History

kev 82143a5b63 swith to new domain: easypi.pro		2017-05-08 07:05:07 +08:00
..
arm	update sslsplit	2016-07-19 13:05:10 +08:00
data	update sslsplit	2016-07-19 13:05:10 +08:00
Dockerfile	swith to new domain: easypi.pro	2017-05-08 07:05:07 +08:00
README.md	update sslsplit	2016-07-19 13:05:10 +08:00
docker-compose.yml	update sslsplit	2016-07-19 13:05:10 +08:00

README.md

sslsplit

SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections.

docker-compose.yml

sslsplit:
  image: vimagick/sslsplit
  command:
    -k keys/ca.key -c keys/ca.crt -P
    -l logs/connections.log -S logs
    tcp 0.0.0.0 8080
    ssl 0.0.0.0 8443
  net: host
  volumes:
    - ./data:/data
  working_dir: /data
  restart: unless-stopped

Server Setup

$ mkdir -p data/{key,log}
$ openssl req -x509 -newkey rsa:2048 -nodes -keyout data/key/ca.key -out data/key/ca.crt -days 3650 -subj '/CN=EasyPi'
$ docker-compose up -d

# setup
sysctl -w net.ipv4.ip_forward=1
iptables -t nat -N SSLSPLIT
iptables -t nat -A SSLSPLIT -p tcp --dport 80 -j REDIRECT --to-ports 8080
iptables -t nat -A SSLSPLIT -p tcp --dport 443 -j REDIRECT --to-ports 8443

# enable
iptables -t nat -A PREROUTING -j SSLSPLIT

# disable
iptables -t nat -D PREROUTING -j SSLSPLIT

Client Setup

sudo route change default 192.168.31.231
curl -k https://www.baidu.com/s?wd=hello+world

ProTip: No warning dialog after importing ca.crt into system/browser.

https://blog.heckel.xyz/2013/08/04/use-sslsplit-to-transparently-sniff-tls-ssl-connections/

README.md

sslsplit

docker-compose.yml

Server Setup

Client Setup

read more