Man-in-the-Middle incident
Requirement
Download and install MITM proxy
Download the certificate from MITM
How to trigger incident
Step 1: Run the mitmdump on the testing PC
Download and install MITM proxy
Run mitmdump and the testing pc
Step 2: Insert the IP address and the port number on the test device
Long press wifi icon>Click settings on the currently connected wifi>Advanced>Chanage proxy to manual>Add the IP address and port number of the testing PC on the test device.
Wait for the test device to appear on the PC.
Step 3: Trust SSL certificate
Go to the MITM website and click on the certificate for your device
Install on your device and give a name to the certificate
By installing the certificate from the MITM website you trust the SSL certificate on your device.
Step 4: Search on your device
Open a browser on the test device and search for any website.
How to remediate the incident
Option 1: Disable the proxy
Follow the steps below to disable the proxy on the test device.
Long press wifi icon>Click settings on the currently connected wifi>Advanced>Chanage proxy to 'None'
Option 2: Uninstall the certificate
Follow the steps below to uninstall the certificate on the test device.
Go to settings>Security>User certificate>Select the certificate you installed and uninstall it.
Last updated