Capture HTTP(S) traffic from Android using a sniffer

I wanted to debug an Android app that uses HTTPS requests with a JSON API. Thanks to this article I’ve been able to use my Windows 10 computer to get all the network from my Android phone thru my local network and decode the HTTPS requests !

I’m going to summarize the steps from the above article:

1. Download and Install Fiddler on your computer
2. Once Fiddler is installed, launch it and:
   • Click menu Tools > Options, then select the Connections tab
   • Make note of the “Fiddler listens on” port (normally it’s 8888)
   • Make sure the check box for “Allow remote computer to connect” is checked
   • Switch to the HTTPS tab
   • Make sure the check boxes for “Capture HTTPS Connects” and “Decrypt HTTPS traffic” are both checked
   • Restart Fiddler
3. Go to your Android phone then:
   • Tap on Settings, then Wi-Fi
   • Find the network on which you’re connected (normally the first one listed), then tap and hold
   • Choose Modify network from the pop-up
   • Scroll down and enable “Show advanced options”
   • Change “Proxy settings” to Manual
   • Under “Proxy host name” enter the Windows PC IP address from above
   • Under “Proxy port” enter the Fiddler port from above (usually 8888)
   • Tap Save and wait a moment for the network to reconnect
4. Now we need to add the certificate in Android to have the HTTPS working:
   • On Android start the Chrome browser
   • Navigate to http://IP_ADDRESS_WHERE_FIDDLER_IS:8888/ or http://ipv4.fiddler:8888
   • Tap on the link for the “Fiddler Root Certificate”
   • Name the certificate “Fiddler” and install it (entering your PIN or password if prompted)

You’re now ready to capture the traffic on Fiddler!

Once you’re done you can switch back to normal by following the below steps:

1. Tap on Settings, then Wi-Fi
2. Find the network on which you’re connected (should be the first one listed), then tap and hold
3. Choose Modify network from the pop-up
4. Scroll down and select (enable) “Show advanced options”
5. Change “Proxy settings” to None
6. Tap Save and wait a moment for the network to reconnect
7. Go up a level in settings to Security
8. Tap Trusted credentials, then select the User tab
9. Tap on the Fiddler “Do not trust” certificate, then scroll down to remove it
10. You may need to power cycle your device to get all apps to forget about the Fiddler certificate (e.g., the Chrome browser will continue to try to use it for a while)