Skip to content

Instantly share code, notes, and snippets.

@ohpe
Created February 12, 2018 20:03
Show Gist options
  • Save ohpe/e02596a2c2247ea1a212e019c355e2c3 to your computer and use it in GitHub Desktop.
Save ohpe/e02596a2c2247ea1a212e019c355e2c3 to your computer and use it in GitHub Desktop.
Simple SSL MiMT using stunnel

Simple SSL MiTM

A quick and dirty SSL MiTM using stunnel

  • Generate a SSL certificate .. or use Let's Encrypt (for the green lock)
openssl req -batch -new -x509 -days 365 -nodes -out mitm.pem -keyout mitm.pem
  • Run stunnel
stunnel mitm.conf
;mitm.conf
[server]
client = no
cert= ./mitm.pem
accept = <EXPOSEDIP>:443
connect = 127.0.0.1:31337

[client]
client = yes
accept = 127.0.0.1:31337
connect = <TARGET>:443
  • Capture unencrypted traffic
sudo tcpdump -ilo -s0 -v -w ./mitm.pcap 'port 31337'
@Saya47
Copy link

Saya47 commented Nov 30, 2023

Hello @ohpe :) I want to use Privoxy to block an HTTPS URL like this one: https://github.com/Setaran/ But Privoxy is not able to block HTTPS paths, it can only block HTTPS domains which is already achievable with HOSTS file on Windows so I don't need that. I found your config for stunnel, I want to use in my case. Can you please tell me after I add the above config to stunnel, how I can send the unencrypted data to Privoxy? And then I think I should encrypt it with the .pem key? Thanks very much in advance 👍

Hi, Were you able to get any solution?

Hello I used Fiddler!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment