Man-In-The-Middle Proxy aim at expose NSS Key Log Format (Pre)-Master-Secret for Wireshark analysis.
[TOC]
+----------+ Self Signed Root Certificate
| Client | <-----------------------------------------------+
+----------+ Certificate Signed by Self Root CA |
^ v
| +----------+
X No more Direct Communicate | MITM |
| +----------+
v ^
+----------+ |
| Server | <-----------------------------------------------+
+----------+ Trusted Communicate as normal Client-Server
-
You should guarantee your machine has installed Golang
-
Clone Repository from GitHub
git clone [email protected]:ffutop/mitmproxy.git
-
Build and Install
cd ${YOUR-PATH-TO-MITMPROXY-DIRECTORY}; go build; go install;
-
Check Installation Result
mitmproxy --help
-
prepare your Root Certificate OR run
mitmproxyto create a new Root Certificatenewly created Root Certificate will be find at
$HOME/.mitm/ -
make sure your OS trust Root Certificate which prepare at "STEP 1"
-
find
config.yaml.examplefile, rename toconfig.yamland edit -
run mitmproxy
mitmproxy -config ${YOUR-PATH-TO-config-yaml}/config.yaml -
follow Wireshark: Using the (Pre)-Master-Secret and config your Wireshark configuration.
- serve both http/https proxy on same port
- support auto modify MacOS global proxy config