Difference between revisions of "Intercept SSL Traffic"
Jump to navigation
Jump to search
| (4 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
Run Internet Sharing on your host, gateway address is 10.0.2.1, client wifi address is 10.0.2.x | Run Internet Sharing on your host, gateway address is 10.0.2.1, client wifi address is 10.0.2.x | ||
| − | == Run burpsuite | + | == Run burpsuite == |
Assumes you want to intercept traffic to <target-host>:<target-port> | Assumes you want to intercept traffic to <target-host>:<target-port> | ||
| − | === | + | === proxy listeners === |
| − | * local listener port: | + | * local listener port: 8443 |
* listen on loopback interface only: no | * listen on loopback interface only: no | ||
* support invisible proxying for non-proxy-aware clients: yes | * support invisible proxying for non-proxy-aware clients: yes | ||
* redirect to host: <target-host> | * redirect to host: <target-host> | ||
* redirect to port: <target-port> | * redirect to port: <target-port> | ||
| + | |||
| + | ==== server SSL certificate ==== | ||
* generate a CA-signed certification with a specific hostname: <target-host> | * generate a CA-signed certification with a specific hostname: <target-host> | ||
| Line 22: | Line 24: | ||
* update Content-Length: yes | * update Content-Length: yes | ||
| + | ==== misc ==== | ||
* unpack gzip / deflate: yes | * unpack gzip / deflate: yes | ||
== On the device == | == On the device == | ||
| − | + | iptables -t nat -A OUTPUT -p tcp --dst <target-host> --dport <target-port> -j DNAT --to-destination <intercept-host>:<intercept-port> | |
| − | + | ||
| + | openssl s_client -connect <target-host>:<target-port> -showcerts | ||
| + | |||
| + | copy the PortSwigger server CA cert into /etc/ssl/certs/trustedcerts/PortSwigger.pem | ||
| + | |||
| + | link it into /etc/ssl/certs/trustedcerts/ and /var/ssl/trustedcerts/ as <hash>.0 | ||
| + | |||
| + | openssl x509 -hash -noout < PortSwigger.pem | ||
Latest revision as of 13:33, 20 April 2011
Run Internet Sharing on your host, gateway address is 10.0.2.1, client wifi address is 10.0.2.x
Run burpsuite
Assumes you want to intercept traffic to <target-host>:<target-port>
proxy listeners
- local listener port: 8443
- listen on loopback interface only: no
- support invisible proxying for non-proxy-aware clients: yes
- redirect to host: <target-host>
- redirect to port: <target-port>
server SSL certificate
- generate a CA-signed certification with a specific hostname: <target-host>
intercept client requests
- intercept-if: yes
- update Content-Length: yes
intercept server responses
- intercept-if: yes
- update Content-Length: yes
misc
- unpack gzip / deflate: yes
On the device
iptables -t nat -A OUTPUT -p tcp --dst <target-host> --dport <target-port> -j DNAT --to-destination <intercept-host>:<intercept-port>
openssl s_client -connect <target-host>:<target-port> -showcerts
copy the PortSwigger server CA cert into /etc/ssl/certs/trustedcerts/PortSwigger.pem
link it into /etc/ssl/certs/trustedcerts/ and /var/ssl/trustedcerts/ as <hash>.0
openssl x509 -hash -noout < PortSwigger.pem