
SSL proxy
=========
License
-------
This software is available under MIT license, see `LICENSE.txt`.
Dependencies
------------
- recent Erlang distribution (tested on `Erlang/OTP 17 [erts-6.2]`)
Configuration
-------------
The file `config.txt` contains the configuration, which is read at startup.
- `listen_port` is the TCP port to listen on
- `ca_key_file` and `ca_cert_file` are the private key and certificate of a CA that is accepted by the clients to be attacked with MITM, both in PEM format
Building
--------
erlc *.erl
Running
-------
$ erl -s sslproxy
Erlang/OTP 17 [erts-6.2] [source] [64-bit] [smp:4:4] [async-threads:10] [kernel-poll:false]
Eshell V6.2 (abort with ^G)
1> Opened PCAP output file /tmp/sslproxy-11107-g2gDYgAABYdiAA7Ga2IADDWM.pcap
The PCAP file name contains the PID or the erlang process and a timestamp
for uniqueness, and the file will contain the plaintext of everything
that went through the proxy.
Known bugs and limitations
--------------------------
- Encrypted private keys are _NOT_ supported, PEM files should contain `-----BEGIN PRIVATE KEY-----`.
- Erlang SSL/TLS implementations cannot handle X.509 certificates with a country field of more than two characters, both as a client and as a server. This unfortunately also means that Burp certificates with `PortSwigger` as their "country" cannot be used by this tool.
- Only version 4 IP addresses are supported.
本站所有文章资讯、展示的图片素材等内容均为注册用户上传(部分报媒/平媒内容转载自网络合作媒体),仅供学习参考。
用户通过本站上传、发布的任何内容的知识产权归属用户或原始著作权人所有。如有侵犯您的版权,请联系我们反馈本站将在三个工作日内改正。