| .vscode | ||
| .gitignore | ||
| asr_test.go | ||
| asr.go | ||
| build.bat | ||
| CA.crt | ||
| cert_base64.txt | ||
| cert_utils.go | ||
| cert.p12 | ||
| certificate_guide.md | ||
| config.go | ||
| config.toml | ||
| debug_proxy.bat | ||
| demo.bat | ||
| diagnose_proxy.bat | ||
| DICT_README.md | ||
| dict.go | ||
| dict.txt | ||
| go.mod | ||
| go.sum | ||
| LICENSE | ||
| main.go | ||
| README.md | ||
| run.bat | ||
| test_connect.bat | ||
| test_https_fixed.bat | ||
| test_https.bat | ||
| test_proxy.bat | ||
| test.bat | ||
| TROUBLESHOOTING.md | ||
| utf8_test.bat | ||
| UTF8_FIX_README.md | ||
MITM Proxy Server
This is a Man-in-the-Middle (MITM) proxy server written in Go, similar to the functionality of Charles proxy tool.
Features
- Transparent MITM Proxy: Completely transparent HTTP/HTTPS proxy that doesn't interfere with any traffic
- Hardcoded Certificates: P12 certificate and CA certificate directly embedded in the program, no external files needed
- HTTPS Decryption: Attempts to decrypt HTTPS traffic for inspection, falls back to transparent mode if decryption fails
- Dual Traffic Dump: Save both encrypted and decrypted data to different files for analysis
- Complete Data Output: Console displays complete request/response data without truncation
- Domain Filtering: Print specific traffic to stdout based on the list of domains of interest in TOML configuration file
- System Proxy: Automatically set Windows system proxy, restore when program ends
- CA Certificate Installation: Automatically import hardcoded CA certificate to Windows trusted root certificate authorities
- Redirect Transparency: All HTTP redirects (301/302/etc.) are passed through exactly as-is without modification
- Built-in Testing: Use
-testflag to verify proxy functionality and connectivity
Prerequisites
- Go 1.21+: Ensure Go language environment is installed
- OpenSSL: For processing P12 certificate files (optional, will use basic configuration if not available)
- Administrator Privileges: Setting system proxy and installing certificates requires administrator privileges
Installation and Usage
1. Clone or Download Project
git clone <repository-url>
cd mitm
2. Install Dependencies
go mod tidy
3. Prepare Certificate Files
Ensure you have the following files:
cert.p12: P12 certificate file containing CA and private keyCA.crt: CA certificate file
4. Configuration File
Edit the config.toml file:
# Domains of interest configuration
domains_of_interest = [
"example.com",
"httpbin.org",
"api.github.com",
"www.google.com"
]
[proxy]
port = 8080
cert_file = "cert.p12"
cert_password = "your_password_here" # Change to your certificate password
ca_cert_file = "CA.crt"
[dump]
output_dir = "traffic_dumps"
5. Run Program
Important: Need to run as administrator:
# Open PowerShell or Command Prompt as administrator
go run .
Or compile and run:
go build -o mitm.exe
# Run as administrator
./mitm.exe
Usage Instructions
-
Start Program: The program will automatically:
- Install CA certificate to system trusted root certificate store
- Set system proxy to
127.0.0.1:8080 - Start proxy server
-
Traffic Interception:
- All HTTP/HTTPS traffic will be intercepted transparently
- No modification of requests, responses, or redirects
- Each request will be saved to
traffic_dumpsdirectory - Traffic from domains of interest will be printed to console
- HTTPS traffic is decrypted when possible, falls back to encrypted passthrough
-
Testing Connectivity:
# Test proxy functionality go run . -test -
Stop Program:
- Press
Ctrl+Cto stop program - Program will automatically restore original system proxy settings
- Press
File Structure
mitm/
├── main.go # Main program file
├── cert_utils.go # Certificate processing tools
├── config.toml # Configuration file
├── go.mod # Go module file
├── cert.p12 # P12 certificate file (you need to provide)
├── CA.crt # CA certificate file (you need to provide)
└── traffic_dumps/ # Traffic dump directory (auto-created)
Output File Format
HTTP Traffic Files
Filename format: YYYYMMDD_HHMMSS_domain.txt
Content includes:
- Request information (method, URL, headers, body)
- Response information (status code, headers, body)
HTTPS Traffic Files
Filename format: YYYYMMDD_HHMMSS_domain_direction.bin
Contains encrypted binary data.
Important Notes
- Administrator Privileges: Program needs administrator privileges to modify system proxy settings and install certificates
- Certificate Security: Please ensure the security of P12 certificate files, do not hardcode passwords in production environments
- Network Security: This tool is only for legal network debugging and testing purposes
- System Compatibility: Currently only supports Windows systems
Troubleshooting
-
Certificate Loading Failed:
- Check P12 file path and password
- Ensure OpenSSL is installed (optional)
-
Proxy Setting Failed:
- Ensure running with administrator privileges
- Check if port 8080 is occupied
-
CA Certificate Installation Failed:
- Ensure CA.crt file exists and format is correct
- Check administrator privileges
Development and Customization
You can modify the following parts as needed:
- Add more domains of interest in
config.toml - Modify proxy port
- Customize traffic dump format
- Add more traffic analysis features
License
Please see the LICENSE file for license information.