How to MITM SSl with DHE for reverse engineering?How to block specific HTTPS traffic?Apache SSL working with...

Why did Mr. Elliot have to decide whose boots were thickest in "Persuasion"?

Does the US government have any planning in place to ensure there's no shortages of food, fuel, steel and other commodities?

Website seeing my Facebook data?

Equivalent of "illegal" for violating civil law

Plausible reason to leave the Solar System?

Time-efficient matrix elements grouping and summing

Is there a way to store 9th-level spells in a Glyph of Warding or similar method?

Closed set in topological space generated by sets of the form [a, b).

What does MTU depend on?

Is there any advantage in specifying './' in a for loop using a glob?

What is the industry term for house wiring diagrams?

How much light is too much?

Potential client has a problematic employee I can't work with

Book where a space ship journeys to the center of the galaxy to find all the stars had gone supernova

What are some ways of extending a description of a scenery?

Am I correct in stating that the study of topology is purely theoretical?

Illustrator to chemdraw

"Starve to death" Vs. "Starve to the point of death"

Why does 0.-5 evaluate to -5?

What makes papers publishable in top-tier journals?

hrule into tikz circle node

Why is it that Bernie Sanders is always called a "socialist"?

Subsurf on a crown. How can I smooth some edges and keep others sharp?

Are the positive and negative planes inner or outer planes in the Great Wheel cosmology model?



How to MITM SSl with DHE for reverse engineering?


How to block specific HTTPS traffic?Apache SSL working with IP but not FQDNMITM Proxy - Checking Validation of SSL Certificate ChainsOpenvpn connects and responds to ping but no internet accessnginx http to https proxy with self-signed certificateHow to configure pf.conf file for mitmproxy on macOS?Bypassing a VPN for all SSL trafficIRC Client to Bitlbee - end-to-end encryption?Convert localhost listening port to remotely listening port in WindowsSSL handshake error when use SSL tunneling via apache2.2?













0















There is a client connecting to a server on ssl with Diffe-Helmen on a port (lets say 6789). I want to inspect the communication. I tried ssldump and realized they don't work if Diffe-Helmen is used.



I can change the client config to connect to a different port (say 7890) and run a process on the server that does MITM and forwards clients data to the actual server running on 6789. What is the tool/command to do that?



How it works:



Client --SSL_6789->  Server


How I am trying to change



Client --SSL_7890-> MITMProxy --SSL_6789--> Server


Proxy should also log bidirectional communication to a log file. It has access to the private key. Server and MITMProxy will run on the same host and I have root access. Server is running Ubuntu 18.04 LTS. It is fine for the server to see the traffic as if it is coming from localhost(loosing client ip info) - Need not be perfect MITM but other case is also fine.



Is there a command/tool to do this or does it require writing a custom solution?










share|improve this question



























    0















    There is a client connecting to a server on ssl with Diffe-Helmen on a port (lets say 6789). I want to inspect the communication. I tried ssldump and realized they don't work if Diffe-Helmen is used.



    I can change the client config to connect to a different port (say 7890) and run a process on the server that does MITM and forwards clients data to the actual server running on 6789. What is the tool/command to do that?



    How it works:



    Client --SSL_6789->  Server


    How I am trying to change



    Client --SSL_7890-> MITMProxy --SSL_6789--> Server


    Proxy should also log bidirectional communication to a log file. It has access to the private key. Server and MITMProxy will run on the same host and I have root access. Server is running Ubuntu 18.04 LTS. It is fine for the server to see the traffic as if it is coming from localhost(loosing client ip info) - Need not be perfect MITM but other case is also fine.



    Is there a command/tool to do this or does it require writing a custom solution?










    share|improve this question

























      0












      0








      0








      There is a client connecting to a server on ssl with Diffe-Helmen on a port (lets say 6789). I want to inspect the communication. I tried ssldump and realized they don't work if Diffe-Helmen is used.



      I can change the client config to connect to a different port (say 7890) and run a process on the server that does MITM and forwards clients data to the actual server running on 6789. What is the tool/command to do that?



      How it works:



      Client --SSL_6789->  Server


      How I am trying to change



      Client --SSL_7890-> MITMProxy --SSL_6789--> Server


      Proxy should also log bidirectional communication to a log file. It has access to the private key. Server and MITMProxy will run on the same host and I have root access. Server is running Ubuntu 18.04 LTS. It is fine for the server to see the traffic as if it is coming from localhost(loosing client ip info) - Need not be perfect MITM but other case is also fine.



      Is there a command/tool to do this or does it require writing a custom solution?










      share|improve this question














      There is a client connecting to a server on ssl with Diffe-Helmen on a port (lets say 6789). I want to inspect the communication. I tried ssldump and realized they don't work if Diffe-Helmen is used.



      I can change the client config to connect to a different port (say 7890) and run a process on the server that does MITM and forwards clients data to the actual server running on 6789. What is the tool/command to do that?



      How it works:



      Client --SSL_6789->  Server


      How I am trying to change



      Client --SSL_7890-> MITMProxy --SSL_6789--> Server


      Proxy should also log bidirectional communication to a log file. It has access to the private key. Server and MITMProxy will run on the same host and I have root access. Server is running Ubuntu 18.04 LTS. It is fine for the server to see the traffic as if it is coming from localhost(loosing client ip info) - Need not be perfect MITM but other case is also fine.



      Is there a command/tool to do this or does it require writing a custom solution?







      networking proxy ssl






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked 5 hours ago









      balkibalki

      8029




      8029






















          0






          active

          oldest

          votes











          Your Answer








          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "3"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1409279%2fhow-to-mitm-ssl-with-dhe-for-reverse-engineering%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          0






          active

          oldest

          votes








          0






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes
















          draft saved

          draft discarded




















































          Thanks for contributing an answer to Super User!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1409279%2fhow-to-mitm-ssl-with-dhe-for-reverse-engineering%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          Popular posts from this blog

          Couldn't open a raw socket. Error: Permission denied (13) (nmap)Is it possible to run networking commands...

          VNC viewer RFB protocol error: bad desktop size 0x0I Cannot Type the Key 'd' (lowercase) in VNC Viewer...

          Why not use the yoke to control yaw, as well as pitch and roll? Announcing the arrival of...