search

jrmdev / mitm_relay

Hackish way to intercept and modify non-HTTP protocols through Burp & others.
Apache License 2.0
582 stars 97 forks source link

What do you mean with "relay"? #4

Closed jhave21 closed 6 years ago

jhave21 commented 6 years ago

First, great code :D But I wanna ask something, I'm really bad in Networking. What do you mean by relay ? Is that a proxy server or something? And what you mean by the argument "-l" is that something like a IP address of the server? Which you can intercept | listen all incoming request that was made for it? Thanks

jrmdev commented 6 years ago

Hey thanks,

I called it relay because it's purpose is to intercept and relay client requests to server, and server responses to clients.

The -l argument is the local IP address on your computer that the tool will bind to and listen on. Your client (the software that you are trying to intercept traffic from/to) will have to connect to this local IP instead of the destination server, there are many ways to do this, like update your hosts file. Then the tool will display the traffic on the console, optionally forward it to Burp for interception and modification, and finally relay it to the destination server. I hope this makes sense. Let me know if you need help to run it.

Cheers

Jeremy

On 9 March 2018 at 17:12, jhave21 notifications@github.com wrote:

First, great code :D But I wanna ask something, I'm really bad in Networking. What do you mean by relay ? Is that a proxy server or something? And what you mean by the argument "-l" is that something like a IP address of the server? Which you can intercept | listen all incoming request that was made for it? Thanks

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/jrmdev/mitm_relay/issues/4, or mute the thread https://github.com/notifications/unsubscribe-auth/ABWR6RLuu9erfsTZuXEhgBMcAVVx8zHlks5tch02gaJpZM4SjzSy .

jhave21 commented 6 years ago

thanks @jrmdev, really thanks, one last question please, does this work on remote PC's? , but I wanna hear it from you,

something came up my mind, from what you said "there are many ways to do this", I would like to ask if what other ways can be done, and what do you call this in general?

jhave21 commented 6 years ago

I accidentally closed the issue sorry about that, I commented again to reopen it :D

jrmdev commented 6 years ago

Hey,

I am unsure what you mean by remote PC's, it will work on any Linux system that has python installed.

As for ways to make you thick client connect to an IP of your choice instead of the default one, you could for example update your hosts file, create IPTables rules, do MiTM, configure a proxy within your client, etc.

Hope this helps.