Intercept SSL Traffic

From WebOS Internals
Revision as of 12:33, 20 April 2011 by RodWhitby (talk | contribs) (→‎On the device)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Run Internet Sharing on your host, gateway address is 10.0.2.1, client wifi address is 10.0.2.x

Run burpsuite

Assumes you want to intercept traffic to <target-host>:<target-port>

proxy listeners

  • local listener port: 8443
  • listen on loopback interface only: no
  • support invisible proxying for non-proxy-aware clients: yes
  • redirect to host: <target-host>
  • redirect to port: <target-port>

server SSL certificate

  • generate a CA-signed certification with a specific hostname: <target-host>

intercept client requests

  • intercept-if: yes
  • update Content-Length: yes

intercept server responses

  • intercept-if: yes
  • update Content-Length: yes

misc

  • unpack gzip / deflate: yes

On the device

iptables -t nat -A OUTPUT -p tcp --dst <target-host> --dport <target-port> -j DNAT --to-destination <intercept-host>:<intercept-port>

openssl s_client -connect <target-host>:<target-port> -showcerts

copy the PortSwigger server CA cert into /etc/ssl/certs/trustedcerts/PortSwigger.pem

link it into /etc/ssl/certs/trustedcerts/ and /var/ssl/trustedcerts/ as <hash>.0

openssl x509 -hash -noout < PortSwigger.pem