MITM SSL代理服务器 [英] MITM SSL Proxy Server

问题描述

嗨
我有Java中的MITM SSL代理服务器，但是我在项目的某些部分有些困惑.

因此，该项目是否有任何完整代码(ProxyServer，Client，attacker)，因为我想了解它并创建自己的代码.

谢谢

Abdul

Hi
I have MITM SSL Proxy server in Java, but I have some confusion in some parts of my project.

So, Is there any full code (ProxyServer, Client,attacker ) for this project because I wanna understand it and create my own code.

Thanks

Abdul

推荐答案

Fiddler允许您实施中间人攻击自己，以查看SSL隧道内部的内容.

Fiddler为您的计算机生成唯一的根SSL证书，然后创建由根签名的会话证书.当您将Fiddler配置为为您解密SSL时，它充当您与目标之间的代理，使用站点的SSL证书解密流量，然后使用其自己的证书重新加密流量.

您的浏览器/应用程序将看到不可信的证书错误.您可以通过选择信任Fiddler的根证书来解决此错误.

.Net Rocks在使用Fiddler嗅探您的流量时做了一个很棒的播客集.
http://www.dotnetrocks.com/default.aspx?shownum=509 [ ^ ]

Fiddler allows you to implement a man in the middle attack against yourself to see what is inside the SSL tunnel.

Fiddler generates a unique root SSL certificate for your computer, and then creates a session certificate signed by the root. When you configure Fiddler to decrypt SSL for you it acts as a proxy between you and the destination, decrypting the traffic using the site''s SSL certificate and then re-encrypting it using its own certificate.

Your browser/application will see an untrusted certificate error. You can get around this error by choosing to trust Fiddler''s root certificate.

.Net Rocks did a great podcast episode at on using Fiddler to sniff your traffic
http://www.dotnetrocks.com/default.aspx?shownum=509[^]

这篇关于MITM SSL代理服务器的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！