You know how it is - you're developing an app that uses an API out on the Internet. You're sitting on your development machine that uses wired ethernet. Your phone is connected to a wi-fi access point which is on a different network to your development machine and you need to inspect the HTTP requests that you're making. What to do?

Start off by running up your proxy of choice on your development machine, for example mitmproxy (free) or Charles (shareware) and get it up and running.

Then, from the command line, run the following:

adb reverse tcp:7777 tcp:8080

This sets up a reverse port forward on your phone, tablet, emulator, development device of choice, etc. Any request sent to port 7777 on your phone is forwarded over the USB cable to port 8080 of your development machine.

The 7777 is the port number on your phone that you want to use. You can use any number you like as long as

  • it's anything from 1024 to 65536
  • it's not already in use by another app

If you get the response "error: cannot bind to socket" try a different number.

The 8080 is the port that your proxy server uses on your development machine. By default mitmproxy uses port 8080 and Charles uses port 8888.

Then the final step is to modify your wi-fi network settings on your phone to use the it. Go to the network settings of your phone and modify them. Tap on the advanced options and change the proxy type to Manual, set the proxy hostname to localhost and the proxy port to 7777.

Once you have saved them your proxy server should spring into life, capturing the traffic that your phone is sending out to the big, bad Internet.

To clean up firstly set the proxy in your wi-fi settings back to None, then run

adb reverse remove tcp:7777

You can also do

adb reverse --remove-all

if you want to remove all the reverse port forwards settings you have. There is a command to list all the reverse ports but whenever I try

adb reverse --list

I get a protocol fault error. Ho hum.

An important thing to note is that this doesn't proxy all traffic so only works for HTTP and HTTPS requests. Capturing HTTPS traffic is more involved as you will have to install a certificate on your phone to allow your proxy to intercept and decrypt the requests. Details on how to do this are specific to the proxy software you are using and beyond the scope of this article.

Darren @ Æ


comments powered by Disqus