Description
Hi Team,
Firstly, thanks for developing this great tool. It works flawlessly with the interception of thick client traffic. However, I ran into the issue when trying to perform TLS interception / decryption of a client that communicates over TLS 1.2 with cipher suite TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 (not sure if that matters).
The error I get is EOF occurred in violation of protocol (_ssl.c:1122)
The command I use is : mitm_intercept.py -m -l localhost:1337 -t target.hostname:1337 -p burp.listener:8080 -lc server.pem -lk server.key.
The client binary communicates with target.hostname on port 1337. Therefore, I intercept it on localhost:1337 and then forward it to target.hostname:1337 without any problems. The output is also forwarded to burp proxy and to the shell. So, without the -lc, -lk, and -m specified, I am able to capture the encrypted traffic (so it seems that my command is right).
However, when I try to perform the TLS interception/decryption, the above error appears. (_ssl.c:1122).
I assume this might be something simple, however I can't seem to find a solution. I have the server.pem cert added to the trust store (via windows 10 cert util). Also added the cert to the trust stores that python uses by default (since the requests library seems to use other path than the system trust store for verifying certs).
Also, is there a way to get more debug details from python that relate to this error? Not an expert, so maybe you can point me in the right direction.
Any help is appreciated, thanks again for the great tool.