This is my second project which demonstrates MiTM attack using a tool called Burp Suite. It utilizes a forged SSL to eavesdrop victim’s requested contents.

The outline of this project basically is intercepting victim’s browser through our forged SSL. Our SSL become the so-called “Middle-man” which any requested contents will go through our SSL first. The requested contents then can be seen using Burp Suite

Steps:

Open Burp Suite -> Proxy -> Options

Tick the running checkbox to activate the proxy

Click edit

 

Got to Request handling

Tick Support invisible proxying

 

Open terminal

Type “openssl req -x509 -days 730 -nodes -newkey rsa:2048 -outform der -keyout server.key -out certificate.der” to create the certificate

 

Fill in the information required and use “Verisign Corp” in the Organization name field

 

Type “openssl rsa -in server.key -inform pem -out server.key.der -outform der” to write the RSA key

 

Type “openssl pkcs8 -topk8 -in server.key.der -inform der -out server.key.pkcs8.der -outform der -nocrypt” to get the key used for decryption

 

Back to Burp Suite, click “Import / export CA certificate” and choose “Certificate and private key in DER format” in Import

 

Select “certificate.der” and “server.key.Lab_02.der”

 

Open firefox -> Preferences -> Advanced -> Network -> Click Settings

 

Choose “Manual proxy configuration”

Type “127.0.0.1” in the HTTP Proxy and “8080” in the Port

Tick “Use this proxy server for all protocols”

Erase all the things inside the “No Proxy for” field -> click OK

 

Open certificates tab -> click “View certificates”

Click Import

Choose file named “certificate.der”

To see the complete tutorial with images, you can see through this link:

https://drive.google.com/open?id=10Tc5JH83xfpCrGZbcuFdHOdBfFRckvz5