An interceptor for SOCKS Proxy protocol to allow user to dump any connections' content even if it is secured with SSL.
Please note that this is not a general purpose proxy server (performance issues and lack of capabilities). I actually developed it for my needs about examining connections of mobile applications.
I only tested it over connections of applications on my Android phone. So it is a very restricted cluster for a test. If you encounter an misfunction, you are always welcome to open an issue explaining it.
Usage
java -jar mitmsocks4j.jar -h
usage: mitmsocks4j [-h] [-l [{ALL,TRACE,DEBUG,INFO,WARN,ERROR,OFF}]]
[-x [PROXYPORT]] [-d [DELEGATORPORT]]
[-s [SECUREDPORTS [SECUREDPORTS ...]]] [-k KEYSTORE]
[-p PASSWORD]
Strips SSL/TLS layer from SOCKS proxy connection to dump plain data!
optional arguments:
-h, --help show this help message and exit
-l [{ALL,TRACE,DEBUG,INFO,WARN,ERROR,OFF}], --loglevel [{ALL,TRACE,DEBUG,INFO,WARN,ERROR,OFF}]
Sets logging level!
-x [PROXYPORT], --proxyport [PROXYPORT]
Proxy port that proxy listens.(default:1080)
-d [DELEGATORPORT], --delegatorport [DELEGATORPORT]
Delegator port that mitm takes place.(default:1081)
-s [SECUREDPORTS [SECUREDPORTS ...]], --securedports [SECUREDPORTS [SECUREDPORTS ...]]
Secured ports that will be ssl-stripped
-k KEYSTORE, --keystore KEYSTORE
Keystore that will be used to imitate actual
server certificates for clients(default:mitmsocks4j.jks)
-p PASSWORD, --password PASSWORD
Keystore password.(default:123456)
Sample usage:
java -jar mitmsocks4j.jar -l ERROR -s 5228 443 8883
About CA Certificate
mitmsocks4j needs a CA certificate to forge remote server's certificate and signs it. So user should add this CA certificate to its trust store. Otherwise most of applications will drop the connection.(Browser may have an option to ask user to accept that certificate.)About SOCKS Protocol
To be able to use this tool, user should be able to redirect his program's traffic to a SOCKS proxy. Most of the browsers have an option to configure SOCKS proxy settings. In my case; Android does not have such an option(only supports HTTP proxy). So I rooted my phone and use ProxyDroid.
