How to pass traffic through a local proxy and how to create a certificate for mitm?

A

AwvuweWd2019-08-23 05:49:47

linux

AwvuweWd, 2019-08-23 05:49:47

1)
how to forward the port?
the application constantly connects to the server, I want to know what it transmits so zealously.
443 to 8080.
You need to pass packets for 52.114.76.7:443 through 127.0.0.1:8080
there are Iptables and ufw.
I
--------------------------------------
app ->htt[ps]proxy--- ------>52.114.76.7:443
--------------------------------------
2) How to create a certificate for mitm in x509 format?

Reply

Answer the question

In order to leave comments, you need to log in

4 answer(s)

A

AwvuweWd, 2019-10-14
@AwvuweWd

Question 1:
sysctl -w net.ipv4.ip_forward=1
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080
iptables -t nat -A PREROUTING -i eth0 - p tcp --dport 443 -j REDIRECT --to-port 8080
Question 2:
openssl genrsa -out cert.key 8192
openssl req -new -x509 -key cert.key -out cert.crt
Common Name example: *.google. com
cat cert.key cert.crt > cert.pem
mitmproxy --cert=cert.pem

C

CityCat4, 2019-08-23
@CityCat4

Recommend an article on iptables? :) Easily - Here's
an UPD: Don't ask two questions in one.
Bumping requires a fairly specific squid configuration that allows you to write the log in the same way as it was without https.

R

Rsa97, 2019-08-23
@Rsa97

It is not difficult to pass traffic through a proxy, but you need to configure MitM or bump , otherwise you will only see the start of the https session, and then everything will go in encrypted form.

D

Dmitry, 2019-08-23
@q2digger

besides iptables, you will have to learn SSL bump , as you will have to try to work with SSL traffic.