unexpected EOF when running hostscan-bypass

[desilinguist]

I am using my Mac Mini as the MITM machine and running this bypass one-liner:

sudo go hostscan-bypass.go -l 192.168.1.228 -p 443 -r $SECRET_COMPANY:443

I am running the AnyConnect on my corporate MacBook and connecting to the MITM IP. I had to get rid of the -s in the bypass one-liner to get AnyConnect to connect successfully and bring up the untrusted warning.

However, after it prints a bunch of stuff to the screen, I see the following:

EOF
read tcp 192.168.1.228:50081-> <SECRET_IP>:443: use of closed network connection

And there's no CSD file generated.

I tried the config.json + certificate solution in #4 but that also doesn't seem to help. It prints out the same EOF message a bunch of times but no CSD file still.

FWIW, I also tried running the MITM on the same machine using 0.0.0.0 as the local IP but the EOF error still plagues me.

Any help would be greatly appreciated.

[Gilks]

Don't remove the -s option. The point of that option is to strip the TLS traffic. If you don't strip the TLS traffic, you will see the encrypted connection. The encrypted connection does not offer any value as we cannot read the data that is being sent across the wire.

I cannot troubleshoot this issue without a macbook. It almost certainly has to do with certificates and trust.

What I can do though is reopen the other issue where others have been troubleshooting mac issues. They might be able to help. I'll close this one out and paste a link in #4.

Here's the link. I hope they can help out with this.