[GH-ISSUE #945] Some iOS apps does not show traffic #940

New issue

Open

opened 2026-03-03 19:23:11 +03:00 by kerem · 12 comments

kerem commented 2026-03-03 19:23:11 +03:00

Owner

Copy link

Originally created by @caioaugustofr on GitHub (Jul 29, 2021).
Original GitHub issue: https://github.com/ProxymanApp/Proxyman/issues/945

Originally assigned to: @NghiaTranUIT on GitHub.

Proxyman version? (Ex. Proxyman 1.4.3)

2.30.0

macOS Version? (Ex. mac 10.14)

Big Sur (11.2)

Steps to reproduce

I configured the proxy on my iOS device to start monitoring traffic. When I open Safari and type an URL (even if HTTPS), I can see its traffic, however, when I open a certain app, I cannot see the traffic generated by it. The app in question is called "Tecnofit Box". I can make a video if it helps.

Originally created by @caioaugustofr on GitHub (Jul 29, 2021). Original GitHub issue: https://github.com/ProxymanApp/Proxyman/issues/945 Originally assigned to: @NghiaTranUIT on GitHub. ### Proxyman version? (Ex. Proxyman 1.4.3) 2.30.0 ### macOS Version? (Ex. mac 10.14) Big Sur (11.2) ### Steps to reproduce I configured the proxy on my iOS device to start monitoring traffic. When I open Safari and type an URL (even if HTTPS), I can see its traffic, however, when I open a certain app, I cannot see the traffic generated by it. The app in question is called "Tecnofit Box". I can make a video if it helps.

kerem commented 2026-03-03 19:23:12 +03:00

Author

Owner

Copy link

@onikishov commented on GitHub (Jul 30, 2021):

I have the same issue with Clubhouse app.

<!-- gh-comment-id:889881573 --> @onikishov commented on GitHub (Jul 30, 2021): I have the same issue with Clubhouse app.

kerem commented 2026-03-03 19:23:12 +03:00

Author

Owner

Copy link

@NghiaTranUIT commented on GitHub (Jul 30, 2021):

After setting HTTP Proxy on your iPhone and you can see HTTPS Traffic (from Safari iOS) on the Proxyman app, it means you've set it up properly.

I'm not sure why some app traffic doesn't go through Proxyman via HTTP Proxy. Let me download the app and check it 👍

<!-- gh-comment-id:889883145 --> @NghiaTranUIT commented on GitHub (Jul 30, 2021): After setting HTTP Proxy on your iPhone and you can see HTTPS Traffic (from Safari iOS) on the Proxyman app, it means you've set it up properly. I'm not sure why some app traffic doesn't go through Proxyman via HTTP Proxy. Let me download the app and check it 👍

kerem commented 2026-03-03 19:23:12 +03:00

Author

Owner

Copy link

@NghiaTranUIT commented on GitHub (Jul 30, 2021):

@onikishov Just wondering:

1. Set HTTP proxy on wifi in your iPhone to Proxyman
2. Open Safari iOS -> visit https://google.com
3. Do you see the traffic on Proxyman app?

<!-- gh-comment-id:889883788 --> @NghiaTranUIT commented on GitHub (Jul 30, 2021): @onikishov Just wondering: 1. Set HTTP proxy on wifi in your iPhone to Proxyman 2. Open Safari iOS -> visit https://google.com 3. Do you see the traffic on Proxyman app?

kerem commented 2026-03-03 19:23:12 +03:00

Author

Owner

Copy link

@onikishov commented on GitHub (Jul 30, 2021):

@NghiaTranUIT Yes, I see all traffic from Safari browser and many other apps, but not from this one. It seems like the app is ignoring proxy settings.

<!-- gh-comment-id:889887532 --> @onikishov commented on GitHub (Jul 30, 2021): @NghiaTranUIT Yes, I see all traffic from Safari browser and many other apps, but not from this one. It seems like the app is ignoring proxy settings.

kerem commented 2026-03-03 19:23:12 +03:00

Author

Owner

Copy link

@NghiaTranUIT commented on GitHub (Jul 30, 2021):

@onikishov I've downloaded the lasted Clubhouse app, and I'm able to see its traffic

Can you check other apps (such as Product Hunt, Unsplash, ...), which don't have SSL-Pinning.

<!-- gh-comment-id:889890972 --> @NghiaTranUIT commented on GitHub (Jul 30, 2021): @onikishov I've downloaded the lasted Clubhouse app, and I'm able to see its traffic <img width="1733" alt="Screen_Shot_2021-07-30_at_20_21_30" src="https://user-images.githubusercontent.com/5878421/127659124-a340f608-0c02-449d-9397-94eaa372ec49.png"> Can you check other apps (such as Product Hunt, Unsplash, ...), which don't have SSL-Pinning.

kerem commented 2026-03-03 19:23:12 +03:00

Author

Owner

Copy link

@NghiaTranUIT commented on GitHub (Jul 30, 2021):

@caioaugustofr I tried Proxyman on your app, and it looks like Tecnofit Box is using Firebase for the authentication & APIs.

If it's, we could not intercept Firebase traffic because it doesn't use the HTTP transport layer.

Ref: https://groups.google.com/g/firebase-talk/c/RPSQwV7WpLs

<!-- gh-comment-id:889895511 --> @NghiaTranUIT commented on GitHub (Jul 30, 2021): @caioaugustofr I tried Proxyman on your app, and it looks like Tecnofit Box is using Firebase for the authentication & APIs. If it's, we could not intercept Firebase traffic because it doesn't use the HTTP transport layer. <img width="1526" alt="Screen_Shot_2021-07-30_at_20_27_55" src="https://user-images.githubusercontent.com/5878421/127660422-2fe3f812-430f-48d4-8e40-3c6cdaee061d.png"> Ref: https://groups.google.com/g/firebase-talk/c/RPSQwV7WpLs

kerem commented 2026-03-03 19:23:12 +03:00

Author

Owner

Copy link

@onikishov commented on GitHub (Jul 30, 2021):

@NghiaTranUIT Many thanks for investigating the issue. It seems the problem with my iPhone. Tried another iPhone, works fine.

<!-- gh-comment-id:890015808 --> @onikishov commented on GitHub (Jul 30, 2021): @NghiaTranUIT Many thanks for investigating the issue. It seems the problem with my iPhone. Tried another iPhone, works fine.

kerem commented 2026-03-03 19:23:12 +03:00

Author

Owner

Copy link

@caioaugustofr commented on GitHub (Jul 30, 2021):

@NghiaTranUIT, thanks for the info. So, in other words, it is not possible to intersept the traffic of this app?

Another thing, I tried it with android emulator. It shows a request made to rest.tecnofit.com.br, however, I cannot see its content, because I get ssl handshake failed.

<!-- gh-comment-id:890219683 --> @caioaugustofr commented on GitHub (Jul 30, 2021): @NghiaTranUIT, thanks for the info. So, in other words, it is not possible to intersept the traffic of this app? Another thing, I tried it with android emulator. It shows a request made to rest.tecnofit.com.br, however, I cannot see its content, because I get ssl handshake failed.

kerem commented 2026-03-03 19:23:12 +03:00

Author

Owner

Copy link

@NghiaTranUIT commented on GitHub (Jul 31, 2021):

@caioaugustofr Yes, there is no way to intercept Firebase SSL traffic.

Regarding the Android app,

1. Do you installed & trusted Proxyman Certificate on your Android Emulator?
2. Have you added a config to security.xml and manifest.xml? (Step 4 in this guideline https://docs.proxyman.io/debug-devices/android-device)

Both steps are required in order to intercept HTTPS Traffic from Android app.

<!-- gh-comment-id:890268178 --> @NghiaTranUIT commented on GitHub (Jul 31, 2021): @caioaugustofr Yes, there is no way to intercept Firebase SSL traffic. Regarding the Android app, 1. Do you installed & trusted Proxyman Certificate on your Android Emulator? 2. Have you added a config to security.xml and manifest.xml? (Step 4 in this guideline https://docs.proxyman.io/debug-devices/android-device) Both steps are required in order to intercept HTTPS Traffic from Android app.

kerem commented 2026-03-03 19:23:12 +03:00

Author

Owner

Copy link

@jesus-mg-ios commented on GitHub (Aug 7, 2021):

@NghiaTranUIT, Why iOS App cannot capture TCP or UDP datagrams? Is that possible with packet tunnel or I'm wrong?

<!-- gh-comment-id:894692962 --> @jesus-mg-ios commented on GitHub (Aug 7, 2021): @NghiaTranUIT, Why iOS App cannot capture TCP or UDP datagrams? Is that possible with packet tunnel or I'm wrong?

kerem commented 2026-03-03 19:23:12 +03:00

Author

Owner

Copy link

@NghiaTranUIT commented on GitHub (Aug 8, 2021):

@jesus-qt It's possible to capture TCP/UDP from Proxyman, Charles Proxy or Fidder if this feature is supported. At the moment, none of them supports it.

If you use Packet Tunnel from the NetworkExtension framework from Apple, you can capture TCP/UDP.

If you'd like to see TCP/UDP traffic, please try Wireshark 👍

<!-- gh-comment-id:894728361 --> @NghiaTranUIT commented on GitHub (Aug 8, 2021): @jesus-qt It's possible to capture TCP/UDP from Proxyman, Charles Proxy or Fidder if this feature is supported. At the moment, none of them supports it. If you use Packet Tunnel from the `NetworkExtension` framework from Apple, you can capture TCP/UDP. If you'd like to see TCP/UDP traffic, please try Wireshark 👍

kerem commented 2026-03-03 19:23:12 +03:00

Author

Owner

Copy link

@jesus-mg-ios commented on GitHub (Aug 9, 2021):

@NghiaTranUIT I'm trying to do this without external vpn server, but I cannot redirect traffic to internet reading with packet flow and writing to packetFlow. Any suggestions? I don't want to create by hand a socket to redirect the traffic to internet and then to the apps (because I think it's too complex and I have no idea how to do this)

<!-- gh-comment-id:895027929 --> @jesus-mg-ios commented on GitHub (Aug 9, 2021): @NghiaTranUIT I'm trying to do this without external vpn server, but I cannot redirect traffic to internet reading with packet flow and writing to packetFlow. Any suggestions? I don't want to create by hand a socket to redirect the traffic to internet and then to the apps (because I think it's too complex and I have no idea how to do this)

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

6.9.0

6.8.0

6.7.0

6.6.0

6.5.0

6.4.0

6.3.0

6.2.0

6.1.0

6.0.2

6.0.0

6.0.1

5.25.0

5.24.0

5.23.0

5.23.1

5.22.0

5.20.0

5.21.0

5.19.0

5.18.0

5.17.0

5.16.0

5.15.0

5.14.0

5.12.2

5.12.1

5.12.0

5.11.0

5.10.0

5.8.0

5.9.0

5.7.0

5.6.1

5.6.0

5.5.0

5.4.0

5.2.0

5.3.0

5.1.1

5.0.0

4.16.0

4.15.0

4.14.0

4.13.0

4.12.0

4.11.0

4.10.0

4.9.1

4.9.0

4.8.2

4.8.1

4.8.0

4.7.1

4.7.0

4.6.1

4.6.0

4.5.0

4.4.0

4.3.1

4.3.0

4.2.1

4.2.0

4.1.0

4.0.0

3.15.0

3.14.0

3.13.0

3.12.0

3.11.0

3.10.0

3.9.0

3.8.0

3.7.0

3.6.2

3.6.1

3.6.0

3.5.2

3.5.1

3.5.0

3.4.0

3.3.0

3.2.0

3.1.0

3.0.0

2.35.4

2.35.3

2.35.2

2.35.1

2.35.0

2.34.1

2.34.0

2.33.0

2.32.1

2.32.0

2.31.0

2.30.0

2.29.0

2.28.0

2.27.0

2.26.0

2.25.0

2.24.0

2.23.0

2.22.0

2.21.1

2.21.0

2.20.0

2.19.0

2.18.0

2.17.0

2.16.1

2.16.0

2.15.2

2.15.1

2.15.0

2.14.2

2.14.1

2.14.0

2.13.0

2.12.0

2.11.1

2.11.0

2.10.0

2.9.1

2.9.0

2.8.0

2.7.0

2.6.0

2.5.3

2.5.2

2.5.1

2.5.0

2.4.2

2.4.1

2.4.0

2.3.0

2.2.0

2.1.1

2.1.0

2.0.1

2.0.0

1.24.0

1.23.0

1.22.0

1.21.0

1.20.0

1.19.0

1.18.1

1.18.0

1.17.1

1.17.0

1.16.0

1.15.0

1.14.1

1.14.0

1.13.1

1.13.0

1.12.0

1.11.0

1.10.0

1.9.3

1.9.2

1.9.1

1.9.0

1.8.0

1.7.2

1.7.1

1.7.0

1.6.2

1.6.1

1.6.0

1.5.1

1.5.0

1.4.7

1.4.6

1.4.5.1

1.4.5

1.4.4.1

1.4.4

1.4.3

1.4.2

1.4.1.1

1.4.1

1.4

1.3.9

1.3.8

1.3.7

1.3.6

1.3.5

1.3.4.3

1.3.4.2

1.3.4.1

1.3.4

1.3.3

1.3.2

1.3.1

1.3

1.2

1.1.2

1.1.1

1.1

1.0.3

1.0.2

1.0

0.8.1

0.8

0.7

0.6

0.5.1

0.5

v0.4.1

Labels

Clear labels   

Discussion

  

Feature request

  

In Progress...

  

Plugins

  

Waiting response

  

Windows

  

Windows

  

bug

  

duplicate

  

enhancement

  

feature

  

good first issue

  

iOS

  

macOS 10.11

  

question

  

wontfix

  

✅ Done

No labels

Discussion

Feature request

In Progress...

Plugins

Waiting response

Windows

Windows

bug

duplicate

enhancement

feature

good first issue

iOS

macOS 10.11

question

wontfix

✅ Done

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/Proxyman#940

No description provided.