Man-in-the-Middle incident

Requirement
Download and install MITM proxy​
Download the certificate from MITM​
How to trigger incident
Step 1: Run the mitmdump on the testing PC
1.Download and install MITM proxy​
2.Run mitmdump and the testing pc
Step 2: Insert the IP address and the port number on the test device
Long press wifi icon>Click settings on the currently connected wifi>Advanced>Chanage proxy to manual>Add the IP address and port number of the testing PC on the test device.
Wait for the test device to appear on the PC.
Step 3: Trust SSL certificate
1.Go to the MITM website and click on the certificate for your device
2.Install on your device and give a name to the certificate
By installing the certificate from the MITM website you trust the SSL certificate on your device.
Step 4: Search on your device
Open a browser on the test device and search for any website. 
How to remediate the incident
Option 1: Disable the proxy
Follow the steps below to disable the proxy on the test device.
Long press wifi icon>Click settings on the currently connected wifi>Advanced>Chanage proxy to 'None'
Option 2: Uninstall the certificate
Follow the steps below to uninstall the certificate on the test device.
Go to settings>Security>User certificate>Select the certificate you installed and uninstall it.
​

Last modified 2yr ago