-
Notifications
You must be signed in to change notification settings - Fork 1.7k
[mitmproxy] Patch issue #2103 #2104
base: master
Are you sure you want to change the base?
Conversation
…tion file. Moreover, the transparent mode could be used if specified in the configure file.
This file is useful for analyzing logs in Wireshark and the file contains all TLS secrets that belongs to the analysis
Not working for the moment
Codecov Report
@@ Coverage Diff @@
## master #2104 +/- ##
==========================================
+ Coverage 62.37% 62.38% +<.01%
==========================================
Files 154 154
Lines 15823 15842 +19
==========================================
+ Hits 9870 9883 +13
- Misses 5953 5959 +6
Continue to review full report at Codecov.
|
@jbremer I'm pretty sure that it's because we don't have the same information in the SSLKEYLOGFILE... A big difference between RSA and CLIENT_RANDOM labels don't you think ? |
It's probably enough, but indeed might require some additional / different handling. It's been a while so I don't have the whole TLS picture in my mind currently, but what about a simple |
Potential solutions :
|
For the record, using tlslite-ng v0.7.0 doesn't resolved the issue. |
@jbremer , good news ! |
By using this configuration file, I have no issue at all :
No GCM cipher suites are on this list, I suspect a bug concerning the decryption of an AES GCM traffic during the replay. |
This is linked to the PR : hatching/httpreplay#15 |
9bae8ed
to
391ceb2
Compare
Hi @jbremer,
Once more, I succeeded to use mitmproxy as a transparent proxy with these patches. Tell me if you need help. |
Hi. Just wanted to thank you for fixing this as I ran into the same issue - i'm able to see and decrypt the traffic. I wonder why this hasn't been fixed in the official release yet? Thanks. |
Keep updated this branch to take into account the PR
Hi @jbremer, |
Update done with the last version of "master" |
- A MITMproxy config dir can be specified in the CWD - NAT PREROUTING rules are automatically added
PR for resolving #2103
It's not working for the moment but I can't find why ...
@jbremer can you have a look to see if you see what I miss ?
Nothing appears as decrypted in the HTTPs tab using these modifications