You are not logged in.

#1 2022-06-11 11:38:31

geopardo
Member
From: hydracrabbers
Registered: 2021-03-23
Posts: 58

mitmproxy & fiddler web dbugging's does work

On fresh ark installation the websites working , i having to open a new 3d.

During browser installation after reboot i open firtst firefox and then chromium, but having problem of connection..
i solved symply add no proxy to configurations of browser's. i have make no proxy configuration set up.

But there is a problem, on this arch linux: i can't debug websites analize internet traffic/connections..
wireshark working, well full working; but mitmproxy do no life signal.. same do fiddler..
what can be? There is an arch linux system network settings or file permission who i don't understand..

Last edited by geopardo (2022-06-11 11:40:59)


Some 'security people are f*cking morons' says Linus Torvalds..

Offline

#2 2022-06-11 12:14:19

progandy
Member
Registered: 2012-05-17
Posts: 4,965

Re: mitmproxy & fiddler web dbugging's does work

To debug TLS in firefox you do not need mitmproxy:
https://wiki.wireshark.org/TLS#using-th … ter-secret

If you still want mitmproxy, then installing is not enough. You'll have to start it and set it as the proxy in your browser.
https://docs.mitmproxy.org/stable/overv … g-started/


| alias CUTF='LANG=en_XX.UTF-8@POSIX ' |

Offline

#3 2022-06-11 18:27:25

geopardo
Member
From: hydracrabbers
Registered: 2021-03-23
Posts: 58

Re: mitmproxy & fiddler web dbugging's does work

i run mitmproxy and the program make the folder

~/.mitmproxy

export certificate is an option, first we need extract the certificate from user folder..

then i edit proxy and run in terminal again mitmproxy

export http_proxy='http://localhost:8080'
export https_proxy='http://localhost:8080'

and try whit google

curl https://www.google.com

the program show something, but is not encoded..
don't see related tunneling and servers of google, like for example gstatic.com..

this program if run in terminal, or web interface, show in real time every output connections.


Some 'security people are f*cking morons' says Linus Torvalds..

Offline

#4 2022-06-11 18:57:05

progandy
Member
Registered: 2012-05-17
Posts: 4,965

Re: mitmproxy & fiddler web dbugging's does work

Works fine:

export http_proxy='http://localhost:8080'
export https_proxy='http://localhost:8080'
curl --cacert ~/.mitmproxy/mitmproxy-ca.pem https://www.google.com

Of course you can only see google.com, since curl does not execute javascript or fetch other resources embedded in the page. You only read the google.com page and that request is visible.


| alias CUTF='LANG=en_XX.UTF-8@POSIX ' |

Offline

#5 2022-06-11 19:24:09

geopardo
Member
From: hydracrabbers
Registered: 2021-03-23
Posts: 58

Re: mitmproxy & fiddler web dbugging's does work

OK tnx in advance smile

i do the command

 $ curl --cacert ~/.mitmproxy/mitmproxy-ca.pem https://www.google.com 

this is the resolved command in terminal, i have an issue..

curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: https://curl.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above. 

so i close mitmproxy in terminal.. i see certificate

$ ls ~/mitmproxy/
ca.crt  mitmproxy-ca-cert.cer  mitmproxy-ca-cert.p12  mitmproxy-ca-cert.pem  mitmproxy-ca.p12  mitmproxy-ca.pem  mitmproxy-dhparam.pem 

i take ca.crt and ecstract whit.

openssl x509 -in ~/.mitmproxy/mitmproxy-ca.pem -inform PEM -out ca.crt
sudo trust anchor ca.crt

then run again mitmproxy in terminal, but same problem..


Some 'security people are f*cking morons' says Linus Torvalds..

Offline

#6 2022-06-14 05:53:18

geopardo
Member
From: hydracrabbers
Registered: 2021-03-23
Posts: 58

Re: mitmproxy & fiddler web dbugging's does work

update..
fiddler now working on Firefox.. but not chromium, need to disable/stop systemd-resolved
the problem is made whit last update and can be gtk interface interferes whit the web debugger program..
the package of fiddler in AUR is orphan, but not flagged out of date..

so if you using and start systemd-resolved first to install fiddler, emerge the problem, and fiddler don't work..
if later i add dns to network whit the dhcpcd.conf/resolv.conf solution, i  need stop  systemd-resolved, then later fiddler debug the web.
there is and ensemble of problems


i having to configure mitmproxy properly now. If someone make a post-fix on wiki is a good idea..
for experience, is better a user expert create/make/modify wiki pages..

Last edited by geopardo (2022-06-15 06:42:14)


Some 'security people are f*cking morons' says Linus Torvalds..

Offline

Board footer

Powered by FluxBB