WorkShop n°12 : Turning TcpCatcher into a transparent web proxy
In some situation, you may want to use TcpCatcher as a transparent web proxy (ie the client application is not aware that it is talking to a proxy). For example, you may want to monitor an SSL communication without any change at client level.
- For demonstration purposes, we are going to transparently monitor our SSL communication between our browser and our secured gmail web mail (https://mail.google.com)
- First let's start TcpCatcher, check the option 'Transparent Proxy Mode' (note that TcpCatcher is now ready to open port 80 and 443 which are classical port HTTP and HTTPS) then check 'Monitor SSL', replace TargetHostName with mail.google.com and then click on 'Apply settings and start'.
- Let's add an entry in our etc\hosts file to map mail.google.com to our localhost (assuming TcpCatcher is running on local host) so TcpCatcher will receive all the requests targeting mail.google.com. Because we have checked the 'Transparent Proxy' option, TcpCatcher will ignore this network redirection and will still resolve the actual gmail ip.
C:\Windows\System32\drivers\etc\hosts file or for Linux users /etc/hosts file
- Now , let's remove any proxy configuration in our browser settings, so our browser is not aware of any proxy in the middle anymore (it should be configured as usal). Let's restart our browser and visit https://mail.google.com.
- Since this certificate is issued by TcpCatcher Trust Authority you need to download and insert in your client trustore
the TcpCatcher Root Certificate (the procedure is described here).
Once you have done that, the certification chain should be valid, and your browser shouldn't be aware of any man in the middle ;-)