< Squinting at Security Drivers & Perspective-based Biases | Dropping Privileges in Python (pattern) >
Unfortunately, 1984.za.net is down, and since then I've done a bit more work on this. I presented this briefly in my ITWeb presentation last year (slides 27-30), and figure it was about time to make this properly public. I've put it up on my github at mobile-proxy (have I mentioned I love github).
This is still pretty rough, but it proves the methodology and can be extended.
Two interesting things to come out of it are:
iOS Mobile Proxy Configuration
You can edit the proxy used when your phone is on a mobile network (i.e. not wifi) by editing the file (once jailbroken): /Library/Preferences/SystemConfiguration/preferences.plist and adding the ProxyAutoConfigURLString key as below:
<dict> <key>HTTPEnable</key> <integer>0</integer> <key>HTTPProxyType</key> <integer>2</integer> <key>HTTPSEnable</key> <integer>0</integer> <key>ProxyAutoConfigEnable</key> <integer>1</integer> <key>ProxyAutoConfigURLString</key> <string>https://<host>/proxy.php</string> </dict>
It was pointed out on twitter that the iPhone Configuration Utility should allow this to be done without the need to jailbreak. I'll test it and update things if it works.
The second interesting thing, is that to block access to a website just redirecting to a non-existent server won't work as WebKit based browsers in particular will try again without using the proxy. Thus, a blackhole proxy was needed. Gert at Sensepost wrote a quick 'n fast twisted server for those purposes, and I extended it to drop privileges to reduce attack surface. It's included on github.