Skip to content

mitmproxy instructions

Jump to bottom
eli edited this page Aug 1, 2024 · 7 revisions

Mid-2024 update: The below is out-of-date (root now needs to avoid being detected on Android virtual devices) and following these instructions may no longer be possible. See #187 for discussion.

The following method can be used to intercept your phone's web traffic and grab your gtoken (aka GameWebToken) and bulletToken, both needed to access SplatNet 3, from the app. Due to Android 7.0 and above not allowing custom certificates to be used for apps, these instructions only work on:

  • iOS devices
  • Rooted devices running Android 7.0+, with mitmproxy installed into the system certificate store – either real or in an emulator

To use Android Studio to create a virtual device on your computer to which you can install the app and get a token, see Installing mitmproxy on a virtual device → below.

The instructions on this page are only relevant if you are opting out of automatic token generation.

Obtaining your SplatNet tokens using mitmproxy

  1. Download mitmproxy by following the instructions for your operating system here. Releases for Mac, Windows, and Linux can be found here. If you're on macOS and have Homebrew installed, you can run brew install mitmproxy.

  2. Obtain your computer's internal IP address:
    (Mac) Run ipconfig getifaddr en0 (or sometimes en1) from Terminal, or option-click on the Wi-Fi icon in the menu bar.
    (Windows) Run ipconfig from Command Prompt/PowerShell and look under "IPv4 Address."

  3. Run mitmweb from the command line or by clicking on the downloaded file.

  4. Configure your phone's network settings:
    (Android) Go to Settings > Wi-Fi > gear icon on your network name > pencil icon. Under Advanced options, set Proxy to "Manual". For Proxy hostname, enter your computer's internal IP from before and enter the port as 8080.
    (iOS) Go to Settings > Wi-Fi > tap on network name or info icon. Chose "Manual" under HTTP proxy. For Server, enter your computer's internal IP from before and set the port to 8080.

  5. Go to http://mitm.it/ on your phone and download & install the certificate for your device (only needs to be done once). On iOS 10.3 and above, you'll also need to navigate to Settings > General > About > Certificate Trust Settings, and turn on trust under "Enable full trust for root certificates." For more information, see the certificates page on the mitmproxy docs website.

  6. Open the Nintendo Switch Online app (Android, iOS) on your phone, log in if you have not done so previously, and click on Splatoon 3 under Game-Specific Services.

  7. In the mitmweb tab that opened before, look for the line ending in /Game/GetWebServiceToken and select it. In the Response tab, the value listed under "result" > "accessToken" is your gtoken.

  8. Select the line https://api.lp1.av5ja.srv.nintendo.net/api/bullet_tokens. In the Response tab, the value listed under "bulletToken" is your bulletToken. Copy-paste these two tokens into the script when prompted.

  9. Return your phone's Wi-Fi settings back to normal, i.e. set Proxy back to "None".

Installing mitmproxy on a virtual device

  1. Install Android Studio and set up a new Android Virtual Device (AVD) via More Actions > Virtual Device Manager. Boot the AVD.

  2. Download the latest Nintendo Switch Online apk and drag it to the AVD screen to install it.

  3. Follow the instructions above through step 4. You can configure proxy settings for the emulator's Wi-Fi under … > Settings > Proxy.

  4. Follow the steps at https://docs.mitmproxy.org/stable/howto-install-system-trusted-ca-android/ to install the mitmproxy certificate at the system level. (Remember, you must boot your AVD using emulator -avd AVD_Name_Here -writable-system from the command line or the cert will not load.)

  5. If necessary, follow the steps at https://httptoolkit.tech/blog/chrome-android-certificate-transparency/#how-to-fix-it. Logging into your Nintendo account in the NSO app before enabling the proxy rather than after may help you avoid needing to do this step.

  6. Follow steps 6–8 above.

Disclaimer

You use this script and follow the above instructions at your own risk. None of the creators or contributors to s3s are responsible for anything that happens to your account(s) as a result of using s3s or obtaining your SplatNet tokens as described above.

s3s (ↄ) 2017–2023 eli fessler (frozenpandaman), clovervidia under the GPLv3 license

Clone this wiki locally