Forum Navigation
You need to log in to create posts and topics.

Sniff HTTPS Traffic with mitmproxy


User wants to see all outgoing and incoming traffic in https protocol. since all the data is encrypted it is not possible to see almost anything with tcpdump running locally


Use mitmproxy and set your linux traffic trough the proxy

install mitmproxy either locally or on another machine in your network

apt-get install python-pyasn1 python-flask python-urwid python-dev libxml2-dev libxslt-dev libffi-dev
pip install mitmproxy
either enable system wide port forwarding with iptables
sysctl -w net.ipv4.ip_forward=1
iptables -t nat -A PREROUTING -i eth0 -p tcp –dport 80 -j REDIRECT –to-port 8080
iptables -t nat -A PREROUTING -i eth0 -p tcp –dport 443 -j REDIRECT –to-port 8080
or from the command prompt for your session

echo “check_certificate = off” >> ~/.wgetrc
export http_proxy=’http://mitmproxy:8080′
export https_proxy=’http://mitmproxy:8080′
export HTTPS_PROXY=’http://mitmproxy:8080′
export HTTP_PROXY=’http://mitmproxy:8080′

start the server
mitmproxy -T –host
and start browsing with your favourite  browser check the mitmproxy console logs
Change to quotes and double quotes accordingly
Another tool available and it will be covered in different post