Sometimes you need to look inside the SSL traffic without having keys. The alternative way would be to redirect the traffic to a decoder/encoder pair and listen in between.
HOWTO:
thenHOWTO:
- generate key&cert pair, use right IP for CN:
- openssl req -newkey rsa:2048 -nodes -keyout key.pem -x509 -days 365 -out certificate.pem
- MITM -> external host (SSL encrypted):
- socat TCP-L:9999,reuseaddr,fork SSL:3.3.3.33:443
- client -> MITM:
- pkexec socat SSL-L:443,reuseaddr,fork,cert=/tmp/2/certificate.pem,key=/tmp/2/key.pem,verify=0 TCP:127.0.0.1:9999
tcpdump -s 2000 -w /tmp/1.pcap port 9999Piece of cake!
Комментариев нет:
Отправить комментарий