mitm proxy

Started by weVeg, September 14, 2012, 08:03:26 PM

Previous topic - Next topic

weVeg

i know that we have another http proxy, but take a look here
http://mitmproxy.org/index.html

i've found it very cool!
una voce libera è sempre liberatrice
under_r00t

ZEROF

#1
Look fine bro, i will try this tool.

INSTALL on BBOx :

$ sudo apt-get install python-pip python-dev build-essential
$ sudo pip install --upgrade pip
$ sudo pip install --upgrade virtualenv
$ sudo pip install mitmproxy

Thanks !

Don't ask, read : http://wiki.backbox.org
or just run sudo rm -rf /*

weVeg

yes looks fine!! i'm playing and... works very well!!! =)

see you bro!
una voce libera è sempre liberatrice
under_r00t

joker__

Thank you for sharing, weVeg. In these days I was searching for a proxy for performing a mitm...and I used a pretty simple "bash proxy" as
$ nc -l 80 | nc www.google.com
Yah, it worked fine...but I was still missing features as on the fly editing...and ssl. I just didn't know of existence of programs like this....I'm here to learn;)
Thank you

joker__
joker__
http://piecesofsheets.wordpress.com/ [soon in english]

weVeg

Quote from: joker__ on September 17, 2012, 07:41:44 PM
Thank you for sharing, weVeg. In these days I was searching for a proxy for performing a mitm...and I used a pretty simple "bash proxy" as
$ nc -l 80 | nc www.google.com
Yah, it worked fine...but I was still missing features as on the fly editing...and ssl. I just didn't know of existence of programs like this....I'm here to learn;)
Thank you

joker__
Hi joker! on bbox we already have this kind of tool, but i've found mitmproxy very useful as well as simply to use!!!
if you try it would be useful some feedback!
Bye!!!!
una voce libera è sempre liberatrice
under_r00t

joker__

Quote from: weVeg on September 17, 2012, 08:00:28 PM
Quote from: joker__ on September 17, 2012, 07:41:44 PM
Thank you for sharing, weVeg. In these days I was searching for a proxy for performing a mitm...and I used a pretty simple "bash proxy" as
$ nc -l 80 | nc www.google.com
Yah, it worked fine...but I was still missing features as on the fly editing...and ssl. I just didn't know of existence of programs like this....I'm here to learn;)
Thank you

joker__
Hi joker! on bbox we already have this kind of tool, but i've found mitmproxy very useful as well as simply to use!!!
Which tools, eg? :)
Quote from: weVeg on September 17, 2012, 08:00:28 PM
if you try it would be useful some feedback!
Bye!!!!

[maybe OT, @ZEROF. If so, I may create a new topic for my question in the forum.]

Hi weVeg. I spent a bit of time on mitmproxy today. It is pretty intuitive, and very useful.
Actually I was meant to perform an "elegant" dns spoof. Maybe you can tell me how to do it using the application you suggested:

what i'm doing (working)
With ettercap I start a session using dns_spoof plugin, spoofing e.g. www.google.it to a local ip (let's say attacker: 192.168.1.5).
In this way anyone in the LAN who makes requests to google, it actually make requests to my ip.
Now I start a simple proxy that replies to the client (victim) connected, as google would:
$ mkfifo backpipe
# nc -l 80 0<backpipe | nc www.google.com 80 1>backpipe

Finally I may sniff all the data, through wireshark or so on...

This attack works pretty well: the victim doesn't realize he's being attacked.

what i'd like to do
The fatal problem is: what about https?
I belived that a software as the one you suggested may do this job for me.
I actually tried, but I didn't manage to.
How would you do it? Let's say: all the trafic to a server (google.com), as my previous example, is being redirected to your pc. How do you make mitmproxy replying all the client requests to google.com, also with https support?
joker__
http://piecesofsheets.wordpress.com/ [soon in english]

weVeg

@joker: sorry i made mistake with zap... i'm confusing!
well, i'm new mitmproxy user too, so i remand you on the doc page [1]


[1] http://mitmproxy.org/doc/index.html
una voce libera è sempre liberatrice
under_r00t

joker__

Quote from: weVeg on September 18, 2012, 02:28:31 PM
@joker: sorry i made mistake with zap... i'm confusing!
well, i'm new mitmproxy user too, so i remand you on the doc page [1]


[1] http://mitmproxy.org/doc/index.html

Yep, zap is for finding vulns in web applications;)
Ok, so we'll learn ourselves how to use this tool...it seems cool:)

Bye!
joker__
http://piecesofsheets.wordpress.com/ [soon in english]

weVeg

eh si! sometimes i made mistake with installed or default tools.... un pò di delirio!
una voce libera è sempre liberatrice
under_r00t