Uncategorized

HTTPS MITM with transparent mode

Leave a comment

 

set ipaddress for client adaptor

Edit /etc/network/interfaces:

# Proxy Server network interface
auto eth1
iface eth1 inet static
address 192.168.3.1
netmask 255.255.255.0
gateway 0.0.0.0

solve 53 port confiliction

# vi /etc/systemd/resolved.conf   > DNSStubListener=no
# systemctl restart systemd-resolved

config dnsmasq

Then replace /etc/dnsmasq.conf with:

# Listen for DNS requests on the internal network
interface=eth1
# Act as a DHCP server, assign IP addresses to clients
dhcp-range=192.168.3.10,192.168.3.100,96h
# Broadcast gateway and dns server information
dhcp-option=option:router,192.168.3.1
dhcp-option=option:dns-server,192.168.3.1

# systemctl restart dnsmasq

Sysctls

sysctl -w net.ipv4.ip_forward=1
sysctl -w net.ipv6.conf.all.forwarding=1
sysctl -w net.ipv4.conf.all.send_redirects=0

Rrerouting

iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 8080
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 443 -j REDIRECT --to-port 8080

Start mitmproxy

$ mitmweb --mode transparent --showhost

https://docs.mitmproxy.org/stable/concepts-modes/#socks-proxy

https://docs.mitmproxy.org/stable/howto-transparent/

https://nickcharlton.net/posts/transparent-proxy-virtual-machines-mitmproxy.html

Leave a Reply

Your email address will not be published. Required fields are marked *