如何在中间乐器中创建人 [英] How to create Man in the Middle instrumentation
问题描述
我正在尝试查看某些应用程序与SSL中的服务器进行通信的方式.基本上,该过程只是在声称已完成某些SSL通信时才挂起.我想通过捕获流量来调试问题,但是我不能真正使用嗅探器,因为SSL可能看起来像一个十六进制转储.
I'm trying to see how a certain application is talking to a server in SSL. Basically, the process just hangs when it claims to have done some SSL communication. I want to debug the problem by catching the traffic, but I can't really use a sniffer since SSL will probably look like a hexdump.
是否有一个很好的中间人工具可以用作检测工具?我只需要一些能告诉我解密后的通讯的东西.希望非常容易设置.我什至可以将应用程序指向计算机可用的任何IP地址/端口(例如localhost:8888),因此可以使用代理.另外,我可能可以将应用程序配置为接受任何证书.
Is there a good man-in-the-middle tool that I could use as instrumentation? I just need something that will show me the decrypted communication. Hopefully very easy to setup. I could even point the application to any IP address/port available to my machine (eg localhost:8888), so proxies would be fine. Also, I can probably configure the application to accept any certificate.
您如何模拟中间人(mitm)SSL攻击?
What do you use to simulate a man-in-the-middle (mitm) SSL attack?
更新:我尝试了提琴手,但无法正常工作.我安装了openssl并键入以下命令:
openssl s_client -connect smtp.gmail.com:465
UPDATE: I tried fiddler and can't get it to work. I installed openssl and typed the following command:
openssl s_client -connect smtp.gmail.com:465
Gmail会以其证书和220 mx.google.com ESMTP ...
进行响应.但是,Fiddler不会捕获流量.我在提琴手中将WinINET选项设置为对所有协议使用相同的代理服务器".其他人可以让它工作(或不工作)吗?我想我需要找到一种使openssl使用代理的方法.
Gmail responds with their certificate and a 220 mx.google.com ESMTP ...
. However, Fiddler does not capture the traffic. I set the WinINET options in fiddler to "Use the same proxy server for all protocols". Can anyone else get this to work (or not work)? I think I need to find a way to have openssl use a proxy.
推荐答案
提琴手允许您实现一个中间人攻击自己,以查看SSL隧道内部的内容.
Fiddler allows you to implement a man in the middle attack against yourself to see what is inside the SSL tunnel.
Fiddler为您的计算机生成一个唯一的根SSL证书,然后创建一个由根签名的会话证书.当您将Fiddler配置为为您解密SSL时,它充当您与目标之间的代理,使用站点的SSL证书解密流量,然后使用其自己的证书重新加密流量.
Fiddler generates a unique root SSL certificate for your computer, and then creates a session certificate signed by the root. When you configure Fiddler to decrypt SSL for you it acts as a proxy between you and the destination, decrypting the traffic using the site's SSL certificate and then re-encrypting it using its own certificate.
您的浏览器/应用程序将看到不可信的证书错误.您可以选择信任Fiddler的根证书来解决此错误.
Your browser/application will see an untrusted certificate error. You can get around this error by choosing to trust Fiddler's root certificate.
.Net Rocks的人们在使用上表现出色,播客插曲提琴手嗅探您的流量.
The folks over at .Net Rocks did a great podcast episode on using Fiddler to sniff your traffic.
这篇关于如何在中间乐器中创建人的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!