diff options
| author | Aldo Cortesi <aldo@nullcube.com> | 2011-03-16 15:27:26 +1300 |
|---|---|---|
| committer | Aldo Cortesi <aldo@nullcube.com> | 2011-03-16 15:27:26 +1300 |
| commit | 9af516b14b50fe11dce7c93516aef2cec7d5dadd (patch) | |
| tree | de984156bec0b2a9429bba6a83c66a6e89edeaf7 /doc-src/faq.html | |
| parent | e6ef0c3faf21971c144aaf93e6c05d98f1fe74be (diff) | |
| download | mitmproxy-9af516b14b50fe11dce7c93516aef2cec7d5dadd.tar.gz mitmproxy-9af516b14b50fe11dce7c93516aef2cec7d5dadd.tar.bz2 mitmproxy-9af516b14b50fe11dce7c93516aef2cec7d5dadd.zip | |
Documentation.
Diffstat (limited to 'doc-src/faq.html')
| -rw-r--r-- | doc-src/faq.html | 50 |
1 files changed, 0 insertions, 50 deletions
diff --git a/doc-src/faq.html b/doc-src/faq.html index 769227bd..daca2b82 100644 --- a/doc-src/faq.html +++ b/doc-src/faq.html @@ -5,55 +5,5 @@ Coming soon. - <p class="question">I'm pentesting an non-browser app that checks SSL - certificate validity. How do I make it trust the MITMProxy certificate?</p> - - - <p> Here's a quick and easy procedure you can use for Windows 7, as long as - the app in question uses the global Windows certificate repository. </p> - - <ul> - - <li> First copy the file <b>libmproxy/resources/bogus_template</b> - from the MITMProxy source, and edit it to include your target domain in - the CN parameter. The result should look like this: - -<pre>[ req ] -prompt = no -distinguished_name = req_distinguished_name - -[ req_distinguished_name ] -C = NZ -ST = none -L = none -O = none -OU = none -CN = target.domain.com -emailAddress = none</pre> - </li> - - <li> Next, use your bogus template to generate a certificate, and - install it for MITMPRoxy to use: - -<pre>openssl req -config ./my_bogus_template -x509 -nodes -days 9999 -newkey rsa:1024 -keyout mycert -out mycert - -cp mycert ~/.mitmproxy/cert.pem</pre> - </li> - - <li> Fire up MITMProxy, and configure Firefox on the Windows box to use - it. Browse to the target domain, and you should see a big warning about - an untrusted certificate. Use Firefox to export the certificate ("Add - Exception", "Get Certificate", then "View", tab to "Details" and click - "Export"). </li> - - <li> From the command console, fire up <b>certmgr</b>. Select "Trusted - Root Certification Authorities", then on the top menu, "Action", "All - Tasks", and "Import". When prompted, select the certificate file you've - just saved from Firefox.</li> - - <li> And that's it - your certificate should now be trusted for that - domain. Happy pentesting.</li> - - </ul> </div> |