Man-in-the-middle Testing of a Mobile Application

On initial tests of a mobile application that I was utilizing it sent the username and password in plain-text to a server for authentication.  Upon working with the company they fixed the issue and asked me to test again.

I was very impressed with them fixing the mobile application so quickly.  Here are my chicken scratches of how I tested the mobile application the second time.

Using my laptop I have a wireless interface (wlan0) and then a LAN connection (eth0).  I connected a wireless access points internet side of the connection to eth0.  The wireless access points IP is 192.168.3.5 and my eth0 is 192.168.3.1.  Then the access points internal addressing was 192.168.5.1 with DHCP range of 192.168.5.100~.  I then connected my mobile device to the DHCP range of that access point.

My wlan0 card was connected to 192.168.1.100~ with a router IP of 192.168.1.1.

So in essence the flow of outbound traffic would be:
192.168.5.100
to
192.168.5.1
to
192.168.3.5
to
192.168.3.1 (eth0)
to
192.168.1.100 (wlan0)
to
192.168.1.1
to
The Internet

To configure the laptop I  did the following:
echo 1> /proc/sys/net/ipv4/ip_forward - To enable IP Forwarding

Then I setup iptables to do the NATing and Forwarding:
iptables --table nat --append POSTROUTING --out-interface wlan0 -j MASQUERADE

iptables --append FORWARD --in-interface eth0 -j ACCEPT

Then to further assess the mobile application from a network layer I utilized wireshark sniffing traffic on 192.168.3.1

Viola!

Comments

Popular posts from this blog

Netflix Streaming Blocked by Sophos UTM

BSides 2016 Hackers Challenge

Python - Vega Conflict Script to Maximize Fleet Sizes based on Fleet Mass

VBA - Script to Download a file from a URL

IoT Malware Analysis - CnC Server - Part 3