Skip to content
master
Switch branches/tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
 
 
 
 

SSL proxy

License

This software is available under MIT license, see LICENSE.txt.

Dependencies

  • recent Erlang distribution (tested on Erlang/OTP 17 [erts-6.2])

Configuration

The file config.txt contains the configuration, which is read at startup.

  • listen_port is the TCP port to listen on
  • ca_key_file and ca_cert_file are the private key and certificate of a CA that is accepted by the clients to be attacked with MITM, both in PEM format

Building

erlc *.erl

Running

$ erl -s sslproxy
Erlang/OTP 17 [erts-6.2] [source] [64-bit] [smp:4:4] [async-threads:10] [kernel-poll:false]

Eshell V6.2  (abort with ^G)
1> Opened PCAP output file /tmp/sslproxy-11107-g2gDYgAABYdiAA7Ga2IADDWM.pcap

The PCAP file name contains the PID or the erlang process and a timestamp for uniqueness, and the file will contain the plaintext of everything that went through the proxy.

Known bugs and limitations

  • Encrypted private keys are NOT supported, PEM files should contain -----BEGIN PRIVATE KEY-----.
  • Erlang SSL/TLS implementations cannot handle X.509 certificates with a country field of more than two characters, both as a client and as a server. This unfortunately also means that Burp certificates with PortSwigger as their "country" cannot be used by this tool.
  • Only version 4 IP addresses are supported.

About

Generic HTTPS proxy for logging non-HTTP traffic

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages