FIX FOR WEEK-4-LAB

- # FIX FOR WEEK-4-LAB - ## Network Traffic Analysis and Modification with Wireshark and mitmproxy - This guide provides concise steps and code snippets for capturing, analyzing, and modifying network traffic using Wireshark and mitmproxy. - ### Analyzing Network Traffic with Wireshark - #### Steps: 1. **Start Wireshark**: 2. **Capture HTTPS Traffic**: `https://www.codepath.org/` 3. **Analyze Packets**: Look for HTTPS packets + review the metadata - ### Installing and Configuring mitmproxy - #### Installation: - **Install mitmproxy**: ```bash sudo pip3 install mitmproxy ``` - **Check for Conflicting Services on Port 80**: ```bash sudo lsof -i :80 ``` If a process is using port 80: ``` sudo systemctl stop apache2 ``` - or Using `kill` in Linux - This command has a dramatic name... but it really just sends signals to running programs! - To gracefully stop a program, you'll need to run `kill -15 [PID]`, where PID is the process ID of the program you want to stop: - **Start mitmproxy**: ``` mitmproxy ``` - If encountering an ImportError:😵‍💫😵‍💫😵‍💫😵‍💫😵‍💫😵‍💫😵‍💫😵‍💫😵‍💫😵‍💫😵‍💫😵‍💫 ``` File "/usr/local/bin/mitmproxy", line 8, in sys.exit(mitmproxy()) File "/usr/local/lib/python3.8/dist-packages/mitmproxy/tools/main.py", line 131, in mitmproxy from mitmproxy.tools import console File from .helpers import get_debug_flag File "/usr/local/lib/python3.8/dist-packages/flask/helpers.py", line 16, in from werkzeug.urls import url_quote ``` ### Reinstall mitmproxy - Reinstall `mitmproxy` to ensure it pulls in compatible versions of its dependencies. You might want to first uninstall the existing installations to avoid conflicts: pip3 uninstall mitmproxy flask werkzeug pip3 install mitmproxy - This step ensures that `mitmproxy` and its dependencies are aligned in versions. - ### How to Correct These Errors 👍: To resolve version incompatibilities, you will need to downgrade both `Flask` and `blinker` to versions compatible with `mitmproxy 8.0.0`. - **Downgrade Flask 👎**: - Uninstall the current version of `Flask` and install a version that is compatible with `mitmproxy 8.0.0`: ```bash pip3 uninstall flask pip3 install 'flask<2.1,>=1.1.1' ``` - **Downgrade Blinker 👎**: - Similarly, uninstall the current version of `blinker` and install a version that is compatible with `mitmproxy 8.0.0`: ```bash pip3 uninstall blinker pip3 install 'blinker<1.5,>=1.4' ``` - ### Configuring Proxy in Firefox: Configure Firefox to use mitmproxy by setting the HTTP Proxy to `127.0.0.1` and the port to `8080` under Network Settings. - ### Analyzing Traffic with mitmproxy 1. **Visit http://mitm.it** with mitmproxy running to download the certificate. 2. **Add Certificate to Firefox**: - Open Firefox's Certificate settings and import the mitmproxy certificate from your `~/Downloads` folder. - ### Modifying Requests with mitmproxy - #### Steps: 1. **Set Intercept Filter**: - In mitmproxy, press `i` and enter `~u /Dunedin & ~q`. 2. **Send Request**: ```curl --proxy http://127.0.0.1:8080 "http://wttr.in/Dunedin?0"``` 3. **Modify the Request in mitmproxy**: - Select the request, press `e`, choose "path", change `/Dunedin` to `/Innsbruck`, and allow the request to proceed. 4. **Revert Proxy Settings in Firefox**: - Set Firefox to "No proxy" under Network Settings. ### This guide may not cover all possible solutions, but it should significantly advance your progress toward resolving the issue.