CD2H gitForager

starkandwayne/gotcha

Name: gotcha

Owner: Stark & Wayne

Description: A Debugging MiTM HTTP Proxy

Created: 2016-02-23 04:38:34.0

Updated: 2018-04-22 21:55:49.0

Pushed: 2018-04-03 02:01:28.0

Homepage:

Size: 658

Language: Go

GitHub Committers

User	Most Recent Commit	# Commits

Other Committers

User	Email	Most Recent Commit	# Commits

README

gotcha - A Debugging MiTM HTTP Proxy

gotcha is a small HTTP/HTTPS man-in-the-middle proxy, which you can use to troubleshoot HTTP traffic that occurs behind the veil of SSL/TLS encryption.

Man-in-the-Middle?!

Isn't that dangerous?

Yes, yes it is – if it happens to you when you aren't expecting it. As a diagnostic method, it's pretty sweet.

It works like this:

-------------+     +------------------------+     +----------+
 CLIENT      | --> |        GOTCHA          | --> | UPSTREAM |
             |     |                        |     +----------+
nnecting to  |     | binds 127.0.0.1:3128   |
7.0.0.1:3128 |     | connects to            |
lain HTTP)   |     | https://api.end.poi.nt |
-------------+     +------------------------+
                              |
                              |
                              V
                          +--------+
                          | stdout |
                          +--------+

So, instead of connecting directly to https://api.end.poi.nt, the client connects to the gotcha process, which is listening on some local port (https://127.0.0.1:3128 by default) and MitM-ing the requests/responses to the upstream.

The diagnostics part comes in because gotcha dumps the entire HTTP conversation to standard output, so you can see it in your terminal. The upstream is still talking HTTPS, but you can now see headers, bodies and response codes!

A Real Example!

It's a bit of a gimme, but here's gotcha being used to intercept HTTP traffic to www.google.com (over TLS) via curl:

otcha https://www.google.com &
eting https://www.google.com
ing :3128

rl -X HEAD http://localhost:3128
 / HTTP/1.1
: www.google.com
-Agent: curl/7.43.0
pt: */*


/1.1 200 OK
sfer-Encoding: chunked
pt-Ranges: none
er: gws

Environment Variables

Some aspects of gotcha can be configured via environment variables, to facilitate running it as a Cloud Foundry application. Here they are:

PORT Specifies the port the app will listen on
GOTCHA_BACKEND Specifies the upstream endpoint gotcha will front
SSL_SKIP_VERIFY Specifies whether gotcha will care about invalid upstream SSL certificates

This work is supported by the National Institutes of Health's National Center for Advancing Translational Sciences, Grant Number U24TR002306. This work is solely the responsibility of the creators and does not necessarily represent the official views of the National Institutes of Health.