich Jan 16 '20 at 07:58

0 Answers0