Code Monkey home page Code Monkey logo

mitmproxy-toniebox's Introduction

Hackiebox-server to mitm the Boxine Cloud

You may create a vm / lxc with docker.

Image preperation

Just "docker build . --tag hbs:latest" your image. Don't forget to enter your ips! Also build the nginx image if needed: "docker build ./docker/nginx/ --tag hbs-nginx:latest"

Variants

Select the variant you want to use. You may remove the variant from the docker-compose.yaml you don't need.

Reverse Proxy

You'll need one network. Please reconfigure your DNS so prod.de.tbs.toys points to the ip of your reverse container. Please set rtnl.bxcl.de to the ip of the nginx container.

Transparent Proxy

You'll need two networks. One is a normal LAN, the other (mitm) should have a DHCP that reconfigures the gateway-ip to the ip of the container itself. You may need to set the NET_IF variable to the mitm interface. With this variant you can inspect the RTNL log messages.

Certificates

mitmproxy-ca-cert.pem conversion

mitmproxy-ca-cert.pem in certs volume is converted to ca.der automatically. Flash it to your toniebox flash:/cert/ca.der (or flash it as flash:/cert/c2.der if using the altCA patch). This is done via:

openssl x509 -inform PEM -outform DER -in mitmproxy-ca-cert.cer -out ca.der

Convert client certificate to PEM-format

client-certificates as PEM into client-certs volume. (generated from client.der/private.der) They will be selected by their CN which is their MAC.

openssl x509 -inform DER -outform PEM -in client.der -out client.cer
openssl rsa -inform DER -outform PEM -in private.der -out private.key
cat client.cer private.key > client.pem

Original CA as PEM

Original CA as PEM into config volume named toniebox.ca.pem. (generated from the original(!) ca.der)

openssl x509 -inform DER -outform PEM -in ca.der -out toniebox.ca.pem

Additional information about the certificates and CA.

Startup

Start the app via "docker-compose -f docker-compose.yaml up" You can access the logs via "docker logs --follow hackiebox-" Check the containers NET_IF IP with the port :8081 to check and inspect the communication You may ssh into the container via ssh root@ -p 8022

HackieboxNG bootloader patches

You may use the altCa/altUrl patches in slot add2/add3 to allow the certificate to be loaded from flash:/cert/c2.der and set the URL to prod.revvox / rtnl.revvox.

More Docs about mitm

See: Toniebox Wiki - Traffic Sniffing

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.