Skip to content

Instantly share code, notes, and snippets.

@ohpe

ohpe/MiTM-SSL.md

Created February 12, 2018 20:03
Show Gist options
  • Star 16 You must be signed in to star a gist
  • Fork 4 You must be signed in to fork a gist
  • Save ohpe/e02596a2c2247ea1a212e019c355e2c3 to your computer and use it in GitHub Desktop.
Save ohpe/e02596a2c2247ea1a212e019c355e2c3 to your computer and use it in GitHub Desktop.
Download ZIP
Simple SSL MiMT using stunnel
Raw
MiTM-SSL.md

Simple SSL MiTM

A quick and dirty SSL MiTM using stunnel

  • Generate a SSL certificate .. or use Let's Encrypt (for the green lock)
openssl req -batch -new -x509 -days 365 -nodes -out mitm.pem -keyout mitm.pem
  • Run stunnel
stunnel mitm.conf
;mitm.conf
[server]
client = no
cert= ./mitm.pem
accept = <EXPOSEDIP>:443
connect = 127.0.0.1:31337

[client]
client = yes
accept = 127.0.0.1:31337
connect = <TARGET>:443
  • Capture unencrypted traffic
sudo tcpdump -ilo -s0 -v -w ./mitm.pcap 'port 31337'
@mouchh
Copy link

mouchh commented Sep 4, 2019

Thanks for this one!
As I had some struggle to move ahead with TLS decryption once the packets were captured, I wanted to share how I managed to get it working. Hopefully it will help someone

Actually, the only way to decrypt TLS with the pem file only (including your private key) is to use TLS with a RSA cipher.
More and more clients and servers are handling TLS with DiffieHellman ciphers (DH) so if you want to be able to decrypt easily your traffic, you should add this config either on the [server] or [client] config

ciphers = RSA

It will tell the counterpart that you want to negiotiate your TLS encryption with a cipher from the RSA-family. Hopefully you will find a common RSA cipher to ease your decryption process by using the private key from the pem file.

There are ways to decrypt DH ciphers also but its more complex... as this gist is for simple MITM I guess we should not mention this here :)

@ohpe
Copy link
Author

ohpe commented Sep 4, 2019

Awesome, thanks @mouchh

@Saya47
Copy link

Saya47 commented Oct 18, 2019
edited

Hello @ohpe :)
I want to use Privoxy to block an HTTPS URL like this one: https://github.com/Setaran/
But Privoxy is not able to block HTTPS paths, it can only block HTTPS domains which is already achievable with HOSTS file on Windows so I don't need that.
I found your config for stunnel, I want to use in my case.
Can you please tell me after I add the above config to stunnel, how I can send the unencrypted data to Privoxy?
And then I think I should encrypt it with the .pem key?
Thanks very much in advance 👍

@diveshu
Copy link

diveshu commented Nov 29, 2023
edited

Hello @ohpe :) I want to use Privoxy to block an HTTPS URL like this one: https://github.com/Setaran/ But Privoxy is not able to block HTTPS paths, it can only block HTTPS domains which is already achievable with HOSTS file on Windows so I don't need that. I found your config for stunnel, I want to use in my case. Can you please tell me after I add the above config to stunnel, how I can send the unencrypted data to Privoxy? And then I think I should encrypt it with the .pem key? Thanks very much in advance 👍

Hi,
Were you able to get any solution?

@Saya47
Copy link

Saya47 commented Nov 30, 2023

Hello @ohpe :) I want to use Privoxy to block an HTTPS URL like this one: https://github.com/Setaran/ But Privoxy is not able to block HTTPS paths, it can only block HTTPS domains which is already achievable with HOSTS file on Windows so I don't need that. I found your config for stunnel, I want to use in my case. Can you please tell me after I add the above config to stunnel, how I can send the unencrypted data to Privoxy? And then I think I should encrypt it with the .pem key? Thanks very much in advance 👍

Hi, Were you able to get any solution?

Hello I used Fiddler!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment