Simple SSL MiMT using stunnel

MiTM-SSL.md

Simple SSL MiTM

A quick and dirty SSL MiTM using stunnel

• Generate a SSL certificate .. or use Let's Encrypt (for the green lock)

openssl req -batch -new -x509 -days 365 -nodes -out mitm.pem -keyout mitm.pem

• Run stunnel

stunnel mitm.conf

;mitm.conf
[server]
client = no
cert= ./mitm.pem
accept = <EXPOSEDIP>:443
connect = 127.0.0.1:31337

[client]
client = yes
accept = 127.0.0.1:31337
connect = <TARGET>:443

• Capture unencrypted traffic

sudo tcpdump -ilo -s0 -v -w ./mitm.pcap 'port 31337'

Hello @ohpe :) I want to use Privoxy to block an HTTPS URL like this one: https://github.com/Setaran/ But Privoxy is not able to block HTTPS paths, it can only block HTTPS domains which is already achievable with HOSTS file on Windows so I don't need that. I found your config for stunnel, I want to use in my case. Can you please tell me after I add the above config to stunnel, how I can send the unencrypted data to Privoxy? And then I think I should encrypt it with the .pem key? Thanks very much in advance 👍

Hi,
Were you able to get any solution?

Hello @ohpe :) I want to use Privoxy to block an HTTPS URL like this one: https://github.com/Setaran/ But Privoxy is not able to block HTTPS paths, it can only block HTTPS domains which is already achievable with HOSTS file on Windows so I don't need that. I found your config for stunnel, I want to use in my case. Can you please tell me after I add the above config to stunnel, how I can send the unencrypted data to Privoxy? And then I think I should encrypt it with the .pem key? Thanks very much in advance 👍

Hi, Were you able to get any solution?

Hello I used Fiddler!