as root:
iptables -t nat -A OUTPUT -p tcp -m owner ! --uid-owner mitmproxyuser -d 18.159.107.117 -j REDIRECT --to-port 8080
adduser mitmproxyuser
cat /etc/nghttpx/nghttpx.conf (downstream config)
frontend=0.0.0.0,8080;no-tls
backend=127.0.0.1,8081;;proto=http/1.1
backend-keep-alive-timeout=5m
frontend-http2-read-timeout=5m
frontend-read-timeout=5m
frontend-write-timeout=5m
stream-read-timeout=5m
stream-write-timeout=5m
backend-read-timeout=5m
backend-write-timeout=5m
backend-connect-timeout=5m
listener-disable-timeout=5m
backend-http2-window-size=134217720
backend-http2-connection-window-size=1073741760
frontend-http2-window-size=134217720
frontend-http2-connection-window-size=1073741760
http2-proxy=no
private-key-file=/etc/nghttpx/server.key
certificate-file=/etc/nghttpx/server.crt
cacert=/etc/nghttpx/ca.crt
accesslog-syslog=yes
errorlog-syslog=yes
workers=5
cat /etc/nghttpx/upstream.conf (upstream config)
frontend=127.0.0.1,8082;no-tls
backend=vendor-IP,28900;;no-tls;proto=h2
backend-keep-alive-timeout=5m
frontend-http2-read-timeout=5m
frontend-read-timeout=5m
frontend-write-timeout=5m
stream-read-timeout=5m
stream-write-timeout=5m
backend-read-timeout=5m
backend-write-timeout=5m
backend-connect-timeout=5m
listener-disable-timeout=5m
http2-proxy=no
accesslog-syslog=yes
errorlog-syslog=yes
workers=5
run nghttp as root:
┌──(root?kali)-[/etc/nghttpx]
└─# nghttpx
2020-12-18T14:38:21.383+01:00 8777 8777 99aaafb4 NOTICE (shrpx.cc:2882) Loading configuration from /etc/nghttpx/nghttpx.conf
run burp suite proxy 127.0.0.1:8081 (invisible proxy)
USER OPTIONS -> Upstream proxy add 127.0.0.1:8082
as mitmproxyuser:
┌──(mitmproxyuser㉿kali)-[/etc/nghttpx]
└─$ nghttpx --conf upstream.conf
2020-12-18T14:42:00.364+01:00 9293 9293 59e630c7 NOTICE (shrpx.cc:2882) Loading configuration from upstream.conf
as root:
run python code (client http2)
