I have been trying to MITM myself with Charles and even after fully trusting the phony SSL cert, I’m still unable to capture HTTPS requests from a Windows program.
does anyone know of any other tools that can help me do this?
I know there are a lot of security and REfags in this bitch
Name:
Anonymous2018-07-26 17:27
I have no idea what Charles is, but this whole thing is quite easy. Trust your own TLS cert, redirect all the IPs to your own thing and done.
Name:
Anonymous2018-07-26 20:01
firesheep, wireshark, etc.
Name:
Anonymous2018-07-26 21:06
>>2 I can’t redirect the IPs since I also need the https responses. I’m trying to reverse the network requests for a Windows program.
Name:
Anonymous2018-07-26 22:34
use lisp
Name:
Anonymous2018-07-27 4:47
>>4 Setup a local proxy or something with routing.
Name:
Cudder!cXCudderUE2018-07-28 5:37
You need to use Eve, not Charles.
Serious answer: hook the functions for reading/writing data before it passes through the SSL layer, and get the data from there.
Name:
Anonymous2018-07-28 7:13
It's Adam and Eve, not Charles and Eve!
Name:
Anonymous2018-07-29 3:55
yeah looks like I’ll have to decompile it
this application uses certificate pinning so it’s basically impossible to sniff its traffic.