wjsjwr/mitm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

添加MITM代理服务器的初始实现,包括证书处理、配置解析、流量转发和日志记录功能。新增多个批处理脚本以支持程序的构建和调试,更新README和故障排除指南以提供使用说明和常见问题解决方案。

Browse Source
This commit is contained in:
wjsjwr 2025-08-20 01:21:05 +08:00
parent f9314ae8d4
commit 8eefa5848d
26 changed files with 2659 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -21,3 +21,4 @@
# Go workspace file # Go workspace file
go.work go.work
traffic_dumps/

26
CA.crt Normal file
View File

@ -0,0 +1,26 @@
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgIGAZi8TmIsMA0GCSqGSIb3DQEBCwUAMIGgMTEwLwYDVQQDDChDaGFybGVz
IFByb3h5IENBICgxOCBBdWcgMjAyNSwgQkxBQ0stUEMpMSUwIwYDVQQLDBxodHRwczovL2NoYXJs
ZXNwcm94eS5jb20vc3NsMREwDwYDVQQKDAhYSzcyIEx0ZDERMA8GA1UEBwwIQXVja2xhbmQxETAP
BgNVBAgMCEF1Y2tsYW5kMQswCQYDVQQGEwJOWjAeFw0yNTA4MTcwODMxNTBaFw0yNjA4MTcwODMx
NTBaMIGgMTEwLwYDVQQDDChDaGFybGVzIFByb3h5IENBICgxOCBBdWcgMjAyNSwgQkxBQ0stUEMp
MSUwIwYDVQQLDBxodHRwczovL2NoYXJsZXNwcm94eS5jb20vc3NsMREwDwYDVQQKDAhYSzcyIEx0
ZDERMA8GA1UEBwwIQXVja2xhbmQxETAPBgNVBAgMCEF1Y2tsYW5kMQswCQYDVQQGEwJOWjCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKEmwh2Lk0017ak2c+3eKUGRsZVc5TSfcFaaiAk5
kKMWj0pIXNKo2G8eERo4BYNqZi+icHGWBwmhAuUDJqpZMji2Qzv0jvuFDw0+UVVtp30RU/92GZYV
C44df+qPTYqUuD+ZPKdlo2RZ38Jbru/VT7AQQ53cvcBJ6s7WzY9QQVui1Rd3jHRXnyb9/duccw22
vo6f2/OX2mVEKpXd5/3g8d+D8EuoiTUKDbgM39diOYuelh8Xybf0Zy1ZU4nkYeaVwzf9djlgxa1E
2Qb9SscxddGBJxyTrqtoG4ZLwzuwz3DX6KOEPX73I0Q8L+TBf7KQhBYkHSOa6HygE0Vgi3HoM4UC
AwEAAaOCAXUwggFxMA8GA1UdEwEB/wQFMAMBAf8wggEtBglghkgBhvhCAQ0EggEeE4IBGlRoaXMg
cm9vdCBjZXJ0aWZpY2F0ZSB3YXMgZ2VuZXJhdGVkIGJ5IENoYXJsZXMgUHJveHkgZm9yIFNTTCBQ
cm94eWluZy4gSWYgdGhpcyBjZXJ0aWZpY2F0ZSBpcyBwYXJ0IG9mIGEgY2VydGlmaWNhdGUgY2hh
aW4sIHRoaXMgbWVhbnMgdGhhdCB5b3UncmUgYnJvd3NpbmcgdGhyb3VnaCBDaGFybGVzIFByb3h5
IHdpdGggU1NMIFByb3h5aW5nIGVuYWJsZWQgZm9yIHRoaXMgd2Vic2l0ZS4gUGxlYXNlIHNlZSBo
dHRwczovL2NoYXJsZXNwcm94eS5jb20vc3NsIGZvciBtb3JlIGluZm9ybWF0aW9uLjAOBgNVHQ8B
Af8EBAMCAgQwHQYDVR0OBBYEFKBf+QLehq0dc4s7YMIUUFJdgWBfMA0GCSqGSIb3DQEBCwUAA4IB
AQBc+K3gGnz00yv2XMYRMbeYLr3SD15Tx3NAPri08EY1wyyufkBCaI81tZSCMy4PkGAYN+zODrQ6
MRj0tbABTNZHdzFCuazE+B2ce2Ka3PcQ1DNpGf60NYk9qBHpOxak+5XxrECFYjStYW3gLZ7mZSnI
YX9doSujRpzSbVZFvVh4J1zCzF1NuD6VxxfFjppJ6EnvnSSQOly0e32NzibQi3akFb4E5hn58py/
Eth3xl7mzWjcdKeKd30TAeg98PA+drJ8JsunIc2sICcNuAoVSKQEX4ihZHMhFLXl0MNdyWQtqHPR
beQU9SvWF3DVmilrNO1neetL2TCZK5iMyIAHvqPo
-----END CERTIFICATE-----

167
README.md
View File

@ -1,2 +1,167 @@
# mitm # MITM Proxy Server
This is a Man-in-the-Middle (MITM) proxy server written in Go, similar to the functionality of Charles proxy tool.
## Features
1. **Transparent MITM Proxy**: Completely transparent HTTP/HTTPS proxy that doesn't interfere with any traffic
2. **Hardcoded Certificates**: P12 certificate and CA certificate directly embedded in the program, no external files needed
3. **HTTPS Decryption**: Attempts to decrypt HTTPS traffic for inspection, falls back to transparent mode if decryption fails
4. **Dual Traffic Dump**: Save both encrypted and decrypted data to different files for analysis
5. **Complete Data Output**: Console displays complete request/response data without truncation
6. **Domain Filtering**: Print specific traffic to stdout based on the list of domains of interest in TOML configuration file
7. **System Proxy**: Automatically set Windows system proxy, restore when program ends
8. **CA Certificate Installation**: Automatically import hardcoded CA certificate to Windows trusted root certificate authorities
9. **Redirect Transparency**: All HTTP redirects (301/302/etc.) are passed through exactly as-is without modification
10. **Built-in Testing**: Use `-test` flag to verify proxy functionality and connectivity
## Prerequisites
1. **Go 1.21+**: Ensure Go language environment is installed
2. **OpenSSL**: For processing P12 certificate files (optional, will use basic configuration if not available)
3. **Administrator Privileges**: Setting system proxy and installing certificates requires administrator privileges
## Installation and Usage
### 1. Clone or Download Project
```bash
git clone <repository-url>
cd mitm
```
### 2. Install Dependencies
```bash
go mod tidy
```
### 3. Prepare Certificate Files
Ensure you have the following files:
- `cert.p12`: P12 certificate file containing CA and private key
- `CA.crt`: CA certificate file
### 4. Configuration File
Edit the `config.toml` file:
```toml
# Domains of interest configuration
domains_of_interest = [
"example.com",
"httpbin.org",
"api.github.com",
"www.google.com"
]
[proxy]
port = 8080
cert_file = "cert.p12"
cert_password = "your_password_here" # Change to your certificate password
ca_cert_file = "CA.crt"
[dump]
output_dir = "traffic_dumps"
```
### 5. Run Program
**Important**: Need to run as administrator:
```bash
# Open PowerShell or Command Prompt as administrator
go run .
```
Or compile and run:
```bash
go build -o mitm.exe
# Run as administrator
./mitm.exe
```
## Usage Instructions
1. **Start Program**: The program will automatically:
- Install CA certificate to system trusted root certificate store
- Set system proxy to `127.0.0.1:8080`
- Start proxy server
2. **Traffic Interception**:
- All HTTP/HTTPS traffic will be intercepted **transparently**
- No modification of requests, responses, or redirects
- Each request will be saved to `traffic_dumps` directory
- Traffic from domains of interest will be printed to console
- HTTPS traffic is decrypted when possible, falls back to encrypted passthrough
3. **Testing Connectivity**:
```bash
# Test proxy functionality
go run . -test
```
4. **Stop Program**:
- Press `Ctrl+C` to stop program
- Program will automatically restore original system proxy settings
## File Structure
```
mitm/
├── main.go # Main program file
├── cert_utils.go # Certificate processing tools
├── config.toml # Configuration file
├── go.mod # Go module file
├── cert.p12 # P12 certificate file (you need to provide)
├── CA.crt # CA certificate file (you need to provide)
└── traffic_dumps/ # Traffic dump directory (auto-created)
```
## Output File Format
### HTTP Traffic Files
Filename format: `YYYYMMDD_HHMMSS_domain.txt`
Content includes:
- Request information (method, URL, headers, body)
- Response information (status code, headers, body)
### HTTPS Traffic Files
Filename format: `YYYYMMDD_HHMMSS_domain_direction.bin`
Contains encrypted binary data.
## Important Notes
1. **Administrator Privileges**: Program needs administrator privileges to modify system proxy settings and install certificates
2. **Certificate Security**: Please ensure the security of P12 certificate files, do not hardcode passwords in production environments
3. **Network Security**: This tool is only for legal network debugging and testing purposes
4. **System Compatibility**: Currently only supports Windows systems
## Troubleshooting
1. **Certificate Loading Failed**:
- Check P12 file path and password
- Ensure OpenSSL is installed (optional)
2. **Proxy Setting Failed**:
- Ensure running with administrator privileges
- Check if port 8080 is occupied
3. **CA Certificate Installation Failed**:
- Ensure CA.crt file exists and format is correct
- Check administrator privileges
## Development and Customization
You can modify the following parts as needed:
- Add more domains of interest in `config.toml`
- Modify proxy port
- Customize traffic dump format
- Add more traffic analysis features
## License
Please see the LICENSE file for license information.

151
TROUBLESHOOTING.md Normal file
View File

@ -0,0 +1,151 @@
# MITM Proxy Troubleshooting Guide
## ERR_TUNNEL_CONNECTION_FAILED Error
This error typically occurs when the browser cannot establish a secure tunnel through the proxy. Here are the most common causes and solutions:
### 1. Certificate Issues
**Problem**: The CA certificate is not properly installed or trusted by the browser.
**Solutions**:
- Run the program as Administrator to ensure certificate installation
- Manually verify certificate installation:
```cmd
certlm.msc
```
Check if "Charles Proxy CA" appears in "Trusted Root Certification Authorities"
- If certificate installation fails, try:
```cmd
certutil -addstore -f "Root" CA.crt
```
### 2. Proxy Configuration Issues
**Problem**: System proxy is not properly configured or there are conflicting proxy settings.
**Solutions**:
- Verify proxy settings in Windows:
- Go to Settings > Network & Internet > Proxy
- Ensure "Use a proxy server" is enabled
- Check that proxy address is `127.0.0.1:8080`
- Clear existing proxy settings:
```cmd
netsh winhttp reset proxy
```
### 3. Firewall/Antivirus Blocking
**Problem**: Security software is blocking the proxy connections.
**Solutions**:
- Temporarily disable Windows Firewall
- Add exception for the proxy program in antivirus software
- Add exception for port 8080
### 4. TLS Handshake Issues
**Problem**: The proxy cannot properly negotiate TLS connections.
**Solutions**:
- The updated code now includes:
- Better TLS handshake handling
- Fallback to transparent proxy mode
- Improved error logging
- Connection timeouts
### 5. Testing and Debugging
Use the built-in test mode to verify connectivity:
```cmd
# Run with test flag
go run . -test
```
This will:
- Start the proxy server
- Test HTTP and HTTPS connections
- Show detailed error messages
- Help identify the specific issue
### 6. Common Error Messages and Solutions
**"TLS handshake failed"**:
- Certificate not trusted by browser
- Try accessing a simple HTTP site first
- Check certificate installation
**"Failed to connect to target server"**:
- Network connectivity issue
- DNS resolution problems
- Target server blocking connections
**"Write error" or "Read error"**:
- Connection interrupted
- Network timeout
- Proxy overloaded
**HTTP Redirects (302/301) Issues**:
- ✅ FIXED: Proxy is now completely transparent
- All redirects are passed through exactly as-is
- Browser handles redirects automatically
- No interference with redirect chains
### 7. Manual Testing Steps
1. **Test without proxy**:
```cmd
curl https://httpbin.org/ip
```
2. **Test with proxy**:
```cmd
curl --proxy 127.0.0.1:8080 https://httpbin.org/ip
```
3. **Test certificate**:
```cmd
curl --proxy 127.0.0.1:8080 --insecure https://httpbin.org/ip
```
### 8. Browser-Specific Issues
**Chrome**:
- Clear SSL state: Settings > Privacy and security > Security > Manage certificates > Clear SSL state
- Disable certificate transparency checks temporarily
**Firefox**:
- Import certificate manually: Settings > Privacy & Security > Certificates > Import
- Disable OCSP checking temporarily
**Edge**:
- Same as Chrome (uses Windows certificate store)
### 9. Advanced Debugging
Enable verbose logging by modifying the code to show more details:
- Connection attempts
- TLS handshake details
- Certificate validation steps
- Network I/O operations
### 10. Alternative Solutions
If the proxy still doesn't work:
1. **Use transparent mode only**: Modify code to skip TLS termination
2. **Use different certificate**: Generate new certificates with proper SAN fields
3. **Use different port**: Change from 8080 to 8081 or 3128
4. **Bypass problematic domains**: Add exceptions for specific sites
## Getting Help
If none of these solutions work:
1. Run with `-test` flag and save the output
2. Check Windows Event Viewer for errors
3. Use Process Monitor to see file/registry access issues
4. Provide the exact error message and browser version

75
UTF8_FIX_README.md Normal file
View File

@ -0,0 +1,75 @@
# UTF-8 Encoding Fix for Chinese Windows Systems
## Problem
On Chinese Windows systems, the default console encoding is often GBK/GB2312, which causes garbled text when the MITM proxy outputs UTF-8 characters. This results in unreadable console output, especially for Unicode characters and symbols.
## Solution
This fix implements a comprehensive UTF-8 encoding solution for Windows systems:
### 1. Batch File Fixes
All batch files now include the command:
```batch
chcp 65001 >nul 2>&1
```
This sets the console code page to UTF-8 (65001) before running any commands.
**Fixed files:**
- `run.bat`
- `demo.bat`
- `build.bat`
- `test.bat`
### 2. Go Program Fixes
The main Go program now automatically sets the console to UTF-8 mode on Windows:
```go
// Set console to UTF-8 on Windows to prevent garbled text
if runtime.GOOS == "windows" {
setConsoleUTF8()
}
```
**Implementation details:**
- Added `setConsoleUTF8()` function that executes `chcp 65001`
- Automatic detection of Windows OS using `runtime.GOOS`
- Enhanced console output with UTF-8 symbols (✓, 🚀, 🛑, etc.)
### 3. Testing
A test script `utf8_test.bat` is provided to verify the fix works correctly:
```batch
utf8_test.bat
```
This script:
- Sets console to UTF-8
- Displays various Unicode characters (Chinese, Japanese, Korean)
- Runs the MITM proxy in test mode to verify UTF-8 output
## Usage
Simply run any of the batch files as usual. The UTF-8 encoding will be automatically configured:
```batch
run.bat # Start the proxy with UTF-8 support
demo.bat # Run the demo with UTF-8 support
utf8_test.bat # Test UTF-8 encoding specifically
```
## Verification
After applying the fix, you should see:
- ✓ Clear display of Unicode characters
- 🚀 Proper rendering of emoji symbols
- 正确显示中文字符 (Correct display of Chinese characters)
- 日本語の文字が正しく表示される (Japanese characters display correctly)
## Technical Notes
- Code page 65001 is the Windows UTF-8 code page
- The fix is automatically applied only on Windows systems
- No changes are needed for Linux/macOS systems
- The original functionality remains unchanged
## Compatibility
- Windows 10/11: Full support
- Windows 8/8.1: Full support
- Windows 7: Partial support (depends on system configuration)
- Chinese, Japanese, Korean Windows: Full support
- English Windows: Full support (no changes to existing behavior)

29
build.bat Normal file
View File

@ -0,0 +1,29 @@
@echo off
REM Set console to UTF-8 encoding to prevent garbled text on Chinese Windows systems
chcp 65001 >nul 2>&1
echo Building MITM Proxy Server...
REM Download dependencies
echo Downloading dependencies...
go mod download
REM Build program
echo Building executable...
go build -o mitm.exe .
if %ERRORLEVEL% EQU 0 (
echo.
echo Build successful!
echo Executable: mitm.exe
echo.
echo Usage:
echo 1. Ensure cert.p12 and CA.crt files exist
echo 2. Edit config.toml configuration file
echo 3. Run mitm.exe as administrator
echo.
) else (
echo.
echo Build failed! Please check error messages.
)
pause

BIN
cert.p12 Normal file
View File

Binary file not shown.

69
cert_base64.txt Normal file
View File

@ -0,0 +1,69 @@
-----BEGIN CERTIFICATE-----
MIIMdgIBAzCCDCAGCSqGSIb3DQEHAaCCDBEEggwNMIIMCTCCBbAGCSqGSIb3DQEH
AaCCBaEEggWdMIIFmTCCBZUGCyqGSIb3DQEMCgECoIIFQDCCBTwwZgYJKoZIhvcN
AQUNMFkwOAYJKoZIhvcNAQUMMCsEFFfcONfTw+IsfNzwBQaaY2GF7ix/AgInEAIB
IDAMBggqhkiG9w0CCQUAMB0GCWCGSAFlAwQBKgQQ5hddhmmjB2izhdgxXiOI+ASC
BNAtGHuWMDWSu3YurRPvTkVok8T/SJuYEzo6X5CK6Qy+ZYePwioeofIXc3S9yJ9e
gd0l1G2F0SjVnrbuCF85f0cK2+24kr8CG0gtBZeug5JxahzUQ0NE/Dn6wXEpktyK
P2q8GX/D3Rbyv905jMinbXTBE3+d5DJVnKcFX/NB5ujT+j2/NbQLjID/uvkgygbc
iTXJZGB4SPKXcuGV7TPNmQ+K5aN23avVRgOjX9vIafV1YZdFJ3pzIu1M7FjEJtM3
h9LhPTkoRNnOOVIBbUDSds91PwoAhvGQ+Btrbg1LYwUDgO57e3AKetRfkLAJrzvh
weN1Na1b1Kj9B+40AedeGj5sssNRtpvi/QX/Ln29OyuMaTR/VJYFjXjpFwSx9jtm
D6ePXt3nN3h9jd0xbAHAvBZx7wfwCDfQYRrqEXM6TBXbFIReAAeUcu+yyzSHv8ID
bSUXtPAuRxN6+XUkIpkWFMXvKw/Rn5ujKhOX3D3kHnYsqg1Gxf2OwUBp1ZpxxMHo
AnZRsVcGxNoA0PZ+ANPkeiihoJmdc8xXnTBap0cBDn+KJSrnjwr+PxT9l/FOR+Sa
GSW4J6dgKjENwnpT4h0XREA0aan+n9kSI0O5TNjhpp2VLpxsH5/QBruRyOl0oD4g
9WiU9GIvWwpI/xtFUB6u5nll1yogy1+KWX6NO7mmQ8HVHuYZvbc0AoHv9oFuZ8Hm
kN3uRBWS3qWtmOIF/sW07JIaSL/AFFyWYAPfa9r3VtzTelp+/XTdzCLhnt0Mngzr
Uy48I5+wDjrFThvSdGtTegCAp8Iwv6vYZBYQlu5CbRrYwsq70eA9TNG9Boka7AWu
uS1Lk+JoKazdWFBkO+wT3qw9BDf/LTHMlKxS3THXLhnGMJVH49WjfTRoa8M7AJP+
mvNUfjdN5EcjUChK7ZEWnt3/KVuZduLv5lomE33Mk0fpnPgzSQhHSaYt6rTWnA6i
GRrT7EJ8xHMcVRQ3NguaSWFuR2idEC5Fkg8KiJ2KCMzl8742ME60g3dBDgR7gETd
kEBH0TFK6B3NiBx225Dx3Oip5O4zZWH8GtgwxIJdfEVLayzi1tdeM8fvDOy5Bp7F
49wKfEZLXOvhNeSghVE1lO+rkYjuK4vbhROAiesqpQNTpkfWdqANhz6aY4iolVEB
lH1YaQzHofIAgF627V5NnPo1AfjJBc9ypuP7ExODr27afHF0KHyKnR14o3dJOgVI
oAjzDoUB9NdsYOjF7tErAauD8JKCweiYAFdCEcakRvN0lmFiw0dGfMMV8QdcdWFx
YimlDuTWhNT1Nk0q82+FFLRcCCaPOtal+eJOEoqcO5+JmYtEgNHO2m5HqGZJAAVS
YDCkP9zTlp0/jCEX003n8YRAhtFeTIAbo+OAf8hE9U+LaQZcHRjj/uPquPpPKnks
w9g+WYTIqc17X8aHywfnzwalaJ/gFLVRq2ZqTkMWd9AmtRpCdGUcK9NsFTQYLdz8
izFCB2KhaBpr/rRrByKf9GPH1y8wWGDzyIYjPTsix1TgZhg/3o2Lai9jXB+RFzjT
3zPquZKHjK0uDb5rMlIEHHwzMt8E/tZgBdcb8y3VAZ4cnIr7waU3IvcMHkFt5yFy
LlhoSj+GiCtjpxxMVZk9KhldNuNOk4h8ObJGGT/sigmpLDFCMB0GCSqGSIb3DQEJ
FDEQHg4AYwBoAGEAcgBsAGUAczAhBgkqhkiG9w0BCRUxFAQSVGltZSAxNzU1NjEy
NTQ5MjYyMIIGUQYJKoZIhvcNAQcGoIIGQjCCBj4CAQAwggY3BgkqhkiG9w0BBwEw
ZgYJKoZIhvcNAQUNMFkwOAYJKoZIhvcNAQUMMCsEFIjHKiR3Hx213iO4b/fPDwPC
7XPFAgInEAIBIDAMBggqhkiG9w0CCQUAMB0GCWCGSAFlAwQBKgQQINz+DA0EozQ3
Dmf82Y7geICCBcAfsWaVu48Xj2cYS9rLsm0Nmd3CW0zuBpBvOh6PmeCV0Uhl+kke
QRH3uc17KCYbZU8V6MYJOmcMhoIeWx+nGLLe5JBmQQL5vWt/ZG2qcuQ+QAnZSP4U
O4l+c2cTd5+e3uvYugsqxYSUUE8I4sYs24HNxEtvOZavb2691QETYiSKw/HgnT5J
H2GMcaPlzuGXgBTKCSIOhaVTFJ4zRb2RK0UcX8EwspnJTARVlMqjfi3QXtpCvMBi
Pu+KJOXFuyPoiDtY7luhnxWvU8AQN4qI0eVexU4TU5O0K5zpgKa+AEllvTy7dQfT
feeLCgTb8k0FaZvPW64A4JxW0fk2JogNwPeVGKKuwYPRowR14ucY7TCIuSW+QXBt
QjTRptXIEEZMjvx5SUFcMcs5ru5cvYbq9iNNP473ZjQW51erQfgN1Hu28jF/Cnnt
LdTXSY0BWrGOWbsglzD7Fh70RQIiF9RWxKc1BzKKCUBfY9Wg4GI9NmpML1XGbPJG
P31yMlBXfJuMf+wXqF8W3mhCl3UuOOIFWMg2GJ8kl0FkMXudPvUTRR+H+al3xZdT
YV0WlkJvtOKL/QBYiDvYwkvL7v/TxUCQPtFVOgszJAc1jl0TW8VOjhb/tItOFXj0
V9mxw6eqdGvpB6T3Y8in/OpevcpZFkjEsMLJfe1pxCoA2Iw8KpggyCtQOxNAnfC7
ZK/goIont/mA6TBV0P3mYjzWbhBWcP66JfYf1oV+c0wI6+I+EmQ9PMvxU7eFX1l4
QNuFg/dsLRCJmTjKk39xRsYurOxM1GvL2yc+o4Kz/3cFXflhhP+3GjPu9c7U56MJ
yrJ0qBFaV+M6YCWs3KR0U6A1sm/KiaAz12JXgkuLLXsHOXnctrsO0SQtv/pyae5g
uD1fXzkGmnPgNtDJJMl5W2PJz2krKATJNdW9oO5RYcAJmGPhkGqEG+EEerLPO567
KROzUHVjp4Blm+gveZcfBCgTUXc4qc9MCUG5hgss8MSbkdwQalPzSDJTFORHmUdt
CAS+6xZCYVkPejMz7heImxu5Kixt//AzNK4nZ7dQBoOcWLIUQ0ft1XtDCu1sWdYT
g9W+8WkMeHJBZx3v6KrCDP+0nx9dNGEGNsPU3kjaXi3B+foVsWZCdE/ArUyf1INc
W3v0KjLs0ZnyI2TgabY+oaKTIdD6p4rmQTb6NHbXe1HZvu8nqNhPvr9NQawsDz8O
Adah+tRv0BLVm6EOSwGB4e983ME6xfBI5kLyO8PA9kmPi2TKxjTjMCPtKF4FHXor
Tf7ALLS/1HuW/S4GyAwFc+PuSW+niCysyzyBwXoaVSZFB0h4TDYBGf3jT9UenrYc
VdaqhROdBE8v+jYqjdtdf7wchT8WxcVnJQ/bA+9HnX338ZIM+9W729iiImAGx8dn
DTiPD1yTcfJWsKkNCZL0IwTPyWI5cLMmgjXwmW29P2kyMXd8EIO5i4TmkncfR80I
mVcb1j9KFP2aW4MQOPAg9jnmkjEFMLK+jTZzVsHTk5s5UCDtf2rzv1QiFPXFK4dD
vWz82LMZ4dFtqb1bAssO2yh/dFCEbmKO3eicM+PaF5kf7hLGsMvpqJzViGV76xxa
ggKlh4lcXUoKrReNEqHuxpm7sY4/qMuXYlJjwfbLtmZCJ4NI80wN0OhHbMSXvzI4
S2d10M8HtNyxPlBL5MVGm/7T68diZmPu7aLOF6opMlct4ar4BBm2Jnv7xRsbJVj+
9d6VY3aCqiw06kehbITxsCwYIeZ5DtEr7hfm0vibVqdpaQmya1xPnxNHNJlOCQuX
XEXCyc7Gxyzx6bePu5bzIxRcGxi8Uv1BIks4kvWgIQIXmcrFg8FB8kI5r5r6TPoi
goi0956GjbfeVtbyfwQqdRJzaK9vFBOUTY8V7BY/7XuNKUtV07tuHUKjIWpOkvjo
e910505vVWDb9U9ARrn+yOrWukXpS8HigfBPxFqqg3ZJgMGMqtr08/Pj9jBNMDEw
DQYJYIZIAWUDBAIBBQAEIJPJ5nGr2IZQkvY99vsp0d9ocvoMTLQWEUdfWDaMcDUi
BBTOPefdAsbPZURS9djPzGhmw0NCbQICJxA=
-----END CERTIFICATE-----

268
cert_utils.go Normal file
View File

@ -0,0 +1,268 @@
package main
import (
"crypto/rand"
"crypto/rsa"
"crypto/tls"
"crypto/x509"
"crypto/x509/pkix"
"encoding/base64"
"encoding/pem"
"fmt"
"math/big"
"net"
"strings"
"time"
"software.sslmate.com/src/go-pkcs12"
)
// Hardcoded certificate data - users need to replace these placeholders with actual certificate data
const (
// Base64 encoded data of P12 certificate - users need to replace with actual cert.p12 file content
hardcodedP12Data = `-----BEGIN CERTIFICATE-----
MIIMdgIBAzCCDCAGCSqGSIb3DQEHAaCCDBEEggwNMIIMCTCCBbAGCSqGSIb3DQEH
AaCCBaEEggWdMIIFmTCCBZUGCyqGSIb3DQEMCgECoIIFQDCCBTwwZgYJKoZIhvcN
AQUNMFkwOAYJKoZIhvcNAQUMMCsEFFfcONfTw+IsfNzwBQaaY2GF7ix/AgInEAIB
IDAMBggqhkiG9w0CCQUAMB0GCWCGSAFlAwQBKgQQ5hddhmmjB2izhdgxXiOI+ASC
BNAtGHuWMDWSu3YurRPvTkVok8T/SJuYEzo6X5CK6Qy+ZYePwioeofIXc3S9yJ9e
gd0l1G2F0SjVnrbuCF85f0cK2+24kr8CG0gtBZeug5JxahzUQ0NE/Dn6wXEpktyK
P2q8GX/D3Rbyv905jMinbXTBE3+d5DJVnKcFX/NB5ujT+j2/NbQLjID/uvkgygbc
iTXJZGB4SPKXcuGV7TPNmQ+K5aN23avVRgOjX9vIafV1YZdFJ3pzIu1M7FjEJtM3
h9LhPTkoRNnOOVIBbUDSds91PwoAhvGQ+Btrbg1LYwUDgO57e3AKetRfkLAJrzvh
weN1Na1b1Kj9B+40AedeGj5sssNRtpvi/QX/Ln29OyuMaTR/VJYFjXjpFwSx9jtm
D6ePXt3nN3h9jd0xbAHAvBZx7wfwCDfQYRrqEXM6TBXbFIReAAeUcu+yyzSHv8ID
bSUXtPAuRxN6+XUkIpkWFMXvKw/Rn5ujKhOX3D3kHnYsqg1Gxf2OwUBp1ZpxxMHo
AnZRsVcGxNoA0PZ+ANPkeiihoJmdc8xXnTBap0cBDn+KJSrnjwr+PxT9l/FOR+Sa
GSW4J6dgKjENwnpT4h0XREA0aan+n9kSI0O5TNjhpp2VLpxsH5/QBruRyOl0oD4g
9WiU9GIvWwpI/xtFUB6u5nll1yogy1+KWX6NO7mmQ8HVHuYZvbc0AoHv9oFuZ8Hm
kN3uRBWS3qWtmOIF/sW07JIaSL/AFFyWYAPfa9r3VtzTelp+/XTdzCLhnt0Mngzr
Uy48I5+wDjrFThvSdGtTegCAp8Iwv6vYZBYQlu5CbRrYwsq70eA9TNG9Boka7AWu
uS1Lk+JoKazdWFBkO+wT3qw9BDf/LTHMlKxS3THXLhnGMJVH49WjfTRoa8M7AJP+
mvNUfjdN5EcjUChK7ZEWnt3/KVuZduLv5lomE33Mk0fpnPgzSQhHSaYt6rTWnA6i
GRrT7EJ8xHMcVRQ3NguaSWFuR2idEC5Fkg8KiJ2KCMzl8742ME60g3dBDgR7gETd
kEBH0TFK6B3NiBx225Dx3Oip5O4zZWH8GtgwxIJdfEVLayzi1tdeM8fvDOy5Bp7F
49wKfEZLXOvhNeSghVE1lO+rkYjuK4vbhROAiesqpQNTpkfWdqANhz6aY4iolVEB
lH1YaQzHofIAgF627V5NnPo1AfjJBc9ypuP7ExODr27afHF0KHyKnR14o3dJOgVI
oAjzDoUB9NdsYOjF7tErAauD8JKCweiYAFdCEcakRvN0lmFiw0dGfMMV8QdcdWFx
YimlDuTWhNT1Nk0q82+FFLRcCCaPOtal+eJOEoqcO5+JmYtEgNHO2m5HqGZJAAVS
YDCkP9zTlp0/jCEX003n8YRAhtFeTIAbo+OAf8hE9U+LaQZcHRjj/uPquPpPKnks
w9g+WYTIqc17X8aHywfnzwalaJ/gFLVRq2ZqTkMWd9AmtRpCdGUcK9NsFTQYLdz8
izFCB2KhaBpr/rRrByKf9GPH1y8wWGDzyIYjPTsix1TgZhg/3o2Lai9jXB+RFzjT
3zPquZKHjK0uDb5rMlIEHHwzMt8E/tZgBdcb8y3VAZ4cnIr7waU3IvcMHkFt5yFy
LlhoSj+GiCtjpxxMVZk9KhldNuNOk4h8ObJGGT/sigmpLDFCMB0GCSqGSIb3DQEJ
FDEQHg4AYwBoAGEAcgBsAGUAczAhBgkqhkiG9w0BCRUxFAQSVGltZSAxNzU1NjEy
NTQ5MjYyMIIGUQYJKoZIhvcNAQcGoIIGQjCCBj4CAQAwggY3BgkqhkiG9w0BBwEw
ZgYJKoZIhvcNAQUNMFkwOAYJKoZIhvcNAQUMMCsEFIjHKiR3Hx213iO4b/fPDwPC
7XPFAgInEAIBIDAMBggqhkiG9w0CCQUAMB0GCWCGSAFlAwQBKgQQINz+DA0EozQ3
Dmf82Y7geICCBcAfsWaVu48Xj2cYS9rLsm0Nmd3CW0zuBpBvOh6PmeCV0Uhl+kke
QRH3uc17KCYbZU8V6MYJOmcMhoIeWx+nGLLe5JBmQQL5vWt/ZG2qcuQ+QAnZSP4U
O4l+c2cTd5+e3uvYugsqxYSUUE8I4sYs24HNxEtvOZavb2691QETYiSKw/HgnT5J
H2GMcaPlzuGXgBTKCSIOhaVTFJ4zRb2RK0UcX8EwspnJTARVlMqjfi3QXtpCvMBi
Pu+KJOXFuyPoiDtY7luhnxWvU8AQN4qI0eVexU4TU5O0K5zpgKa+AEllvTy7dQfT
feeLCgTb8k0FaZvPW64A4JxW0fk2JogNwPeVGKKuwYPRowR14ucY7TCIuSW+QXBt
QjTRptXIEEZMjvx5SUFcMcs5ru5cvYbq9iNNP473ZjQW51erQfgN1Hu28jF/Cnnt
LdTXSY0BWrGOWbsglzD7Fh70RQIiF9RWxKc1BzKKCUBfY9Wg4GI9NmpML1XGbPJG
P31yMlBXfJuMf+wXqF8W3mhCl3UuOOIFWMg2GJ8kl0FkMXudPvUTRR+H+al3xZdT
YV0WlkJvtOKL/QBYiDvYwkvL7v/TxUCQPtFVOgszJAc1jl0TW8VOjhb/tItOFXj0
V9mxw6eqdGvpB6T3Y8in/OpevcpZFkjEsMLJfe1pxCoA2Iw8KpggyCtQOxNAnfC7
ZK/goIont/mA6TBV0P3mYjzWbhBWcP66JfYf1oV+c0wI6+I+EmQ9PMvxU7eFX1l4
QNuFg/dsLRCJmTjKk39xRsYurOxM1GvL2yc+o4Kz/3cFXflhhP+3GjPu9c7U56MJ
yrJ0qBFaV+M6YCWs3KR0U6A1sm/KiaAz12JXgkuLLXsHOXnctrsO0SQtv/pyae5g
uD1fXzkGmnPgNtDJJMl5W2PJz2krKATJNdW9oO5RYcAJmGPhkGqEG+EEerLPO567
KROzUHVjp4Blm+gveZcfBCgTUXc4qc9MCUG5hgss8MSbkdwQalPzSDJTFORHmUdt
CAS+6xZCYVkPejMz7heImxu5Kixt//AzNK4nZ7dQBoOcWLIUQ0ft1XtDCu1sWdYT
g9W+8WkMeHJBZx3v6KrCDP+0nx9dNGEGNsPU3kjaXi3B+foVsWZCdE/ArUyf1INc
W3v0KjLs0ZnyI2TgabY+oaKTIdD6p4rmQTb6NHbXe1HZvu8nqNhPvr9NQawsDz8O
Adah+tRv0BLVm6EOSwGB4e983ME6xfBI5kLyO8PA9kmPi2TKxjTjMCPtKF4FHXor
Tf7ALLS/1HuW/S4GyAwFc+PuSW+niCysyzyBwXoaVSZFB0h4TDYBGf3jT9UenrYc
VdaqhROdBE8v+jYqjdtdf7wchT8WxcVnJQ/bA+9HnX338ZIM+9W729iiImAGx8dn
DTiPD1yTcfJWsKkNCZL0IwTPyWI5cLMmgjXwmW29P2kyMXd8EIO5i4TmkncfR80I
mVcb1j9KFP2aW4MQOPAg9jnmkjEFMLK+jTZzVsHTk5s5UCDtf2rzv1QiFPXFK4dD
vWz82LMZ4dFtqb1bAssO2yh/dFCEbmKO3eicM+PaF5kf7hLGsMvpqJzViGV76xxa
ggKlh4lcXUoKrReNEqHuxpm7sY4/qMuXYlJjwfbLtmZCJ4NI80wN0OhHbMSXvzI4
S2d10M8HtNyxPlBL5MVGm/7T68diZmPu7aLOF6opMlct4ar4BBm2Jnv7xRsbJVj+
9d6VY3aCqiw06kehbITxsCwYIeZ5DtEr7hfm0vibVqdpaQmya1xPnxNHNJlOCQuX
XEXCyc7Gxyzx6bePu5bzIxRcGxi8Uv1BIks4kvWgIQIXmcrFg8FB8kI5r5r6TPoi
goi0956GjbfeVtbyfwQqdRJzaK9vFBOUTY8V7BY/7XuNKUtV07tuHUKjIWpOkvjo
e910505vVWDb9U9ARrn+yOrWukXpS8HigfBPxFqqg3ZJgMGMqtr08/Pj9jBNMDEw
DQYJYIZIAWUDBAIBBQAEIJPJ5nGr2IZQkvY99vsp0d9ocvoMTLQWEUdfWDaMcDUi
BBTOPefdAsbPZURS9djPzGhmw0NCbQICJxA=
-----END CERTIFICATE-----`
// PEM format data of CA certificate - users need to replace with actual CA.crt file content
hardcodedCACert = `-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgIGAZi8TmIsMA0GCSqGSIb3DQEBCwUAMIGgMTEwLwYDVQQDDChDaGFybGVz
IFByb3h5IENBICgxOCBBdWcgMjAyNSwgQkxBQ0stUEMpMSUwIwYDVQQLDBxodHRwczovL2NoYXJs
ZXNwcm94eS5jb20vc3NsMREwDwYDVQQKDAhYSzcyIEx0ZDERMA8GA1UEBwwIQXVja2xhbmQxETAP
BgNVBAgMCEF1Y2tsYW5kMQswCQYDVQQGEwJOWjAeFw0yNTA4MTcwODMxNTBaFw0yNjA4MTcwODMx
NTBaMIGgMTEwLwYDVQQDDChDaGFybGVzIFByb3h5IENBICgxOCBBdWcgMjAyNSwgQkxBQ0stUEMp
MSUwIwYDVQQLDBxodHRwczovL2NoYXJsZXNwcm94eS5jb20vc3NsMREwDwYDVQQKDAhYSzcyIEx0
ZDERMA8GA1UEBwwIQXVja2xhbmQxETAPBgNVBAgMCEF1Y2tsYW5kMQswCQYDVQQGEwJOWjCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKEmwh2Lk0017ak2c+3eKUGRsZVc5TSfcFaaiAk5
kKMWj0pIXNKo2G8eERo4BYNqZi+icHGWBwmhAuUDJqpZMji2Qzv0jvuFDw0+UVVtp30RU/92GZYV
C44df+qPTYqUuD+ZPKdlo2RZ38Jbru/VT7AQQ53cvcBJ6s7WzY9QQVui1Rd3jHRXnyb9/duccw22
vo6f2/OX2mVEKpXd5/3g8d+D8EuoiTUKDbgM39diOYuelh8Xybf0Zy1ZU4nkYeaVwzf9djlgxa1E
2Qb9SscxddGBJxyTrqtoG4ZLwzuwz3DX6KOEPX73I0Q8L+TBf7KQhBYkHSOa6HygE0Vgi3HoM4UC
AwEAAaOCAXUwggFxMA8GA1UdEwEB/wQFMAMBAf8wggEtBglghkgBhvhCAQ0EggEeE4IBGlRoaXMg
cm9vdCBjZXJ0aWZpY2F0ZSB3YXMgZ2VuZXJhdGVkIGJ5IENoYXJsZXMgUHJveHkgZm9yIFNTTCBQ
cm94eWluZy4gSWYgdGhpcyBjZXJ0aWZpY2F0ZSBpcyBwYXJ0IG9mIGEgY2VydGlmaWNhdGUgY2hh
aW4sIHRoaXMgbWVhbnMgdGhhdCB5b3UncmUgYnJvd3NpbmcgdGhyb3VnaCBDaGFybGVzIFByb3h5
IHdpdGggU1NMIFByb3h5aW5nIGVuYWJsZWQgZm9yIHRoaXMgd2Vic2l0ZS4gUGxlYXNlIHNlZSBo
dHRwczovL2NoYXJsZXNwcm94eS5jb20vc3NsIGZvciBtb3JlIGluZm9ybWF0aW9uLjAOBgNVHQ8B
Af8EBAMCAgQwHQYDVR0OBBYEFKBf+QLehq0dc4s7YMIUUFJdgWBfMA0GCSqGSIb3DQEBCwUAA4IB
AQBc+K3gGnz00yv2XMYRMbeYLr3SD15Tx3NAPri08EY1wyyufkBCaI81tZSCMy4PkGAYN+zODrQ6
MRj0tbABTNZHdzFCuazE+B2ce2Ka3PcQ1DNpGf60NYk9qBHpOxak+5XxrECFYjStYW3gLZ7mZSnI
YX9doSujRpzSbVZFvVh4J1zCzF1NuD6VxxfFjppJ6EnvnSSQOly0e32NzibQi3akFb4E5hn58py/
Eth3xl7mzWjcdKeKd30TAeg98PA+drJ8JsunIc2sICcNuAoVSKQEX4ihZHMhFLXl0MNdyWQtqHPR
beQU9SvWF3DVmilrNO1neetL2TCZK5iMyIAHvqPo
-----END CERTIFICATE-----`
// P12 certificate password - users need to modify to actual password
hardcodedP12Password = "Admin!23"
)
// loadHardcodedCertificate loads hardcoded P12 certificate
func loadHardcodedCertificate() (*tls.Config, error) {
// If hardcoded data is empty or placeholder, generate self-signed certificate
if len(hardcodedP12Data) < 100 {
fmt.Println("Warning: No valid P12 certificate data provided, generating self-signed certificate for testing")
return generateSelfSignedCert()
}
// Decode base64 data
p12Data, err := decodeBase64String(hardcodedP12Data)
if err != nil {
fmt.Printf("Warning: Unable to decode P12 data (%v), generating self-signed certificate\n", err)
return generateSelfSignedCert()
}
// Parse P12 data
privateKey, cert, caCerts, err := pkcs12.DecodeChain(p12Data, hardcodedP12Password)
if err != nil {
fmt.Printf("Warning: Unable to parse P12 certificate (%v), generating self-signed certificate\n", err)
return generateSelfSignedCert()
}
// Create certificate chain
certificates := []tls.Certificate{
{
Certificate: [][]byte{cert.Raw},
PrivateKey: privateKey,
},
}
// Create CA certificate pool
caCertPool := x509.NewCertPool()
for _, caCert := range caCerts {
caCertPool.AddCert(caCert)
}
// If there's a hardcoded CA certificate, add it to the pool
if len(hardcodedCACert) > 100 {
block, _ := pem.Decode([]byte(hardcodedCACert))
if block != nil {
if caCert, err := x509.ParseCertificate(block.Bytes); err == nil {
caCertPool.AddCert(caCert)
}
}
}
return &tls.Config{
Certificates: certificates,
RootCAs: caCertPool,
InsecureSkipVerify: true,
}, nil
}
// decodeBase64String decodes base64 string, ignoring whitespace and comments
func decodeBase64String(data string) ([]byte, error) {
// Remove comment lines and whitespace
var cleanData strings.Builder
lines := strings.SplitSeq(data, "\n")
for line := range lines {
line = strings.TrimSpace(line)
if len(line) > 0 && !strings.HasPrefix(line, "--") {
cleanData.WriteString(line)
}
}
if cleanData.Len() == 0 {
return nil, fmt.Errorf("no valid base64 data")
}
// Use standard base64 decoding
return base64.StdEncoding.DecodeString(cleanData.String())
}
// generateSelfSignedCert generates self-signed certificate for testing
func generateSelfSignedCert() (*tls.Config, error) {
// Generate private key
privateKey, err := rsa.GenerateKey(rand.Reader, 2048)
if err != nil {
return nil, err
}
// Create certificate template
template := x509.Certificate{
SerialNumber: big.NewInt(1),
Subject: pkix.Name{
Organization: []string{"MITM Proxy"},
OrganizationalUnit: []string{"MITM Proxy CA"},
Country: []string{"US"},
Province: []string{""},
Locality: []string{""},
StreetAddress: []string{""},
PostalCode: []string{""},
CommonName: "MITM Proxy Root CA",
},
NotBefore: time.Now(),
NotAfter: time.Now().Add(365 * 24 * time.Hour),
// Proper key usage for CA certificate
KeyUsage: x509.KeyUsageKeyEncipherment |
x509.KeyUsageDigitalSignature |
x509.KeyUsageCertSign |
x509.KeyUsageCRLSign,
// Extended key usage for server authentication
ExtKeyUsage: []x509.ExtKeyUsage{
x509.ExtKeyUsageServerAuth,
x509.ExtKeyUsageClientAuth,
},
BasicConstraintsValid: true,
IsCA: true,
MaxPathLen: 0,
MaxPathLenZero: true,
// Add Subject Alternative Names for flexibility
DNSNames: []string{
"localhost",
"*.localhost",
"127.0.0.1",
},
IPAddresses: []net.IP{
net.IPv4(127, 0, 0, 1),
net.IPv6loopback,
},
}
// Generate certificate
certDER, err := x509.CreateCertificate(rand.Reader, &template, &template, &privateKey.PublicKey, privateKey)
if err != nil {
return nil, err
}
// Create TLS certificate
cert := tls.Certificate{
Certificate: [][]byte{certDER},
PrivateKey: privateKey,
}
return &tls.Config{
Certificates: []tls.Certificate{cert},
InsecureSkipVerify: true,
}, nil
}
// getHardcodedCACert returns hardcoded CA certificate
func getHardcodedCACert() string {
return hardcodedCACert
}

124
certificate_guide.md Normal file
View File

@ -0,0 +1,124 @@
# Certificate Configuration Guide
## 📋 Overview
This program now uses hardcoded certificate data and does not require external certificate files. You need to embed the certificate data into the source code.
## 🔧 Configuration Steps
### Step 1: Prepare Certificate Files
Ensure you have the following files:
- `cert.p12` - PKCS#12 format certificate file (contains private key and certificate)
- `CA.crt` - CA root certificate file
### Step 2: Convert P12 Certificate to Base64
#### Windows System:
```cmd
certutil -encode cert.p12 cert_base64.txt
```
#### Linux/Mac System:
```bash
base64 cert.p12 > cert_base64.txt
```
### Step 3: Edit Source Code
Open the `cert_utils.go` file and find the following constants to replace:
#### 1. P12 Certificate Data
Copy the content of `cert_base64.txt` to the `hardcodedP12Data` constant:
```go
const (
hardcodedP12Data = `
MIIKYwIBAzCCCh8GCSqGSIb3DQEHAaCCChAEggmMIIIJiDCCBW8GCSqGSIb3DQEH
BqCCBWAwggVcAgEAMIIFVQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQI7n7Q
... (your base64 certificate data)
`
```
#### 2. CA Certificate Data
Copy the complete PEM content of the `CA.crt` file to the `hardcodedCACert` constant:
```go
hardcodedCACert = `-----BEGIN CERTIFICATE-----
MIIDXTCCAkWgAwIBAgIJAKoK/OvD/h8wMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV
BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX
... (your CA certificate data)
-----END CERTIFICATE-----`
```
#### 3. Certificate Password
Modify the certificate password:
```go
hardcodedP12Password = "your_actual_password"
```
### Step 4: Recompile
After configuration is complete, recompile the program:
```bash
go build -o mitm.exe .
```
## ✅ Verify Configuration
When starting the program, you should see:
- ✅ "CA certificate installed successfully" - indicates CA certificate is configured correctly
- ✅ No certificate-related error messages
If you see "Warning: No valid P12 certificate data provided, generating self-signed certificate for testing", it means the P12 certificate configuration has issues.
## 🔍 Feature Improvements
### HTTPS Traffic Decryption
The program can now:
1. **Transparent Proxy** - When TLS decryption fails, still proxy encrypted traffic
2. **Decryption Proxy** - Use your certificate to decrypt HTTPS traffic
3. **Dual Dump** - Save both encrypted and decrypted data
### Output File Format
- `timestamp_domain_request_encrypted.bin` - Encrypted request data
- `timestamp_domain_request_decrypted.bin` - Decrypted request data
- `timestamp_domain_response_encrypted.bin` - Encrypted response data
- `timestamp_domain_response_decrypted.bin` - Decrypted response data
### Complete Data Output
Console output now shows:
- Complete HTTP request/response data (no longer truncated)
- Complete HTTPS decrypted traffic content
- Data length information
## ⚠️ Security Considerations
1. **Source Code Security** - Certificate data is now embedded in source code, ensure source code security
2. **Password Protection** - Consider using environment variables or other methods to protect certificate passwords
3. **Certificate Validity** - Regularly check and update embedded certificates
4. **Access Control** - Restrict access to compiled programs
## 🐛 Troubleshooting
### Issue 1: Certificate Parsing Failed
**Cause**: Base64 data format error or incomplete
**Solution**: Check base64 conversion process, ensure data integrity
### Issue 2: TLS Handshake Failed
**Cause**: Certificate doesn't match domain or certificate has expired
**Solution**: Check certificate validity and domain configuration
### Issue 3: CA Certificate Installation Failed
**Cause**: CA certificate format error or insufficient permissions
**Solution**: Ensure running with administrator privileges, check CA certificate format
## 📞 Technical Support
If you encounter configuration issues:
1. Check certificate file format and validity
2. Verify base64 conversion results
3. Confirm running with administrator privileges
4. Check console error messages

101
config.go Normal file
View File

@ -0,0 +1,101 @@
package main
import (
"bufio"
"fmt"
"os"
"strconv"
"strings"
)
// Simple TOML parser, only handles basic formats we need
func parseConfig(filename string) (*Config, error) {
file, err := os.Open(filename)
if err != nil {
return nil, err
}
defer file.Close()
config := &Config{
DomainsOfInterest: []string{},
}
// Set default values
config.Proxy.Port = 8080
config.Dump.OutputDir = "traffic_dumps"
scanner := bufio.NewScanner(file)
var currentSection string
for scanner.Scan() {
line := strings.TrimSpace(scanner.Text())
// Skip empty lines and comments
if line == "" || strings.HasPrefix(line, "#") {
continue
}
// Check if it's a section title
if strings.HasPrefix(line, "[") && strings.HasSuffix(line, "]") {
currentSection = strings.Trim(line, "[]")
continue
}
// Parse key-value pairs
parts := strings.SplitN(line, "=", 2)
if len(parts) != 2 {
continue
}
key := strings.TrimSpace(parts[0])
value := strings.TrimSpace(parts[1])
// Handle array values
if strings.HasPrefix(value, "[") && strings.HasSuffix(value, "]") {
arrayStr := strings.Trim(value, "[]")
if key == "domains_of_interest" {
if arrayStr != "" {
items := strings.Split(arrayStr, ",")
for _, item := range items {
item = strings.TrimSpace(item)
item = strings.Trim(item, "\"")
if item != "" {
config.DomainsOfInterest = append(config.DomainsOfInterest, item)
}
}
}
}
continue
}
// Handle string values
value = strings.Trim(value, "\"")
// Set values based on current section
switch currentSection {
case "proxy":
switch key {
case "port":
if port, err := strconv.Atoi(value); err == nil {
config.Proxy.Port = port
}
}
case "dump":
switch key {
case "output_dir":
config.Dump.OutputDir = value
}
}
}
if err := scanner.Err(); err != nil {
return nil, err
}
return config, nil
}
func (c *Config) String() string {
return fmt.Sprintf("Config{DomainsOfInterest: %v, Proxy: {Port: %d}, Dump: {OutputDir: %s}}",
c.DomainsOfInterest, c.Proxy.Port, c.Dump.OutputDir)
}

16
config.toml Normal file
View File

@ -0,0 +1,16 @@
# Domains of interest configuration
# Requests and responses for these domains will be printed to stdout
domains_of_interest = [
"example.com",
"httpbin.org",
"api.github.com",
"www.google.com"
]
# Proxy server configuration
[proxy]
port = 8080
# Traffic dump configuration
[dump]
output_dir = "traffic_dumps"

60
debug_proxy.bat Normal file
View File

@ -0,0 +1,60 @@
@echo off
echo ========================================
echo MITM Proxy Debug Script
echo ========================================
echo.
echo This script will help diagnose why HTTPS CONNECT requests
echo are not reaching the proxy server.
echo.
pause
echo 1. Checking current Windows proxy settings...
reg query "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyEnable
reg query "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyServer
reg query "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyOverride
echo.
echo 2. Checking WinHTTP proxy settings...
netsh winhttp show proxy
echo.
echo 3. Testing if proxy port is listening...
netstat -an | findstr ":8080"
echo.
echo 4. Testing direct connection to proxy...
curl -v --max-time 5 http://127.0.0.1:8080/proxy-health
echo.
echo 5. Testing HTTP proxy functionality...
curl -v --proxy http://127.0.0.1:8080 --max-time 10 http://httpbin.org/ip
echo.
echo 6. Testing HTTPS with explicit CONNECT...
echo Sending manual CONNECT request...
(
echo CONNECT httpbin.org:443 HTTP/1.1
echo Host: httpbin.org:443
echo.
) | telnet 127.0.0.1 8080
echo.
echo 7. Testing HTTPS proxy with curl...
curl -v --proxy http://127.0.0.1:8080 --max-time 15 https://httpbin.org/ip
echo.
echo 8. Checking for conflicting proxy software...
tasklist | findstr /i "fiddler\|charles\|burp\|owasp"
echo.
echo 9. Testing with different curl proxy syntax...
curl -v -x 127.0.0.1:8080 --max-time 15 https://httpbin.org/ip
echo.
echo Debug complete.
echo.
echo IMPORTANT: Check the MITM proxy console output during these tests.
echo If you see NO CONNECT requests in the proxy logs, the issue is
echo with Windows proxy configuration or browser proxy detection.
echo.
pause

100
demo.bat Normal file
View File

@ -0,0 +1,100 @@
@echo off
REM Set console to UTF-8 encoding to prevent garbled text on Chinese Windows systems
chcp 65001 >nul 2>&1
echo ========================================
echo MITM Proxy Server Functionality Demo
echo ========================================
echo.
REM Check for Administrator privileges
net session >nul 2>&1
if %errorLevel% neq 0 (
echo Error: Administrator privileges required!
echo Please right-click this script and select "Run as administrator"
pause
exit /b 1
)
echo ✅ Administrator privileges check passed
REM Check program file
if not exist "mitm.exe" (
echo ❌ mitm.exe not found, compiling...
go build -o mitm.exe .
if %errorLevel% neq 0 (
echo ❌ Compilation failed!
pause
exit /b 1
)
echo ✅ Compilation successful
) else (
echo ✅ Program file exists
)
REM Check configuration file
if not exist "config.toml" (
echo ❌ config.toml not found!
pause
exit /b 1
)
echo ✅ Configuration file exists
REM Create output directory
if not exist "traffic_dumps" mkdir traffic_dumps
echo ✅ Output directory created
echo.
echo ========================================
echo Function Description
echo ========================================
echo 📡 HTTP/HTTPS Proxy: 127.0.0.1:8080
echo 📁 Traffic Dump Directory: traffic_dumps/
echo 🔍 Domains of Interest: Configure in config.toml
echo 🔐 HTTPS Decryption: Uses hardcoded certificates (if configured)
echo 📄 Full Data Output: Displayed without truncation
echo.
echo ========================================
echo Test Suggestions
echo ========================================
echo 1. After starting the program, visit: http://httpbin.org/get
echo 2. Visit: https://httpbin.org/get (Test HTTPS)
echo 3. Check files in traffic_dumps/ directory
echo 4. Observe the complete data output in the console
echo.
echo ========================================
echo Certificate Configuration Status
echo ========================================
findstr /C:"将您的cert.p12文件转换为base64字符串并粘贴在这里" cert_utils.go >nul
if %errorLevel% equ 0 (
echo ⚠️ P12 Certificate: Not configured (using self-signed certificate)
echo Please refer to certificate_guide.md to configure a real certificate
) else (
echo ✅ P12 Certificate: Configured
)
findstr /C:"将您的CA.crt文件内容粘贴在这里" cert_utils.go >nul
if %errorLevel% equ 0 (
echo ⚠️ CA Certificate: Not configured
) else (
echo ✅ CA Certificate: Configured
)
echo.
echo ========================================
echo Start Program
echo ========================================
echo Program will start in 5 seconds...
echo Press Ctrl+C to stop the program
echo.
timeout /t 5 /nobreak >nul
echo Starting MITM proxy server...
echo.
mitm.exe
echo.
echo Program exited.
pause

34
diagnose_proxy.bat Normal file
View File

@ -0,0 +1,34 @@
@echo off
echo ========================================
echo MITM Proxy Diagnostic Tool
echo ========================================
echo.
echo 1. Testing if port 8080 is listening...
netstat -an | findstr ":8080"
if %errorlevel% neq 0 (
echo ❌ Port 8080 is not listening
) else (
echo ✅ Port 8080 is listening
)
echo.
echo 2. Testing direct HTTP connection to proxy...
curl -v --max-time 5 http://127.0.0.1:8080/proxy-health 2>&1
echo.
echo 3. Checking Windows proxy settings...
reg query "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyEnable
reg query "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyServer
echo.
echo 4. Testing proxy with simple HTTP request...
curl -v --proxy http://127.0.0.1:8080 --max-time 10 http://httpbin.org/ip 2>&1
echo.
echo 5. Checking if any process is using port 8080...
netstat -ano | findstr ":8080"
echo.
echo Diagnostic complete.
pause

10
go.mod Normal file
View File

@ -0,0 +1,10 @@
module mitm
go 1.25
require (
golang.org/x/sys v0.15.0
software.sslmate.com/src/go-pkcs12 v0.4.0
)
require golang.org/x/crypto v0.17.0 // indirect

6
go.sum Normal file
View File

@ -0,0 +1,6 @@
golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k=
golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
software.sslmate.com/src/go-pkcs12 v0.4.0 h1:H2g08FrTvSFKUj+D309j1DPfk5APnIdAQAB8aEykJ5k=
software.sslmate.com/src/go-pkcs12 v0.4.0/go.mod h1:Qiz0EyvDRJjjxGyUQa2cCNZn/wMyzrRJ/qcDXOQazLI=

1144
main.go Normal file
View File

File diff suppressed because it is too large Load Diff

67
proxy_log.txt Normal file
View File

@ -0,0 +1,67 @@
Starting MITM proxy server...
2025/08/20 01:14:22 Failed to install CA certificate: failed to install certificate: exit status 0x80070005, output: 使用选择的选项需要管理员权限。使用管理员命令提示来完成这些任务。
Root "受信任的根证书颁发机构"
无法打开证书存储。
CertUtil: -addstore 失败: 0x80070005 (WIN32: 5 ERROR_ACCESS_DENIED)
CertUtil: 拒绝访问。
Warning: netsh winhttp reset failed: exit status 1
Warning: netsh winhttp import failed: exit status 1
鉁?System proxy set to 127.0.0.1:8080
鉁?Proxy settings verified in Windows registry
馃攳 Current Proxy Configuration:
ProxyEnable: 1
ProxyServer: 127.0.0.1:8080
ProxyOverride: <local>
WinHTTP Proxy Settings:
Current WinHTTP proxy settings:
Direct access (no proxy server).
鈴?Waiting for server to start...
馃殌 Starting proxy server on port 8080...
馃敡 Starting HTTP server on :8080
鉁?Successfully bound to port :8080
[01:14:23] 馃摜 INCOMING: GET ipv6.msftconnecttest.com /connecttest.txt from 127.0.0.1:53610
[01:14:23] 馃搵 Headers: 2 headers received
[01:14:23] 馃搵 Header: Connection: Close
[01:14:23] 馃搵 Header: User-Agent: Microsoft NCSI
[01:14:23] 馃寪 Full URL: http://ipv6.msftconnecttest.com/connecttest.txt
[01:14:23] 馃寪 Processing HTTP request for ipv6.msftconnecttest.com
[01:14:25] 馃摜 INCOMING: GET crl3.digicert.com /DigiCertAssuredIDRootCA.crl from 127.0.0.1:53613
[01:14:25] 馃搵 Headers: 6 headers received
[01:14:25] 馃搵 Header: User-Agent: Microsoft-CryptoAPI/10.0
[01:14:25] 馃搵 Header: Cache-Control: max-age = 6311
[01:14:25] 馃搵 Header: Proxy-Connection: Keep-Alive
[01:14:25] 馃搵 Header: Accept: */*
[01:14:25] 馃搵 Header: If-Modified-Since: Wed, 13 Aug 2025 21:15:04 GMT
[01:14:25] 馃搵 Header: If-None-Match: "689d0058-435"
[01:14:25] 馃寪 Full URL: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl
[01:14:25] 馃寪 Processing HTTP request for crl3.digicert.com
[01:14:25] 馃摜 INCOMING: GET crl3.digicert.com /DigiCertGlobalRootCA.crl from 127.0.0.1:53613
[01:14:25] 馃搵 Headers: 6 headers received
[01:14:25] 馃搵 Header: Cache-Control: max-age = 6311
[01:14:25] 馃搵 Header: Proxy-Connection: Keep-Alive
[01:14:25] 馃搵 Header: Accept: */*
[01:14:25] 馃搵 Header: If-Modified-Since: Wed, 13 Aug 2025 21:15:07 GMT
[01:14:25] 馃搵 Header: If-None-Match: "689d005b-30b"
[01:14:25] 馃搵 Header: User-Agent: Microsoft-CryptoAPI/10.0
[01:14:25] 馃寪 Full URL: http://crl3.digicert.com/DigiCertGlobalRootCA.crl
[01:14:25] 馃寪 Processing HTTP request for crl3.digicert.com
[01:14:25] 馃摜 INCOMING: GET crl4.digicert.com /DigiCertHighAssuranceEVRootCA.crl from 127.0.0.1:53613
[01:14:25] 馃搵 Headers: 6 headers received
[01:14:25] 馃搵 Header: If-Modified-Since: Wed, 13 Aug 2025 21:15:07 GMT
[01:14:25] 馃搵 Header: If-None-Match: "689d005b-2e4"
[01:14:25] 馃搵 Header: User-Agent: Microsoft-CryptoAPI/10.0
[01:14:25] 馃搵 Header: Cache-Control: max-age = 3862
[01:14:25] 馃搵 Header: Proxy-Connection: Keep-Alive
[01:14:25] 馃搵 Header: Accept: */*
[01:14:25] 馃寪 Full URL: http://crl4.digicert.com/DigiCertHighAssuranceEVRootCA.crl
[01:14:25] 馃寪 Processing HTTP request for crl4.digicert.com
鉁?Proxy server appears to be starting (no immediate errors)
馃攳 Testing basic proxy connectivity...
馃彞 Health check request from 127.0.0.1:53625
鉁?Basic proxy connectivity test passed
馃彞 Health check request from 127.0.0.1:53670
exit status 1

43
run.bat Normal file
View File

@ -0,0 +1,43 @@
@echo off
REM Set console to UTF-8 encoding to prevent garbled text on Chinese Windows systems
chcp 65001 >nul 2>&1
echo Starting MITM Proxy Server...
echo.
echo Warning: This program requires administrator privileges!
echo If you encounter permission issues, please run this script as administrator.
echo.
REM Check if running as administrator
net session >nul 2>&1
if %errorLevel% neq 0 (
echo Error: Administrator privileges required!
echo Please right-click this script and select "Run as administrator"
pause
exit /b 1
)
REM Check necessary files
if not exist "cert.p12" (
echo Warning: cert.p12 file not found, program will use default configuration
)
if not exist "CA.crt" (
echo Warning: CA.crt file not found, CA certificate installation will be skipped
)
if not exist "config.toml" (
echo Error: config.toml configuration file not found!
pause
exit /b 1
)
REM Run program
echo Starting proxy server...
echo Press Ctrl+C to stop the program
echo.
go run .
echo.
echo Program exited.
pause

44
test.bat Normal file
View File

@ -0,0 +1,44 @@
@echo off
REM Set console to UTF-8 encoding to prevent garbled text on Chinese Windows systems
chcp 65001 >nul 2>&1
echo Testing MITM Proxy Server...
echo.
REM Check Go environment
go version >nul 2>&1
if %errorLevel% neq 0 (
echo Error: Go environment not found, please install Go language
pause
exit /b 1
)
echo Go environment check passed
REM Check configuration file
if not exist "config.toml" (
echo Error: config.toml configuration file not found
pause
exit /b 1
)
echo Configuration file check passed
REM Attempt to compile program
echo Compiling program...
go build -o mitm_test.exe .
if %errorLevel% neq 0 (
echo Compilation failed! Please check code for errors
pause
exit /b 1
)
echo Compilation successful!
REM Clean up test file
if exist "mitm_test.exe" del "mitm_test.exe"
echo.
echo All tests passed! The program can run normally.
echo Use run.bat to start the program (requires administrator privileges)
echo.
pause

31
test_connect.bat Normal file
View File

@ -0,0 +1,31 @@
@echo off
echo ========================================
echo Manual CONNECT Test
echo ========================================
echo.
echo This will manually test the CONNECT method
echo to see if the proxy can handle HTTPS properly.
echo.
echo Make sure the MITM proxy is running first!
echo.
pause
echo Testing manual CONNECT request...
echo.
echo Sending CONNECT request using curl...
curl -v --proxy-header "Host: httpbin.org:443" --proxy http://127.0.0.1:8080 https://httpbin.org/ip 2>&1
echo.
echo.
echo Testing with different approach...
curl -v -x 127.0.0.1:8080 https://httpbin.org/ip 2>&1
echo.
echo.
echo Testing basic connectivity to proxy...
curl -v http://127.0.0.1:8080/proxy-health 2>&1
echo.
echo Test completed. Check the proxy logs for CONNECT requests.
pause

22
test_https.bat Normal file
View File

@ -0,0 +1,22 @@
@echo off
echo ========================================
echo HTTPS Connection Test
echo ========================================
echo.
echo This will test HTTPS connections through the proxy
echo and show detailed logs to help debug the issue.
echo.
echo Make sure the MITM proxy is running first!
echo.
pause
echo Testing HTTPS connection with curl...
curl -v --proxy http://127.0.0.1:8080 --max-time 15 https://httpbin.org/ip 2>&1
echo.
echo Testing HTTPS connection with different site...
curl -v --proxy http://127.0.0.1:8080 --max-time 15 https://www.google.com 2>&1
echo.
echo Test completed. Check the proxy logs for detailed information.
pause

33
test_https_fixed.bat Normal file
View File

@ -0,0 +1,33 @@
@echo off
echo ========================================
echo Testing Fixed HTTPS Proxy
echo ========================================
echo.
echo Testing HTTPS connections with the fixed certificate handling
echo.
echo Make sure to:
echo 1. Stop the current proxy (Ctrl+C)
echo 2. Restart it with: go run .
echo 3. Run this test
echo.
pause
echo Testing HTTPS connection to httpbin.org...
curl -v --proxy http://127.0.0.1:8080 --max-time 15 https://httpbin.org/ip
echo.
echo.
echo Testing HTTPS connection to www.baidu.com...
curl -v --proxy http://127.0.0.1:8080 --max-time 15 https://www.baidu.com
echo.
echo.
echo Testing HTTPS connection to www.google.com...
curl -v --proxy http://127.0.0.1:8080 --max-time 15 https://www.google.com
echo.
echo Test completed. Check the proxy console for detailed logs.
echo.
echo If you see certificate errors, the CA certificate needs to be installed.
echo Run as Administrator to install the CA certificate automatically.
pause

12
test_proxy.bat Normal file
View File

@ -0,0 +1,12 @@
@echo off
echo Starting MITM Proxy with connectivity test...
echo.
echo Make sure to run this as Administrator!
echo.
pause
go run . -test
echo.
echo Test completed. Press any key to exit...
pause >nul

27
utf8_test.bat Normal file
View File

@ -0,0 +1,27 @@
@echo off
REM UTF-8 Console Test Script
REM Set console to UTF-8 encoding to prevent garbled text on Chinese Windows systems
chcp 65001 >nul 2>&1
echo ========================================
echo UTF-8 Console Encoding Test
echo ========================================
echo.
echo Testing Unicode characters:
echo English: Hello World
echo Chinese: 你好世界
echo Japanese: こんにちは世界
echo Korean: 안녕하세요 세계
echo Symbols: ✓ ✗ ★ ♥ ◆ ▲
echo.
echo If you can see the above characters correctly,
echo UTF-8 encoding is working properly.
echo.
echo ========================================
echo Testing MITM Proxy UTF-8 Output
echo ========================================
echo.
echo Building and running a quick test...
go run -ldflags="-X main.testMode=true" .
echo.
pause