Difference between revisions of "Intercept SSL Traffic"
Jump to navigation
Jump to search
(2 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
Run Internet Sharing on your host, gateway address is 10.0.2.1, client wifi address is 10.0.2.x | Run Internet Sharing on your host, gateway address is 10.0.2.1, client wifi address is 10.0.2.x | ||
− | == Run burpsuite | + | == Run burpsuite == |
Assumes you want to intercept traffic to <target-host>:<target-port> | Assumes you want to intercept traffic to <target-host>:<target-port> | ||
Line 7: | Line 7: | ||
=== proxy listeners === | === proxy listeners === | ||
− | * local listener port: | + | * local listener port: 8443 |
* listen on loopback interface only: no | * listen on loopback interface only: no | ||
* support invisible proxying for non-proxy-aware clients: yes | * support invisible proxying for non-proxy-aware clients: yes | ||
Line 29: | Line 29: | ||
== On the device == | == On the device == | ||
− | + | iptables -t nat -A OUTPUT -p tcp --dst <target-host> --dport <target-port> -j DNAT --to-destination <intercept-host>:<intercept-port> | |
− | + | ||
+ | openssl s_client -connect <target-host>:<target-port> -showcerts | ||
+ | |||
+ | copy the PortSwigger server CA cert into /etc/ssl/certs/trustedcerts/PortSwigger.pem | ||
+ | |||
+ | link it into /etc/ssl/certs/trustedcerts/ and /var/ssl/trustedcerts/ as <hash>.0 | ||
+ | |||
+ | openssl x509 -hash -noout < PortSwigger.pem |
Latest revision as of 12:33, 20 April 2011
Run Internet Sharing on your host, gateway address is 10.0.2.1, client wifi address is 10.0.2.x
Run burpsuite
Assumes you want to intercept traffic to <target-host>:<target-port>
proxy listeners
- local listener port: 8443
- listen on loopback interface only: no
- support invisible proxying for non-proxy-aware clients: yes
- redirect to host: <target-host>
- redirect to port: <target-port>
server SSL certificate
- generate a CA-signed certification with a specific hostname: <target-host>
intercept client requests
- intercept-if: yes
- update Content-Length: yes
intercept server responses
- intercept-if: yes
- update Content-Length: yes
misc
- unpack gzip / deflate: yes
On the device
iptables -t nat -A OUTPUT -p tcp --dst <target-host> --dport <target-port> -j DNAT --to-destination <intercept-host>:<intercept-port>
openssl s_client -connect <target-host>:<target-port> -showcerts
copy the PortSwigger server CA cert into /etc/ssl/certs/trustedcerts/PortSwigger.pem
link it into /etc/ssl/certs/trustedcerts/ and /var/ssl/trustedcerts/ as <hash>.0
openssl x509 -hash -noout < PortSwigger.pem