1/8/2024 0 Comments Using mitmproxyThe default table is filter, and it is mainly for firewall rules. Here’s what you need to know for our use case: Iptables is very powerful, but has a steep learning curve. iptablesįirst, enable IP Forwarding in the kernel: sudo sysctl -w _forward=1. In Cygwin you run vim as Administrator with cygstart -action=runas vim hosts. On Windows the hosts file is in C:\Windows\System32\drivers\etc\hosts, and you need to be Administrator. In OSX El Capitan you may need to disable rootless (WTF Apple). On OSX after you edit /etc/hosts, you might need to flush the DNS cache: dscacheutil -flushcache sudo killall -HUP mDNSResponder. For desktop clients, use the manual setup. If your client is the web browser, the trick is the easiest setup. Follow the instructions here: Install mitmproxy root certificate. Ubuntu 14.04 (TLS) had an old pyasn1, so I had to also: sudo pip install pyasn1 Trust mitmproxy’s root certificateįor the dynamic certificate generation / signing to work, the client must trust mitmproxy’s root certificate. Install mitmproxy sudo apt-get install python-pip python-dev libffi-dev libssl-dev libxml2-dev libxslt1-dev mitmproxy docs will ask you to set the default host on the client, but because we have the DNS rules we won’t need to do that. The server probably has a self-signed cert, any kind of cert is fine. You probably have DNS rules on the client machine to point to 192.168.1.100. Setupįirst, make sure everything works unintercepted. http2 support is under active development. It doesn’t handle websockets or http2, although it does have a TCP mode. Note that mitmproxy is designed for HTTP. This will allow us to inspect the traffic as it passes through. mitmproxy will then make a new connection to the real server, fetch whatever content the client wanted, and forward it, decrypting and re-encrypting it with it’s own cert. mitmproxy will impersonate the the server, do the SSL negotiation with the client using a certificate it generates (and signs) for the requested host. We are going to set iptables on the server to redirect incoming traffic for port 443 (https) to port 8080 (default mitmproxy port). It talks to the server on another machine (192.168.1.10). The client is on one machine (OSX or Windows). Instructions are for Ubuntu (arguably the most popular server operating system), but mitmproxy will also run on OSX (anecdotaly the most popular developer laptop) using pf instead of iptables. Here’s how I did that with mitmproxy and iptables. The clients include OSX and Windows desktop apps, talking to the server over HTTPS. I am porting a server from Java to Go, and need to watch the traffic it receives. Tl dr Use the mitmproxy doc, return here if trouble.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |