Difference between revisions of "Intercept SSL Traffic"
Jump to navigation
Jump to search
Line 22: | Line 22: | ||
* update Content-Length: yes | * update Content-Length: yes | ||
+ | ==== misc ==== | ||
* unpack gzip / deflate: yes | * unpack gzip / deflate: yes | ||
Revision as of 07:05, 27 March 2011
Run Internet Sharing on your host, gateway address is 10.0.2.1, client wifi address is 10.0.2.x
Run burpsuite (must be run as root)
Assumes you want to intercept traffic to <target-host>:<target-port>
Create a new proxy
- local listener port: 443
- listen on loopback interface only: no
- support invisible proxying for non-proxy-aware clients: yes
- redirect to host: <target-host>
- redirect to port: <target-port>
- generate a CA-signed certification with a specific hostname: <target-host>
intercept client requests
- intercept-if: yes
- update Content-Length: yes
intercept server responses
- intercept-if: yes
- update Content-Length: yes
misc
- unpack gzip / deflate: yes
On the device
Edit /etc/hosts 10.0.2.1 <target-host>