Hello, please can anyone help me with capturing all HTTP and HTTP traffic? I need to get URL, post params, headers and the response.
Thank you in advance.
Impossible for https.
1 Like
I know of 2 ways:
- tcpdump
- Creating a mirror port on your router - and using Wireshark to capture the traffic on the monitor port, filter for HTTP only
A good IDS will do this, within the constraints of encryption, but most all-in-one routers have nowhere near enough resources to run an IDS with more than a trickle of traffic.
1 Like
Unless you install your own certificates on the client...
1 Like
Installing own certificates isn't problem. I want to use it on my Android device and my laptop which is running Windows 10
If you can help me throught TeamViewer to capture all HTTPS traffic, then I can pay you. I really need this.
Why do you think you need this?
1 Like
In particular, please take note of https://forum.openwrt.org/guidelines
You may not post descriptions of, links to, or methods for stealing someone’s intellectual property (software, video, audio, images), or for breaking any other law.
Monitoring private communication without the knowing consent of all parties involved is generally considered unlawful in most jurisdictions.
2 Likes
What is an IDS?
Which will work in many scenarios, but not all, depending upon browser, pinned certs ...
I need it for software developing. I can capture the traffic on my laptop, but I need it for my mobile phone. This could capture it, but idk where to start. I have already tried something with tcpdump and with iptables, but nothing worked for me..
Most reputable software developers (along with quite a few disreputable ones) would
- Know how TLS and certificates work
- Have access to a development server where TLS could be either disabled, or set up with a known certificate
1 Like
Not an expert !!! Just copying instructions from random websites but tried once this on my VBox
Believe you can find instructions for Ubuntu 14 and 18 too. Good way to figure out how wordepress works and sniff your own traffic to/from web server ! Jeff please correct me if I am wrong ?
Of course you can enable / disable ssl with your own fake certificate
- You're wrong.
- Why are you posting a link on how to install a web server with Wordpress...ON UBUNTU???
???
What does this have to do with OpenWrt???
- You don't need HTTPS to see connections to your own Wordpress server. They're identical on HTTP and HTTPS anyway.
- If you setup a local server, the traffic never crosses the router anyway.
@Grow needed a way to sniff some https from mobile but somebody told him it is illegal so if he sets up a wordpress server on a vm or just his pc then he could try to sniff traffic from his mobile ( I assume it should go through the openwrt router) to the Wordpress server ? Am I wrong again ?
OK, I read that. It is illegal to sniff others (in most jurisdictions)...but then the OP stated they wish to sniff their own traffic.
YES, in HTTP-only.
Not through the firewall, unless he does more configurations.
Well...even if it goes through the firewall, please explain to @Grow...how does he de-encrypt the traffic???
If the OP now wishes to setup a web server for this problem, then they can also de encrypt the traffic there (since the web server has the certificate and is encrypting the traffic in the first place)!
OpenWrt is not needed. Hence, the OP should ask their questions here:
Sorry I meant @Grow want to capture the traffic as per his first post then maybe he has a way to brute force the captured packets ! My fault
1 Like
If he has a way to brute force TLS 1.3, I'd love to hear about it!!!
That's the problem the OP is experiencing. The OP's other option is to setup a device that decrypts on the fly...that can be done with software located:
- on the phone; and
- on the web server