Initial commit — SetecMITM generic IoT MITM framework
Templated from cam-mitm. The camera-specific code (UBox cloud client, CVE verifiers, OAM HMAC signing, fuzzer wordlists) is removed; what's left is the generic core: ARP spoof, DNS spoof, HTTP/HTTPS interception with peek-before-wrap, raw sniffer with conntrack-based original-dst lookup, protocol fingerprinting, intruder detection, packet injection, log rotation, PyQt6 GUI on top of a service Controller. All 'camera' references renamed to 'target' throughout. Configuration moved into ~/.config/setec-mitm/config.json with the Settings tab as the primary editor. Plugin system at targets/<name>/plugin.py for vendor-specific code. See README.md for full setup, plugin authoring, and troubleshooting. Co-authored by Setec Labs.
This commit is contained in:
sssnake
65
regen_cert.sh
Executable file
65
regen_cert.sh
Executable file
@@ -0,0 +1,65 @@
|
||||
#!/usr/bin/env bash
|
||||
set -euo pipefail
|
||||
|
||||
if [[ $EUID -ne 0 ]]; then
|
||||
echo "must run as root (use sudo)" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
ROOT_DIR=/root/dumps/mitm_logs
|
||||
SNAKE_DIR=/home/snake/dumps/mitm_logs
|
||||
mkdir -p "$ROOT_DIR" "$SNAKE_DIR"
|
||||
|
||||
CERT="$ROOT_DIR/mitm_cert.pem"
|
||||
KEY="$ROOT_DIR/mitm_key.pem"
|
||||
|
||||
CFG=$(mktemp)
|
||||
trap 'rm -f "$CFG"' EXIT
|
||||
|
||||
cat > "$CFG" <<'EOF'
|
||||
[req]
|
||||
distinguished_name = dn
|
||||
req_extensions = v3_req
|
||||
x509_extensions = v3_req
|
||||
prompt = no
|
||||
|
||||
[dn]
|
||||
CN = portal.ubianet.com
|
||||
O = Ubia
|
||||
C = US
|
||||
|
||||
[v3_req]
|
||||
basicConstraints = CA:FALSE
|
||||
keyUsage = digitalSignature, keyEncipherment
|
||||
extendedKeyUsage = serverAuth
|
||||
subjectAltName = @alt
|
||||
|
||||
[alt]
|
||||
DNS.1 = portal.ubianet.com
|
||||
DNS.2 = api.us.ubianet.com
|
||||
DNS.3 = api.cn.ubianet.com
|
||||
DNS.4 = *.ubianet.com
|
||||
DNS.5 = *.aliyuncs.com
|
||||
DNS.6 = *.oss-cn-shenzhen.aliyuncs.com
|
||||
DNS.7 = *.myqcloud.com
|
||||
IP.1 = 192.168.1.172
|
||||
EOF
|
||||
|
||||
openssl req -x509 -newkey rsa:2048 -nodes -days 3650 \
|
||||
-keyout "$KEY" -out "$CERT" -config "$CFG" -extensions v3_req
|
||||
|
||||
chmod 644 "$CERT"
|
||||
chmod 600 "$KEY"
|
||||
|
||||
cp "$CERT" "$SNAKE_DIR/mitm_cert.pem"
|
||||
cp "$KEY" "$SNAKE_DIR/mitm_key.pem"
|
||||
chown snake:snake "$SNAKE_DIR/mitm_cert.pem" "$SNAKE_DIR/mitm_key.pem"
|
||||
chmod 644 "$SNAKE_DIR/mitm_cert.pem"
|
||||
chmod 600 "$SNAKE_DIR/mitm_key.pem"
|
||||
|
||||
echo
|
||||
echo "=== wrote ==="
|
||||
ls -l "$CERT" "$KEY" "$SNAKE_DIR/mitm_cert.pem" "$SNAKE_DIR/mitm_key.pem"
|
||||
echo
|
||||
echo "=== subject + SANs ==="
|
||||
openssl x509 -in "$CERT" -noout -text | grep -E "Subject:|DNS:|IP Address:"
|
||||
Reference in New Issue
Block a user