Format extra README details a little for clarity

httptoolkit · Jan 24, 2024 · 6e99ada · 6e99ada
1 parent 5ca2339
commit 6e99ada
Showing 1 changed file with 8 additions and 3 deletions.
diff --git a/README.md b/README.md
@@ -16,12 +16,17 @@ The scripts can automatically handle:
 To get started:
 
 1. Start your MitM proxy (e.g. [HTTP Toolkit](https://httptoolkit.com/android/)), and set up your rooted Android device or emulator, connected to ADB.
-2. Find your MitM proxy's port (e.g. 8000) and its CA certificate in PEM format (should start with `-----BEGIN CERTIFICATE-----`). In HTTP Toolkit, both details can be found in the 'Anything' option on the Intercept page.
+2. Find your MitM proxy's port (e.g. 8000) and its CA certificate in PEM format
+    * The CA certificate should start with `-----BEGIN CERTIFICATE-----`. You can open it with a text editor to see and extract this content.
+    * In HTTP Toolkit, both details can be found in the 'Anything' option on the Intercept page.
 3. Open `config.js`, and add those details:
-    * `CERT_PEM`: your CA certificate in PEM format (Open with a text editor to extract the information)
+    * `CERT_PEM`: your CA certificate in PEM format.
     * `PROXY_PORT`: the proxy's port
     * `PROXY_HOST`: the address of your proxy, from the perspective of your device (or use `adb reverse tcp:$PORT tcp:$PORT` to forward the port over ADB, and use `127.0.0.1` as the host)
-4. Install & start Frida on your device (e.g. download the relevant server (frida-server) from [github.com/frida/frida](https://github.com/frida/frida/releases/latest), extract it, `adb push` it to your device (ensure device is on and connected via ADB), and then run it with the following 4 commands: `adb shell`, `su` (Here you get super user (root) permissions, run `whoami` to check if you are root or not, if you are not root it will not work), `chmod +x /.../frida-server`, `/.../frida-server`).
+4. Install & start Frida on your device
+    * The steps here may depend on your specific device & configuration.
+    * For example: download the relevant `frida-server` from [github.com/frida/frida](https://github.com/frida/frida/releases/latest), extract it, `adb push` it to your device, and then run it with the following 4 commands: `adb shell`, `su`, `chmod +x /.../frida-server`, `/.../frida-server`.
+    * If you have issues, remember to check the device is on & connected (using `adb devices`) before running commands. Note that Frida will only run on the device as root, which is what `su` provides in the example above, when run on a rooted device. To check you are root after running `su` or similar, check that running `whoami` in the shell prints `root`.
 5. Find the package id for the app you're interested in (for a quick test, try using [github.com/httptoolkit/android-ssl-pinning-demo](https://github.com/httptoolkit/android-ssl-pinning-demo) - the package id is `tech.httptoolkit.pinning_demo`)
 6. Use Frida to launch the app you're interested in with the scripts injected (starting with `config.js`). Which scripts to use is up to you, but for Android a good command to start with is (if you are on Linux):
     ```bash