Close
0%
0%

Raspberry Pi MITM

Intercept HTTP/HTTPS traffic with a Raspberry Pi

Similar projects worth following

For the sake of a HTTPS presentation, I built that POC with a raspberry Pi.
The intent is to show how it’s easy to inspect and alter web traffic and show why SSL/TLS is important.

The Pi uses 2 wifi dongle and one of them serves as an access point.
Each web page requested is altered to show unicorn on it.

Disclaimer : The following tutorial is to demonstrate a proof of concept. Please, do not do anything bad while intercepting web traffic.

  • 1 × Raspberry Pi Works with all models
  • 2 × Wifi dongle (Edimax EW-7811UN Nano 150 Mbps )

  • 1
    Step 1

    Install OS :

    Install last version of raspbian on your SD card

  • 2
    Step 2

    Configure both wlan :

    configure /etc/network/interface to use wlan0 as DHCP client, and wlan1 as fixed IP address

    auto lo wlan0 wlan1
    iface lo inet loopback
    
    iface wlan0 inet dhcp
       wpa-ssid "Your Network SSID"
       wpa-psk "Your Password"
    
    iface wlan1 inet static
       address 192.168.74.1
       netmask 255.255.255.0

    Restart then wlan0 to access internet

    sudo ifdown wlan0
    sudo ifup wlan0
  • 3
    Step 3

    Configure DHCP server :

    install isc-dhcp-server :

    sudo apt-get install isc-dhcp-server

    Then configure isc-dhcp-server

    sudo vim /etc/dhcp/dhcpd.conf
    And change following lines
    authoritative # remove comment
    
    # add theses lines
    subnet 192.168.74.0 netmask 255.255.255.0 {
      range 192.168.74.10 192.168.74.250;
      option broadcast-address 192.168.74.255;
      option routers 192.168.74.1;
      option domain-name "local";
      option domain-name-servers 8.8.8.8, 8.8.4.4;
    }

    Then make dhcp server listen to wlan1 :

    sudo vim /etc/default/isc-dhcp-server

    And update that line :

    INTERFACES="wlan1"

    And restart the service

    sudo systemctl restart isc-dhcp-server.service

    And check service via

    sudo systemctl status isc-dhcp-server.service

View all 9 instructions

Enjoy this project?

Share

Discussions

Similar Projects

Does this project spark your interest?

Become a member to follow this project and never miss any updates