

MitmProxy 0.9 is out - alexdong
http://corte.si/posts/code/mitmproxy/announce0_9/index.html

======
joshu
I just want to take a bit of space and mention both how useful MITMproxy has
been for me in the past and also how generally awesome Aldo Cortesi is; I hope
I have opportunity to work with him someday.

~~~
alexdong
Aldo is a perfectionist. He keeps on pushing off the release date so that he
can iron out every single bug he knew of, non-trivial part of which are caused
by other services. The world does become a better place with this whole new
version of mitmproxy.

------
est
For SSL, I hope there's more tools like Echo Mirage[1] or PaiMei[2] which
could just hook SSL dynamic modules instead of MITM CA cert spoofing.

You can encrypt/decrypt TLS/SSL traffic by intercepting read/write calls for
Schannel SSP/OpenSSL. I hope some project could support Android and iOS using
similar methods.

[1] <http://www.bindshell.net/tools/echomirage>

[2] <https://github.com/OpenRCE/paimei>

~~~
daeken
These are good for certain specific tests, but they're too inconsistent to
trust for professional testing. There's always the chance that you're hooking
the wrong thing (or nothing at all, in the case of a statically linked OpenSSL
in a version you don't know/have FLIRT-ish symbols for).

I used to use this technique a whole lot, but I've gone to 100% MITMing via
cert spoofing/replacement.

~~~
tptacek
Ironically, it has been a week of not being able to do that, and instead
surreptitiously patching binaries and (in one case) a kernel, here at the
shop. I read the parent comment earlier and thought "man, I miss Pai Mei."

~~~
daeken
Yeah, there are definitely cases where you can't swap out certs and all that,
but in those cases the automated tools just fall down anyway. I don't miss the
days of manually compiling OpenSSL with specific flags to generate _just_ the
right FLIRT symbols to find the methods I needed to hook.

------
passfree
You can also try proxify (<http://www.gnucitizen.org/blog/landing-proxify/>)
actual cross-platform binary that is based on top of NSS. It has been designed
to be really fast as it is not buffering anything. It also has a lot of useful
command line options.

