Jump to content

mitmproxy?


crepsidro
 Share

Recommended Posts

Hello peeps.

I am wondering, how hard it would be to make infusion out of amazing http://mitmproxy.org/ ?

Also, pointers on how to install it manually will be greatly appreciated.

There's so many ssl-capable mitm proxy software out now (mitmproxy, sslsniff, burp proxy) and none is available for pineapple, otherwise fine pentesting device?!

Sure there's schemes, where pineapple is used to karma clients to it, and route the traffic to the notebook.

But just imagine ssl logging proxy on the pineapple connected to 3g/phone/ethernet/wlan1?!

Thanks!

Link to comment
Share on other sites

Actually did some research.

I'm on 2.8.1.

With mitm infusion installed, i get mitmproxy (fails to start) and mitmdump 0.8.1.

mitmdump seems to work, BUT it fails to proxy plain http requests - it treats all requests as https, thus breaking functionality.

I tryed updating mitmdump to current version, but that broke it, 0.9 fails to start.

Please, some help here on how to install the new version?

And i tryed opkg install sslsniff. Sslsniff --help produces help, BUT when i try to use it = segmentation fault.

I just want a decent http/https logging proxy running on pineapple.

Thanks

Link to comment
Share on other sites

As i said, sslsniff package loads, but produces segmentation fault upon launch in 'work' mode.

I have 2gb swap, all processes stopped, but still get seg.fault.

Hoping for pros to investigate.

Just imagine smoothly running sslsniff?! Why focus on completely obsolete sslstrip?

Edited by crepsidro
Link to comment
Share on other sites

Ok, i did some research and disappointed with results...

I tried flashing to 3.0 and installing sslsniff (openwrt version, which is waaay obsolete).

Still get seg.fault upon running.

Got back to 2.8.1 and still wondering about possibility of having autonomous ssl sniffing proxy (NOT sslstrip, which is useless for most modern sites).

Still cannot properly invoke mitmdump (from mitm infusion) to catch and reroute both HTTP and HTTPS traffic TO it. It takes HTTPS traffic and mitms it, but still cannot get plain HTTP proxied to the mitmdump.

If i hard-set proxy address in 'victim browser' i DO get somewhat reliable ssl pass-thru decoding proxy (yes, i get wrong cert dialogs, but that's acceptable for pentesting).

Can anyone help me with proper iptables commands to route, say, all 80 and 443 traffic to port say 9999 on the pineapple?

Say, i use 3g-wan2 interface OR/AND eth1 interface to get internet to the pineapple.

Thanks.

Guys, i mean, why still no working ssl proxy on the device? Just imagine how cool and almost 100% transparent it can be.

PS. any progress on getting last (not ancient) sslstrip working? Thanks

Link to comment
Share on other sites

Yup, urwid fails due to absence of compiler. I edited setup.py for urwid to comment out ext.module requirement, it went thru setup.

I also had to do the same for PIL and lxml...

Thing is, lxml fails to compile and i get error

Traceback (most recent call last):
  File "/usb/usr/bin/mitmdump", line 4, in <module>
    from libmproxy import proxy, dump, cmdline, version, console
  File "/usb/usr/lib/python2.7/site-packages/libmproxy/console/__init__.py", line 5, in <module>
    import flowlist, flowview, help, common, grideditor, palettes, contentview, flowdetailview
  File "/usb/usr/lib/python2.7/site-packages/libmproxy/console/flowview.py", line 3, in <module>
    import common, grideditor, contentview
  File "/usb/usr/lib/python2.7/site-packages/libmproxy/console/contentview.py", line 10, in <module>
    import lxml.html, lxml.etree
  File "/usb/usr/lib/python2.7/site-packages/lxml-3.2.3-py2.7.egg/lxml/html/__init__.py", line 42, in <module>
    from lxml import etree
ImportError: cannot import name etree

Also tried manually do a static build of lxml (python setup.py --static-deps to no avail. I guess lxml does needs some binaries compiled...

Please, do something! I want mitmproxy on my pineapple again. It WAS working couple of months ago, but i guess PIP distro changed..

Thanks

Maybe just tell me what to comment out and where to force mitm to run.

Link to comment
Share on other sites

Edited contentview.py and ran mitmdump (and mitmproxy).

Now, it needs pyopenssl 0.13 and opkg have 0.10-1.

I cannot resolve a conflict there. It either runs with 0.10 but drops all SSL traffic OR it doesnt run with 0.13 pip'ed over 0.10

HELP PLEASE, i guess i need some pyopenssl 0.13 bins (((

Link to comment
Share on other sites

Ok, nobody? What?

More futility from me then... :(

I managed to install mitmproxy 0.8.1 by using pip install "mitmproxy<=0.8.1".

But it lacks -T (transarent http/https mode), it lack --host option, and it's basically useless.

I also tried to build some binaries 'on-device'. I tried root_fs_mips and root_fs_mipsel uClibs' packs, both fail to chroot on device (architecture mismatch most probably).

We need pyOpenSSL compiled for pineapple ASAP! That will lead to mitmproxy 0.9.2 (which works GREAT on linux machine, sniffs/mitms ALL ssl traffic!) and NEW version of SSLstrip many folks love.

Please, please devs. Compile the opkg .ipk or just 3 binaries needed for pyOpenSSL 0.13 (crypto and 2 more).

THANKS!

Edited by crepsidro
Link to comment
Share on other sites

crepsidro :

How about you stop posting all the time for the same thing, eh?

Developers of both infusions and the system, especially sebkinne who is always working on the pineapple, aswell as other tinkerers 'give a toss'. Developers are incredibly busy, they do what they can when they can.

So my advice to you sir, is back off.

Edited by Foxtrot
Link to comment
Share on other sites

Can somebody please compile the binaries for pyopenssl 0.13? it needs it to proceed. not familliar with pineapple build enviroment etc.

thanks!

Yes. We can and will - but please don't keep posting the same things. I suggest creating a bug / suggestion in the appropriate manner so that it is added to our to-do lists.

Best Regards,

Sebkinne

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...