I am building an application in which I want to block particular hosts. We intercepted the network traffic via VPNService in Android and we get all the packets. I did DNS resolution to get the hostname from the destination address. My aim is to block a particular URL based on web content. In order to get the complete URL, I'm thinking of trying MITM attack to get the decrypted data from the TCP packets.
How should I go about this approach? Also, is there any other way to achieve this goal?
Note: This is for the non-rooted device only.
You might want to adapt this https://stackoverflow.com/a/22040887/6655884 to work with your service. The idea is to install your own certificate root so your MITM certificates are trusted on the Android.
This does not require root.
However if you're planning to launch it as an APK, not for a particular device, asking the user to install certificates won't work.
I don't think it's possible to do it without installing a custom certificate