Yet Another Intercepting Proxy
dd71d26245
The proxy can now sit between a client and a https web server. It does this by looking for a CONNECT request that conventional proxies use to open a tunnel between a client and an https server. Instead of opening an opaque tunnel, yaip immediately sends bacck a "connection established" response. This tells the client (browser normally) to proceed and initiate an HTTPS connection. I use the host that was send in the connect request to set up a fake SSL server. If we have seen the domain before, we re-use the certificate, otherwise we generate a new one and sign it using YAIP's built in certificate authority. I still need to do work on forwarding the request upstream. This is my next job. Currently, yaip responds with a valid response of "it worked". ``` $ curl https://example.com --cacert ~/.config/yaip/cert.pem It worked ``` Notice, we don't get any certificate errors because we are telling curl to trust the authority that yaip uses |
||
|---|---|---|
| docs | ||
| src | ||
| tests | ||
| .gitignore | ||
| .gitmodules | ||
| Makefile | ||
| README.md | ||
YAIP
This will hopefully one day be an intercepting proxy written in c. I am using it as a way to learn rather than as a tool I expect other people to use. However, if you wish to, you are welcome to use this.
Check laws in your local area, this tool should only be used for legal purposes.