How to view network traffic of an Android APK

We are going to use mitmproxy to view network traffic for an APK.

For this you'll need to install the Android SDK, Docker and OpenSSL (which I found a binary from here).

Open the Emulator with a writable system image, making sure to pick an image using Noughet 8 (given newer images make it difficult to install a System CA).

.\emulator.exe -avd Pixel_3_XL_API_26 -writable-system

Download the APK from a site such as this, and then install the target App to the emulator.

.\adb.exe install -r "C:\Users\user\Downloads\target.apk"

Start the proxy in socks5 mode with web-host support.

docker run --rm -it -v C:\tmp\mitmproxy:/home/mitmproxy/.mitmproxy -p 8080:8080 -p mitmproxy/mitmproxy mitmweb --mode socks5 --ssl-insecure --web-host

Prep the CA by setting it's name to be it's hash.

$hash = (openssl x509 -inform PEM -subject_hash_old -in "C:\tmp\mitmproxy\mitmproxy-ca-cert.cer" | Select -First 1)

Copy-Item "C:\tmp\mitmproxy\mitmproxy-ca-cert.cer" "C:\tmp\mitmproxy\$hash.0"

Install the CA into the system

.\adb.exe root
.\adb.exe remount
.\adb.exe push "C:\tmp\mitmproxy\$hash.0" /system/etc/security/cacerts

Download the SocksDroid APK from here, then use the following command to install it.

.\adb.exe install -r "C:\Users\user\Downloads\"

Open SocksDroid in the Emulator and setup the details as follows:

Start the Application and view the results in