如何在中间乐器中创建人 [英] How to create Man in the Middle instrumentation

问题描述

我正在尝试查看某些应用程序与SSL中的服务器进行通信的方式.基本上，该过程只是在声称已完成某些SSL通信时才挂起.我想通过捕获流量来调试问题，但是我不能真正使用嗅探器，因为SSL可能看起来像一个十六进制转储.

I'm trying to see how a certain application is talking to a server in SSL. Basically, the process just hangs when it claims to have done some SSL communication. I want to debug the problem by catching the traffic, but I can't really use a sniffer since SSL will probably look like a hexdump.

是否有一个很好的中间人工具可以用作检测工具?我只需要一些能告诉我解密后的通讯的东西.希望非常容易设置.我什至可以将应用程序指向计算机可用的任何IP地址/端口(例如localhost:8888)，因此可以使用代理.另外，我可能可以将应用程序配置为接受任何证书.

Is there a good man-in-the-middle tool that I could use as instrumentation? I just need something that will show me the decrypted communication. Hopefully very easy to setup. I could even point the application to any IP address/port available to my machine (eg localhost:8888), so proxies would be fine. Also, I can probably configure the application to accept any certificate.

您如何模拟中间人(mitm)SSL攻击?

What do you use to simulate a man-in-the-middle (mitm) SSL attack?

更新:我尝试了提琴手，但无法正常工作.我安装了openssl并键入以下命令: openssl s_client -connect smtp.gmail.com:465

UPDATE: I tried fiddler and can't get it to work. I installed openssl and typed the following command: openssl s_client -connect smtp.gmail.com:465

Gmail会以其证书和220 mx.google.com ESMTP ...进行响应.但是，Fiddler不会捕获流量.我在提琴手中将WinINET选项设置为对所有协议使用相同的代理服务器".其他人可以让它工作(或不工作)吗?我想我需要找到一种使openssl使用代理的方法.

Gmail responds with their certificate and a 220 mx.google.com ESMTP .... However, Fiddler does not capture the traffic. I set the WinINET options in fiddler to "Use the same proxy server for all protocols". Can anyone else get this to work (or not work)? I think I need to find a way to have openssl use a proxy.

推荐答案

提琴手允许您实现一个中间人攻击自己，以查看SSL隧道内部的内容.

Fiddler allows you to implement a man in the middle attack against yourself to see what is inside the SSL tunnel.

Fiddler为您的计算机生成一个唯一的根SSL证书，然后创建一个由根签名的会话证书.当您将Fiddler配置为为您解密SSL时，它充当您与目标之间的代理，使用站点的SSL证书解密流量，然后使用其自己的证书重新加密流量.

Fiddler generates a unique root SSL certificate for your computer, and then creates a session certificate signed by the root. When you configure Fiddler to decrypt SSL for you it acts as a proxy between you and the destination, decrypting the traffic using the site's SSL certificate and then re-encrypting it using its own certificate.

您的浏览器/应用程序将看到不可信的证书错误.您可以选择信任Fiddler的根证书来解决此错误.

Your browser/application will see an untrusted certificate error. You can get around this error by choosing to trust Fiddler's root certificate.

.Net Rocks的人们在使用上表现出色，播客插曲提琴手嗅探您的流量.

The folks over at .Net Rocks did a great podcast episode on using Fiddler to sniff your traffic.

这篇关于如何在中间乐器中创建人的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！