• November 28, 2024

ProxyBoys

Compare the best tools and software for anonymously browsing with comprehensive reviews, rankings, and reports.

Proxy

Pokemon Go Mitm Proxy

pokemon-go-mitm-node - GitHub

pokemon-go-mitm-node – GitHub

Pokemon Go MITM Proxy – Intercepts the traffic between your Pokemon Go App and their servers, decodes the protocol and gives you a handy tool to enrich your own game experience by altering the data on the fly.
Take a look at the examples to get started. Feel happily invited to contribute more!
How to use it?
Setting up the server
Get nodejs
Get protobuf >= 3
Linux: libprotobuf must be present (apt-get install libprotobuf-dev)
OSX: Use homebrew to install protobuf with brew install pkg-config and brew install –devel protobuf
Windows: hard to compile – follow advices
Clone the code to experiment with the examples! (otherwise use it as a npm package)
git clone && cd pokemon-go-mitm-node
npm install
Setup the CoffeeScript interpreter (optional if using npm scripts)
npm install -g coffee-script
Setting up your device
Prepare your phone to accept the MITM certificate
Android
on a rooted phone: install the Xposed module pokemon-go-xposed
otherwise: install a pre-patched version
iPhone
you have to be jailbroken to use ilendemli’s nice certificate pinning patch
Using Xposed on Android
If you are using pokemon-go-xposed, set the custom endpoint to your machines IP (default port it 8082). All done!
Using iOS or Android without Xposed
Generate a CA MITM certificate
Run npm start (or coffee) to generate a CA certificate
Download the generated certificate from the started server via host:8082/ (or copy the file)
Add the certificate to the “trusted certificates” of your mobile (for “VPN and apps” on Android)
Setup your mobile’s connection to use your machine as a proxy (default proxy port is 8081)
Done!
Troubleshooting
Android N requires a different certificate format, make sure you download host:8082/ to your mobile
To let an iPhone or iPad trust the certificate, you might have to save and email host:8082/ to yourself to open it in the Mail app
On very few systems (Raspberry Pi) the CA certificate has to be generated manually:
openssl genrsa -out 2048
openssl rsa -in -pubout >
openssl req -x509 -new -nodes -key -days 1024 -out -subj “/C=US/ST=Utah/L=Provo/O=PokemonCA/”
If you are unable to log in after installing the certificate on Android, you may have to reboot for apps to see the new CA (#208)
How to code it?
PokemonGoMITM = require ‘pokemon-go-mitm’
server = new PokemonGoMITM port: 8081
# Replace all PokeStops with kittys!
dResponseHandler “FortDetails”, (data) ->
= “Pokemon GO MitM PoC”
scription = “meow! ”
age_urls = [“]
data
What’s the status?
Thanks to the awesom work done around POGOProtos, all requests and responses can be intercepted and altered on the fly by now!
AddFortModifier
AttackGym
CatchPokemon
CheckAwardedBadges
CheckCodenameAvailable
ClaimCodename
CollectDailyBonus
CollectDailyDefenderBonus
DiskEncounter
DownloadItemTemplates
DownloadRemoteConfigVersion
DownloadSettings
Echo
Encounter
EncounterTutorialComplete
EquipBadge
EvolvePokemon
FortDeployPokemon
FortDetails
FortRecallPokemon
FortSearch
GetAssetDigest
GetDownloadUrls
GetGymDetails
GetHatchedEggs
GetIncensePokemon
GetInventory
GetMapObjects
GetPlayer
GetPlayerProfile
GetSuggestedCodenames
IncenseEncounter
LevelUpRewards
NicknamePokemon
PlayerUpdate
RecycleInventoryItem
ReleasePokemon
SetAvatar
SetContactSettings
SetFavoritePokemon
SetPlayerTeam
StartGymBattle
UpgradePokemon
UseIncense
UseItemCapture
UseItemEggIncubator
UseItemGym
UseItemPotion
UseItemRevive
UseItemXpBoost
Enjoy! And heaps of thanks to everyone who contributed here and on slack!
pokemon-go-mitm - npm

pokemon-go-mitm – npm

pokemon-go-mitm2. 1. 0 • Public • Published 5 years ago Readme Explore BETA10 Dependencies1 Dependents11 Versions
Pokemon Go MITM Proxy – Intercepts the traffic between your Pokemon Go App and their servers, decodes the protocol and gives you a handy tool to enrich your own game experience by altering the data on the fly.
Take a look at the examples to get started. Feel happily invited to contribute more!
How to use it?
Setting up the server
Get nodejs
Get protobuf >= 3
Linux: libprotobuf must be present (apt-get install libprotobuf-dev)
OSX: Use homebrew to install protobuf with brew install pkg-config and brew install –devel protobuf
Windows: hard to compile – follow advices
Clone the code to experiment with the examples! (otherwise use it as a npm package)
git clone && cd pokemon-go-mitm-node
npm install
Setup the CoffeeScript interpreter (optional if using npm scripts)
npm install -g coffee-script
Setting up your device
Prepare your phone to accept the MITM certificate
Android
on a rooted phone: install the Xposed module pokemon-go-xposed
otherwise: install a pre-patched version
iPhone
you have to be jailbroken to use ilendemli’s nice certificate pinning patch
Using Xposed on Android
If you are using pokemon-go-xposed, set the custom endpoint to your machines IP (default port it 8082). All done!
Using iOS or Android without Xposed
Generate a CA MITM certificate
Run npm start (or coffee) to generate a CA certificate
Download the generated certificate from the started server via host:8082/ (or copy the file)
Add the certificate to the “trusted certificates” of your mobile (for “VPN and apps” on Android)
Setup your mobile’s connection to use your machine as a proxy (default proxy port is 8081)
Done!
Troubleshooting
Android N requires a different certificate format, make sure you download host:8082/ to your mobile
To let an iPhone or iPad trust the certificate, you might have to save and email host:8082/ to yourself to open it in the Mail app
On very few systems (Raspberry Pi) the CA certificate has to be generated manually:
openssl genrsa -out 2048
openssl rsa -in -pubout >
openssl req -x509 -new -nodes -key -days 1024 -out -subj “/C=US/ST=Utah/L=Provo/O=PokemonCA/”
If you are unable to log in after installing the certificate on Android, you may have to reboot for apps to see the new CA (#208)
How to code it?
PokemonGoMITM = require ‘. /lib/pokemon-go-mitm’server = new PokemonGoMITM port: dResponseHandler “FortDetails”, (data) -> = “Pokemon GO MitM PoC” scription = “meow! ” age_urls = [“] data
What’s the status?
Thanks to the awesom work done around POGOProtos, all requests and responses can be intercepted and altered on the fly by now!
AddFortModifier
AttackGym
CatchPokemon
CheckAwardedBadges
CheckCodenameAvailable
ClaimCodename
CollectDailyBonus
CollectDailyDefenderBonus
DiskEncounter
DownloadItemTemplates
DownloadRemoteConfigVersion
DownloadSettings
Echo
Encounter
EncounterTutorialComplete
EquipBadge
EvolvePokemon
FortDeployPokemon
FortDetails
FortRecallPokemon
FortSearch
GetAssetDigest
GetDownloadUrls
GetGymDetails
GetHatchedEggs
GetIncensePokemon
GetInventory
GetMapObjects
GetPlayer
GetPlayerProfile
GetSuggestedCodenames
IncenseEncounter
LevelUpRewards
NicknamePokemon
PlayerUpdate
RecycleInventoryItem
ReleasePokemon
SetAvatar
SetContactSettings
SetFavoritePokemon
SetPlayerTeam
StartGymBattle
UpgradePokemon
UseIncense
UseItemCapture
UseItemEggIncubator
UseItemGym
UseItemPotion
UseItemRevive
UseItemXpBoost
Enjoy! And heaps of thanks to everyone who contributed here and on slack!
How would I monitor Pokemon Go's Http requests? - Stack ...

How would I monitor Pokemon Go’s Http requests? – Stack …

I would love to see what requests Pokemon Go makes and what the responses look like, similar to using chrome dev tools on a website. Is there any way I can monitor an android app’s requests the same way I would monitor a website’s?
asked Jul 10 ’16 at 22:01
Others have already mentioned the good MITM proxy tools for this — Fiddler, Charles Proxy, Burp, and MITM Proxy. However, Pokemon Go uses Protocol Buffers for communication, not XML, JSON, etc. This format is harder for a human to work with, as it does not show the data with human-readable keys or values. Without the original schema files that the app and server use to interpret the data, you’ll have to look at the raw data and try to make sense of it by doing different requests and seeing how the data changes to try to understand what different fields might represent. You can then construct files yourself so the data can be displayed in a human-readable way.
answered Jul 14 ’16 at 22:20
JoeJoe2, 4221 gold badge12 silver badges12 bronze badges
This is the path I try some times (not specifically to Pokemon, though):
Install mitmproxy in you computer: Start the proxy in some port: mitmproxy -p 3128
In your device network settings, configure it to use a proxy, and with manual settings add the IP of your computer and the port you started the proxy server (e. g. 3128) – assuming your device and computer are in the same wifi network.
Use the app you want to inspect requests
HTTP requests will show up in the mitmproxy interface
answered Jul 10 ’16 at 22:13
1
These answers were all perfectly correct at the time, but I feel like some additional information is warranted given some changes. In version 0. 31, Pokemon Go added certificate pinning, which prevents basic MITM proxying to work without doing one of two things to unpin the certificate.
You can attempt to find a Pokemon GO APK that has had certificate pinning removed, then perform MITM proxying as usual
You can use an xposed module such as to trick
In addition, the protobuf files have been fairly successfully decoded as of this time, with projects such as this one helping to make life considerably easier to sniff on traffic such as this.
answered Sep 2 ’16 at 21:38
Not the answer you’re looking for? Browse other questions tagged android reverse-engineering or ask your own question.

Frequently Asked Questions about pokemon go mitm proxy

Tags:

Leave a Reply

Your email address will not be published. Required fields are marked *