Posted on by Martin Burheim Tingstad

Finding the correct Fortum API usage

  1. Configure a SquidMan proxy on my mac
  2. Make iPhone route traffic through proxy using Wifi-configurations
  3. Open Fortum app and fetch traffic
  4. Got GET operations against
    1. https://cognito-idp.eu-west-1.amazonaws.com
    2. https://cdc-api-gw.tingcore-infra.com
    3. https://cognito-identity.eu-west-1.amazonaws.com
  5. Set environment variable SSLKEYLOGFILE to ~/ssl-key.log
  6. Launch Google Chrome and visit all of the urls under point 4
  7. Verify that ssl-key.log contains data and quit Google Chrome
  8. Configure TLS under wireshark with ~/ssl-key.log as prestares key
  9. Start a capture in wireshark with this filter: “ip.host contains cloudfront.net || ip.host contains cognito || ip.host contains tingcore and ssl”
  10.  

Leave a Reply

Your email address will not be published. Required fields are marked *


two × 6 =