Developer Forums relocated!
Need help with Apple Developer tools and technologies? Want to share information with other developers and Apple engineers? Visit Developer Forums at Apple.
Need help with Apple Developer tools and technologies? Want to share information with other developers and Apple engineers? Visit Developer Forums at Apple.
Since iOS 16 update I can't use traffic sniffers for my job
Charles, Proxy Man, Fiddler etc. It all doesn't work. I assume this is because the proxy settings for wi-fi are broken.
Is there any news when this will be fixed?
I have a discussion at GitHub and it is still open. Many people waiting for this fix. https://github.com/ProxymanApp/Proxyman/issues/1293
“Assume” is a perilous word when debugging apps.
Is this specific to interception efforts via MITM, or does a legitimate proxy server also (not) work?
Build up some data, and then dup the radar listed in your link.
Sunday4Me wrote:
You're right. It is a specific to interception efforts via MITM. Legitimate proxy works well.
It seems that I don't have an access to the link
What kind of data do you need?
You will want to confirm that this effort is not encountering the expected TLSv1.3 defenses against connection interception (see below for an intro), gather a concise reproducer, and send it all to the folks that work for Apple; log a radar, include the reproducer and related details, and reference the previous radar (11871219).
Related reading about intercepting TLSv1.3 connections:
https://docs.broadcom.com/doc/responsibly-intercepting-tls-and-the-impact-of-tls-1.3.en
MITM is intentionally getting progressively harder. I would expect connections are increasingly rejected when connection interception is detected, too.
mihaelhdz wrote:
Hello I have the same problem with Charles Proxy on iOS 16 when I set the proxy it didn't connect . Do it have some alternative for mobile apps debug like the mitm proxy for web app.
Client side: Instrument your client app’s network code to capture traffic without requiring TLS capture. Or configure your client to use TCP or QUIC or UDP without TLS or DTLS when built for network capture, and capture that.
Server side: Instrument your server to capture traffic, or create a testing server that can be selectively enabled to capture traffic.
Most any complex app should contain some form of integrated debugging support. This makes troubleshooting vastly easier.
The one caveat here is to make sure that an insecure network transport cannot be silently activated on a released, production version of the app, absent banner-level overt UI warnings or ilk; that somebody can’t downgrade your connections without your involvement. Kind of like MITM being blocked, in that regard.
The app is debug version where I can see the request just the problem is when I connect to Charles Proxy I didn't see any traffic from the device even the proxy settings are set to manual and the right proxy IP is in place.
mihaelhdz wrote:
The app is debug version where I can see the request just the problem is when I connect to Charles Proxy I didn't see any traffic from the device even the proxy settings are set to manual and the right proxy IP is in place.
TLS is increasingly allergic to connection interception, as it should be.
I’d expect to have to log my own app traffic, and would expect increasing difficulty logging other not-mine traffic.
Contact Apple Developer Support, open a TSI, and see whether they think MITM is still viable, and how. Or open a radar, dup 11871219, and see what response you get that way. (And let us know.)
You're right. It is a specific to interception efforts via MITM. Legitimate proxy works well.
It seems that I don't have an access to the link
What kind of data do you need?
Hello I have the same problem with Charles Proxy on iOS 16 when I set the proxy it didn't connect . Do it have some alternative for mobile apps debug like the mitm proxy for web app.
Proxy settings doesn't work at iOS 16.x
