Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [mitmproxy]

18 questions
12
votes
4 answers

Apache: Validate SSL chain of trust to prevent MITM-attacks?

I just realized that SSL man-in-the-middle attacks are far more common than I thought, especially in corporate environments. I've heard about and seen myself several enterprises which have a transparent SSL proxy server in place. All clients are…
Aileron79
  • 259
  • 1
  • 7
7
votes
3 answers

Is SSLsplit the right tool to intercept and re-encrypt HTTPS traffic on a wifi router?

I'm looking to do a vulnerability research on products running on a variety of devices by intercepting their HTTPS traffic, but I don't want to modify the devices aside from installing a custom cert. It seems SSLsplit does what I want, as it allows…
Andrey Fedorov
  • 2,129
  • 4
  • 16
  • 12
5
votes
1 answer

Bridge + nftables: How to redirect incoming HTTP/HTTPS traffic to local port 8080?

I have set up a bridge and would like to redirect HTTP/HTTPS traffic traversing it to a local port (8080) so that I can further process it using mitmproxy. So far I was using a combination of ebtables & iptables rules. Unfortunately, I had to learn…
Tobias
  • 101
  • 1
  • 5
2
votes
1 answer

Is it possible to make OpenSSL work with gnutls?

I have libvirt, one client and one server. Libvirt uses gnutls implementation of tls. I want to use mitmproxy and put in the middle between client and remote server. But mitmproxy uses different implementation of tls - openssl. I read that their…
Anastasiya Ruzhanskaya
  • 123
  • 5
2
votes
2 answers

How to prevent a third party from proxying an HTTPS website?

I am hosting some kind of database management interface on https://www.prettylongdomainname.example/ I have implemented HTTP Strict Transport Security to prevent people accessing this website over HTTP because I don't want my users to submit their…
Jaap Joris Vens
  • 601
  • 3
  • 8
  • 20
1
vote
0 answers

Why does my Docker container eventually lose network connection during selenium testing?

I was given a couple of Docker images for my automated testing on MacOS -- one for mitmproxy (as provided by that third party), the other supports the python/selenium tests I wrote earlier (this image includes Chrome and the necessary…
HalJor
  • 11
  • 3
1
vote
2 answers

How to configure mitmproxy to intercept https?

I am trying to use mitmproxy to debug some https requests. I have configured mitmproxy to listen to a certain port: mitmproxy --listen-port 44700 I have configured my environment properly: export http_proxy=http://localhost:44700 export…
blueFast
  • 4,200
  • 13
  • 37
  • 54
1
vote
1 answer

How to send outgoing TCP packets on Windows through a remote Linux server?

Let's say I have a Windows computer and a Linux server. I'm looking for a way to route outgoing TCP packets on the Windows computer (all ports) through the Linux server. The Linux server would have something like Ettercap to modify those packets…
Pacnet
  • 13
  • 3
1
vote
1 answer

mitmproxy as a chain proxy, without SSL decryption

I want to use mitmproxy, as a chain proxy, meaning, I want all my services to connect to mitmproxy which in turn is configured to connect to an external proxy, I did that just fine, using the upstream mode but I could not find anything in the…
AL-Kateb
  • 333
  • 2
  • 7
  • 15
1
vote
0 answers

How can I route a specific local device through a proxy? (Smart TV with no available proxy configuration, only gateway+dns)

Current Setup https://i.stack.imgur.com/2w5Nd.png Currently just running a pi-hole DNS, and a lighttpd server on port 80 to access pi-hole admin web interface. I have made a DHCP reservation on my router for my RPi (10.0.0.10). What I want to…
James Lemieux
  • 111
  • 1
0
votes
1 answer

Troubleshooting proxy connection error on legacy app

I'm having to support some legacy client code which makes a network connection to a server using a proprietary protocol over port 1234. A straight internet connection on the client machine works fine, but some people use it inside a corporate…
dsl101
  • 433
  • 1
  • 8
  • 14
0
votes
0 answers

How can I intercept http requests, respond immediately with a custom http response, and also forward the original http request to the server?

I have an application that is stalling each time it makes a http request to a server. It stalls until the response is received from the server. The problem is, the server takes a while to respond to this specific http request, and takes several…
Adam B
  • 311
  • 1
  • 3
  • 6
0
votes
1 answer

Setting up transparent MitM HTTPS proxy for IoT device?

I have an IoT device that communicates with a remote server via HTTPS over port 443. I would like to intercept the HTTP/HTTPS communication - e.g. using Charles or mitmproxy. If it was a desktop or Android device, I could setup the proxy's SSL…
victorhooi
  • 515
  • 3
  • 11
  • 20
0
votes
0 answers

grab https URL without import CA into PC from squid access log

1.The domain aa.com was belongs to our company and we have the public and private key of Wildcard certificate about aa.com. 2.We want to grab all of the URL from the access log which about *.aa.com, so we can use the security scanner to check these…
insmod
  • 1
0
votes
1 answer

Can you self-host a DNS server with custom domains and still get TLS?

I assume the easy answer here is no, but I'm wondering the following. Without having to pre-install a certificate on each client, can I get TLS support for domains if I self-host a DNS server? For example: I host a DNS server that maps…
user38643
  • 103
  • 2
1
2