# NETWORK TRAFFIC CAPTURE WITH MITMPROXY

## Setup

### 1. Install mitmproxy on your PC
```powershell
# Using pip
pip install mitmproxy

# Or download from https://mitmproxy.org/
```

### 2. Start mitmproxy
```powershell
# Start mitmproxy on port 8080
mitmproxy --listen-port 8080
```

### 3. Configure Android emulator to use proxy
```powershell
# Set proxy on emulator
adb shell settings put global http_proxy 192.168.1.100:8080

# Replace 192.168.1.100 with your PC's IP address
# To find your PC's IP: ipconfig (look for IPv4 Address)
```

### 4. Install mitmproxy CA certificate on emulator

**Option A - Quick install:**
```powershell
# Download cert from mitmproxy
curl http://mitm.it/cert/pem -o mitmproxy-ca-cert.pem

# Install on emulator
adb push mitmproxy-ca-cert.pem /sdcard/
adb shell "su -c 'cp /sdcard/mitmproxy-ca-cert.pem /system/etc/security/cacerts/'"
```

**Option B - Manual install:**
1. Start mitmproxy: `mitmproxy`
2. On emulator, open browser and go to: `http://mitm.it`
3. Download "Android" certificate
4. Settings > Security > Install from storage > Select certificate
5. Name it "mitmproxy" and tap OK

### 5. Launch Canada Post app with bypass
```powershell
frida -U -f com.canadapost.android -l frida_simple_bypass.js
```

## What You'll See

mitmproxy will show ALL HTTP/HTTPS traffic:
- Full URLs
- Request/Response headers
- Request/Response bodies
- Status codes

### Key Traffic to Look For:
- `api.canadapost.ca` - Main API endpoints
- `sso.canadapost.ca` - Authentication
- `/track/` - Package tracking
- Authorization headers with Bearer tokens

## Useful mitmproxy Commands

- `q` - Quit
- `Enter` - View request/response details
- `d` - Delete flow
- `z` - Clear all flows
- `f` - Filter flows (e.g., `~d canadapost.ca`)

## Filtering Out Noise

To only see Canada Post API calls:
```powershell
mitmproxy --listen-port 8080 --set flow_detail=1 "~d canadapost.ca"
```

To save all traffic to a file:
```powershell
mitmdump -w canadapost_traffic.mitm --listen-port 8080
```

Then view later:
```powershell
mitmproxy -r canadapost_traffic.mitm
```

## If SSL Pinning Blocks Traffic

The Frida script already disables SSL pinning, but if you still see errors:

1. Make sure `frida_simple_bypass.js` is loaded (SSL bypass hooks)
2. Check mitmproxy shows the traffic (even if app shows errors)
3. The SSL bypass should allow mitmproxy to see everything

## Alternative: Use Burp Suite

If you prefer a GUI:
1. Download Burp Suite Community: https://portswigger.net/burp/communitydownload
2. Proxy > Options > Add listener on port 8080
3. Export CA cert and install on emulator
4. Set emulator proxy to your PC:8080

## Quick Test

```powershell
# 1. Start mitmproxy
mitmproxy --listen-port 8080

# 2. Set proxy (replace with your PC's IP)
adb shell settings put global http_proxy 192.168.1.100:8080

# 3. Start app with bypass
frida -U -f com.canadapost.android -l frida_simple_bypass.js

# 4. Track a package in the app
# 5. Watch mitmproxy console for API calls!
```

## Remove Proxy When Done

```powershell
adb shell settings put global http_proxy :0
```