mitm

An explicit http proxy for when you want to mitm yourself.

go get github.com/libliflin/mitm/mitm

mitm -f localhost:12012 -t https://www.google.com

I use this because dealing with java cacerts is a huge pain with old application servers. I'd rather go handle my ssl through my OS.

Now featuring streaming!

to test streaming:

cd %GOPATH%\src\github.com\libliflin\mitm\streamtest
go run streamtest.go

You should see output something like:

2016/02/08 22:14:46 Testing mitm streaming with locks.
2016/02/08 22:14:46 DOWNLOAD: lock initialized as locked
2016/02/08 22:14:46 UPLOAD:   lock initialized as locked
2016/02/08 22:14:46 UPLOAD:   waiting on client after first file upload chunk sent until it is verified on server.
2016/02/08 22:14:46 UPLOAD:   first upload chunk verified, unlocking upload lock.
2016/02/08 22:14:46 UPLOAD:   lock unlocked on client, sending second chunk.
2016/02/08 22:14:46 UPLOAD:   upload stream check completed.
2016/02/08 22:14:46 DOWNLOAD: locking on server after flushing first greeting.
2016/02/08 22:14:46 DOWNLOAD: unlocking on client after validating first greeting.
2016/02/08 22:14:46 DOWNLOAD: lock unlocked on server, sending second greeting.
2016/02/08 22:14:46 DOWNLOAD: verification of second greeting complete.
2016/02/08 22:14:46 All tests passed.

Links:

• go hands off ssl to your OS
• if you have to use cert locations in java, use a gui
• localhost is good enough security
• certicom ssl doesn't support SHA-256