Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [mitmproxy]

15 questions
12
votes
4 answers

Apache: Validate SSL chain of trust to prevent MITM-attacks?

I just realized that SSL man-in-the-middle attacks are far more common than I thought, especially in corporate environments. I've heard about and seen myself several enterprises which have a transparent SSL proxy server in place. All clients are…
Aileron79
  • 259
  • 1
  • 7
7
votes
3 answers

Is SSLsplit the right tool to intercept and re-encrypt HTTPS traffic on a wifi router?

I'm looking to do a vulnerability research on products running on a variety of devices by intercepting their HTTPS traffic, but I don't want to modify the devices aside from installing a custom cert. It seems SSLsplit does what I want, as it allows…
Andrey Fedorov
  • 2,079
  • 4
  • 16
  • 12
3
votes
1 answer

Bridge + nftables: How to redirect incoming HTTP/HTTPS traffic to local port 8080?

I have set up a bridge and would like to redirect HTTP/HTTPS traffic traversing it to a local port (8080) so that I can further process it using mitmproxy. So far I was using a combination of ebtables & iptables rules. Unfortunately, I had to learn…
Tobias
  • 61
  • 1
  • 5
2
votes
1 answer

Is it possible to make OpenSSL work with gnutls?

I have libvirt, one client and one server. Libvirt uses gnutls implementation of tls. I want to use mitmproxy and put in the middle between client and remote server. But mitmproxy uses different implementation of tls - openssl. I read that their…
Anastasiya Ruzhanskaya
  • 123
  • 5
1
vote
0 answers

Why does my Docker container eventually lose network connection during selenium testing?

I was given a couple of Docker images for my automated testing on MacOS -- one for mitmproxy (as provided by that third party), the other supports the python/selenium tests I wrote earlier (this image includes Chrome and the necessary…
HalJor
  • 11
  • 3
1
vote
2 answers

How to prevent a third party from proxying an HTTPS website?

I am hosting some kind of database management interface on https://www.prettylongdomainname.example/ I have implemented HTTP Strict Transport Security to prevent people accessing this website over HTTP because I don't want my users to submit their…
Jaap Joris Vens
  • 561
  • 2
  • 7
  • 18
1
vote
2 answers

How to configure mitmproxy to intercept https?

I am trying to use mitmproxy to debug some https requests. I have configured mitmproxy to listen to a certain port: mitmproxy --listen-port 44700 I have configured my environment properly: export http_proxy=http://localhost:44700 export…
blueFast
  • 4,000
  • 13
  • 36
  • 51
1
vote
1 answer

How to send outgoing TCP packets on Windows through a remote Linux server?

Let's say I have a Windows computer and a Linux server. I'm looking for a way to route outgoing TCP packets on the Windows computer (all ports) through the Linux server. The Linux server would have something like Ettercap to modify those packets…
Pacnet
  • 13
  • 3
1
vote
0 answers

How can I route a specific local device through a proxy? (Smart TV with no available proxy configuration, only gateway+dns)

Current Setup https://i.imgur.com/yEg2lg3.png Currently just running a pi-hole DNS, and a lighttpd server on port 80 to access pi-hole admin web interface. I have made a DHCP reservation on my router for my RPi (10.0.0.10). What I want to…
James Lemieux
  • 111
  • 1
0
votes
1 answer

Troubleshooting proxy connection error on legacy app

I'm having to support some legacy client code which makes a network connection to a server using a proprietary protocol over port 1234. A straight internet connection on the client machine works fine, but some people use it inside a corporate…
dsl101
  • 433
  • 1
  • 7
  • 13
0
votes
0 answers

How can I intercept http requests, respond immediately with a custom http response, and also forward the original http request to the server?

I have an application that is stalling each time it makes a http request to a server. It stalls until the response is received from the server. The problem is, the server takes a while to respond to this specific http request, and takes several…
Adam B
  • 181
  • 1
  • 2
  • 6
0
votes
1 answer

Setting up transparent MitM HTTPS proxy for IoT device?

I have an IoT device that communicates with a remote server via HTTPS over port 443. I would like to intercept the HTTP/HTTPS communication - e.g. using Charles or mitmproxy. If it was a desktop or Android device, I could setup the proxy's SSL…
victorhooi
  • 515
  • 3
  • 11
  • 20
0
votes
0 answers

mitmproxy as a chain proxy, without SSL decryption

I want to use mitmproxy, as a chain proxy, meaning, I want all my services to connect to mitmproxy which in turn is configured to connect to an external proxy, I did that just fine, using the upstream mode but I could not find anything in the…
AL-Kateb
  • 271
  • 1
  • 5
  • 13
0
votes
1 answer

"Received HTTP code 400 from proxy after CONNECT", trying to put mitmproxy behind nginx

I have a mitmproxy running on port 2011. I can use it by itself, with curl -x http://127.0.0.1:2011 google.com. However, I now want to put it behind nginx under the domain name proxy.history.test. However, doing curl -x http://proxy.history.test:80…
DrownedSuccess
  • 1
  • 2
0
votes
1 answer

How to use docker container as a proxy?

I have the following docker-compose: version: '3' services: mitmproxy: image: johnmccabe/mitmweb container_name: mitmproxy command: --cadir /ca --wiface 0.0.0.0 restart: always ports: #- "8080:8080" -…
Guerlando OCs
  • 47
  • 1
  • 6