Look fine bro, i will try this tool.

INSTALL on BBOx :

$ sudo apt-get install python-pip python-dev build-essential
$ sudo pip install --upgrade pip
$ sudo pip install --upgrade virtualenv
$ sudo pip install mitmproxy

Thanks !

Thank you for sharing, weVeg. In these days I was searching for a proxy for performing a mitm...and I used a pretty simple "bash proxy" as
$ nc -l 80 | nc www.google.com Yah, it worked fine...but I was still missing features as on the fly editing...and ssl. I just didn't know of existence of programs like this....I'm here to learn;)
Thank you

joker__

Quote from: joker__ on September 17, 2012, 06:41:44 PM

Thank you for sharing, weVeg. In these days I was searching for a proxy for performing a mitm...and I used a pretty simple "bash proxy" as

Code: [Select]

$ nc -l 80 | nc www.google.com Yah, it worked fine...but I was still missing features as on the fly editing...and ssl. I just didn't know of existence of programs like this....I'm here to learn;)
Thank you

joker__

Hi joker! on bbox we already have this kind of tool, but i've found mitmproxy very useful as well as simply to use!!!

Which tools, eg?

if you try it would be useful some feedback!
Bye!!!!

[maybe OT, @ZEROF. If so, I may create a new topic for my question in the forum.]

Hi weVeg. I spent a bit of time on mitmproxy today. It is pretty intuitive, and very useful.
Actually I was meant to perform an "elegant" dns spoof. Maybe you can tell me how to do it using the application you suggested:

what i'm doing (working)
With ettercap I start a session using dns_spoof plugin, spoofing e.g. www.google.it to a local ip (let's say attacker: 192.168.1.5).
In this way anyone in the LAN who makes requests to google, it actually make requests to my ip.
Now I start a simple proxy that replies to the client (victim) connected, as google would:
$ mkfifo backpipe
# nc -l 80 0<backpipe | nc www.google.com 80 1>backpipeFinally I may sniff all the data, through wireshark or so on...

This attack works pretty well: the victim doesn't realize he's being attacked.

what i'd like to do
The fatal problem is: what about https?
I belived that a software as the one you suggested may do this job for me.
I actually tried, but I didn't manage to.
How would you do it? Let's say: all the trafic to a server (google.com), as my previous example, is being redirected to your pc. How do you make mitmproxy replying all the client requests to google.com, also with https support?

@joker: sorry i made mistake with zap... i'm confusing!
well, i'm new mitmproxy user too, so i remand you on the doc page [1]


[1] http://mitmproxy.org/doc/index.html

Yep, zap is for finding vulns in web applications;)
Ok, so we'll learn ourselves how to use this tool...it seems cool:)

Bye!