Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/syncsynchalt/dime-a-tap

Man-in-the-middle TLS intercept proxy with tcpdumpable loopback
https://github.com/syncsynchalt/dime-a-tap

hackertools im-in mitm proxy ssl tcpdump tls

Last synced: 3 months ago
JSON representation

Man-in-the-middle TLS intercept proxy with tcpdumpable loopback

Host: GitHub
URL: https://github.com/syncsynchalt/dime-a-tap
Owner: syncsynchalt
License: mit
Created: 2018-10-03T16:23:33.000Z (about 6 years ago)
Default Branch: master
Last Pushed: 2022-04-11T03:47:22.000Z (over 2 years ago)
Last Synced: 2024-06-20T08:25:46.364Z (5 months ago)
Topics: hackertools, im-in, mitm, proxy, ssl, tcpdump, tls
Language: Go
Homepage:
Size: 23.4 KB
Stars: 24
Watchers: 3
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE.md

Awesome Lists containing this project

awesome-network-stuff - **12**星 - in-the-middle TLS intercept proxy with tcpdumpable loopback (<a id="42f9e068b6511bcbb47d6b2b273097da"></a>未分类 / <a id="3bd67ee9f322e2c85854991c85ed6da0"></a>投毒&&Poisoning)

README

# dime-a-tap

MITM proxy to make TLS/SSL traffic readable in the clear.

Unencrypted traffic is sent over loopback to make it easily tcpdumpable.

### Getting started

To start the proxy on port 443 (HTTPS):

```
$ go install github.com/syncsynchalt/dime-a-tap/cmds/dime-a-tap@latest
$ export PATH=$PATH:~/go/bin
$ dime-a-tap 443
```

Use /etc/hosts, captive DNS, or similar to redirect hosts and devices to your proxy for a given hostname.

### Creating a certificate store

To avoid security warnings you'll want to create a CA and distribute it to your devices:

```
$ dime-a-tap ca-init /tmp/cadir
$ dime-a-tap -cadir /tmp/cadir 443
```

Install the certificate in `/tmp/cadir/ca.crt` as a trusted CA on your hosts or devices.

### Capturing the unencrypted data

To capture intercepted data, there are two options.

Use `-capturedir {dir}` to write the unencrypted client (.c) and server (.s) conversation to files in that dir. Example:
```
$ mkdir /tmp/captures
$ dime-a-tap -capturedir /tmp/captures 443 &
(send traffic through the tap)
$ ls /tmp/captures
total 56
-rw-r--r-- 1 user wheel 75 Oct 4 12:45 192.168.69.42:52981.20181004124516.667781.c
-rw-r--r-- 1 user wheel 756 Oct 4 12:45 192.168.69.42:52981.20181004124516.733675.s
-rw-r--r-- 1 user wheel 0 Oct 4 12:45 192.168.69.42:52981.20181004124516.735306.c
-rw-r--r-- 1 user wheel 75 Oct 4 12:45 192.168.69.42:52989.20181004124551.808247.c
-rw-r--r-- 1 user wheel 756 Oct 4 12:45 192.168.69.42:52989.20181004124551.875861.s
-rw-r--r-- 1 user wheel 0 Oct 4 12:45 192.168.69.42:52989.20181004124551.877488.c
-rw-r--r-- 1 user wheel 75 Oct 4 12:46 192.168.69.42:52992.20181004124609.494528.c
-rw-r--r-- 1 user wheel 297 Oct 4 12:46 192.168.69.42:52992.20181004124609.554621.s
-rw-r--r-- 1 user wheel 459 Oct 4 12:46 192.168.69.42:52992.20181004124609.555327.s
-rw-r--r-- 1 user wheel 0 Oct 4 12:46 192.168.69.42:52992.20181004124609.556733.c
```

Or use `tcpdump` on localhost:4430 to create a pcap file suitable for use with wireshark. Example:
```
$ dime-a-tap 443 &
$ tcpdump -i lo0 -s 0 -w capture.pcap port 4430
(send traffic through the tap)
```