Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Set up mitmproxy to capture API #1

Open
coolaj86 opened this issue Mar 7, 2021 · 2 comments
Open

Set up mitmproxy to capture API #1

coolaj86 opened this issue Mar 7, 2021 · 2 comments

Comments

@coolaj86
Copy link
Member

coolaj86 commented Mar 7, 2021

The terrible thing about the church website is that it doesn't even use its own API most of the time.

And the JSON that's embedded in the HTML is in the most obtuse format (probably to mirror the HTML), often missing IDs and such.

If we use an MITM proxy we can watch an iPhone communicate with the API. If we get lucky, maybe we can even learn about a simpler, more secure, token-based system rather than relying on cookies for authentication.

https://medium.com/testvagrant/intercept-ios-android-network-calls-using-mitmproxy-4d3c94831f62
@minecraftchest1
Copy link

I started working on this. I found about this project yesterday, and I was going to do this anyway. I am waiting for Gospel Library to finish updating, then I can share my log from mitmproxy. I have already found some interesting stuff.

@minecraftchest1
Copy link

I have a mitmproxy flow from my Gospel Library. https://cloudflare-ipfs.com/ipfs/QmNcUJjUhDLAjvmQXSv9CDTVXco5175mUDw1JoZMh95Gnb

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@coolaj86 @minecraftchest1