sandrob

SandroProxy

sandrob
★ Root NOT needed on 3.x or higher android OS★

Why would you use it:
- behind corporate, school firewall/proxy, needing to connect to squid, isa/forefront proxy with authentication
http://code.google.com/p/sandrop/wiki/HowToConnectToOtherProxy
Or use Drony:
https://play.google.com/store/apps/details?id=org.sandroproxy.drony

- developer to examine http traffic, with embedded chrome devtools that can be used as ide

- security analyst examining how apps communicate with servers

Capture, intercept, analyze, modify, replay http requests, websockets.
Can connect to another proxy (Basic, Digest, NTLM auth support). For example Orbot.
Can act as pass-through proxy, traffic is not stored, ssl tunnel remains the same to server.
Proxy can also acts as SSL man-in-the-middle.
It generates sites certificates on the fly.
Issuer is named UNTRUSTED.
Based on WebScarab.
For transparent proxy, superuser/su/iptables are needed.
There is gui for application redirection to transparent proxy.
Can act as Web server to access captured data.
Can create pcap files that can be decrypted with wireshark.
Using Chrome Developer Tools remote web gui for display data.
Chrome devtools tab for device connections like TcpView from Sysinternals.
Chrome devtools Console acting as android shell.

If you would like some new feature in it, send request to
supp.sandrob@gmail.com

source code: http://code.google.com/p/sandrop/
wiki: http://code.google.com/p/sandrop/w/list
G+: https://plus.google.com/u/0/102248092997026875601
XDA thread: http://forum.xda-developers.com/showthread.php?t=1737138

Beta testing group: https://groups.google.com/d/forum/sandroproxy-beta-test

YouTube, WhatsApp not working?
http://code.google.com/p/sandrop/wiki/YouTubeWhatsAppInst

Example of usage:
Use stock browser and change that wi-fi uses proxy on localhost:8008
Check log tab for proxy activity, data tab for request/response content

keywords: ssl, client certficate, proxy, p12, pfx, http, https analyzer, transparent proxy, capture http, replay http, modify http, http traffic, tamper http data
ISA proxy , Forefront TMG proxy, squid proxy, corporate proxy, ntlm auth, basic auth, chrome devtools, websocket, ws, wss, tcpview, network connections, school proxy, pcap, wireshark

★★★
there are ads on log tab and Google Analytics events on switching tabs
sorry for that
If you feel uncomfortable about this,
send mail and version without this will be build for you.
★★★

Drony

sandrob
★ Root NOT needed ★
Proxy that can operate with proxy authentications.
Android OS has just proxy with no authentication.
So this app can help you with your corporate/university/school network environment.

Supports digest, windows (ntlm), basic authentication.
Drony will start if wifi appears that has proxy set on same port that is used in Drony to listen.
Drony will stop when that wifi is no longer active.
-support for multiple network configurations
-pac/wpad proxy script support http://code.google.com/p/sandrop/wiki/HowToUseDronyWithScriptProxy
-local networks name resolver http://code.google.com/p/android/issues/detail?id=8030

★Some apps do not respect android os proxy settings.★
You can use SandroProxy and have rooted phone to have working WhatsApp and Youtube.
http://code.google.com/p/sandrop/wiki/YouTubeWhatsAppInst
http://code.google.com/p/sandrop/issues/detail?id=83

If you need more options, features check SandroProxy.
https://market.android.com/details?id=org.sandroproxy

How to connect to another proxy example:
http://code.google.com/p/sandrop/wiki/HowToUseDronyWithOtherProxy

Beta testing group:
https://groups.google.com/d/forum/drony-beta-test

XDA thread:
http://forum.xda-developers.com/showthread.php?t=2320008

Admin settings wizard:
http://code.google.com/p/sandrop/wiki/DronySettingsWizard


keywords: ssl, proxy, ISA proxy , Forefront TMG proxy, squid proxy, corporate proxy, ntlm auth, basic auth, school proxy

SandroB for 2.3.x, CM 7.1

sandrob
Features:

*** It will not work on ICS android 4.x ***

-NO NEED TO HAVE ROOTED PHONE
-support for authentication to proxy/web server
(NTLM/Basic/Digest) ISA proxy, SharePoint
-Download Manager
-added support for SSL Client Certificates
-multiple SSL sessions to different hostname:port
-doesn't use global keystore
it uses local (in memory) until application is terminated
after keystore is created pfx/p12 file can be removed
-option to store certificate in local database
-can be used also without client certificate to access SSL
sites that has selfsigned or untrusted server certificates
-custom proxy can be set in browser settings
-port of native android browser
-working Flash
-SVG rendering
-animated GIF's

How to use it:

Just input https url and pop-up will appear
asking you for certificate file and password.
If pop-up don't show up change
Menu->Settings->SSL dialog only on errors = OFF
When you are done click on Menu->Clear to invalidate SSL

WARRNING:
You should remove cert file after not needed any more.
It is not safe that you have it on the phone all the time.
Almost every process has access to SD_storage/your_cert_file
note: thnx for feedback, you can also report to
http://code.google.com/p/sandrob/issues/list

keywords: ssl, client certficate, ntlm, basic, digest, proxy, windows authentication, download manager, sharepoint, isa proxy, squid, flash, svg, p12, pfx

SandroB SSL example

sandrob
Simple application how to use client side SSL certificate

★★★Works also on 4.x android★★★
★★★Not working on 3.x★★★

Sources included.
You must just find out how to get it...
It connects also to untrusted SSL sites (self-signed certificates).
Feel free to change sources as you needed.

SandroB 2.3.4_r1

sandrob
Features:

-NO NEED TO HAVE ROOTED PHONE
-support for authentication to proxy/web server
(NTLM/Basic/Digest) ISA proxy, SharePoint
-Download Manager
-added support for SSL Client Certificates
-multiple SSL sessions to different hostname:port
-doesn't use global keystore
it uses local (in memory) until application is terminated
after keystore is created pfx/p12 file can be removed
-option to store certificate in local database
-can be used also without client certificate to access SSL
sites that has selfsigned or untrusted server certificates
-custom proxy can be set in browser settings
-port of native android browser
-working Flash
-SVG rendering
-animated GIF's

How to use it:

Just input https url and pop-up will appear
asking you for certificate file and password.
If pop-up don't show up change
Menu->Settings->SSL dialog only on errors = OFF
When you are done click on Menu->Clear to invalidate SSL

WARRNING:
You should remove cert file after not needed any more.
It is not safe that you have it on the phone all the time.
Almost every process has access to SD_storage/your_cert_file
note: thnx for feedback, you can also report to
http://code.google.com/p/sandrob/issues/list

keywords: ssl, client certficate, ntlm, basic, digest, proxy, windows authentication, download manager, sharepoint, isa proxy, squid, flash, svg, p12, pfx