I have installed mitmproxy (macOS Mojave) to monitor the complete traffic through a browser. However, the browser stops connecting to various webpages and give a warning
Did Not Connect: Potential Security Issue
I am not able to go ahead. How can I disable this block? How can I continue browsing as an exception?
Or is there a different tool to monitor network traffic that is easier to handle?
You need to make Firefox trust the root-CA certificate generated and used by Mitmproxy.
To do so open the Firefox preferences -> Privacy & Security
Then scroll down to the end of the page and click the Button "Show Certificates"
Select the Tab "Authorities" and klick on the Button "Import".
If the file selector dialog select the file ~/.mitmproxy/mitmproxy-ca-cert.cer.
When Firefox asks about for what purpose the certificate should be trusted select "for websites".
Once the certificate has been installed Firefox trusts Mitmproxy and you can browse the web through Mitmproxy. If some pages sill not work you have to clear the Firefox cache to remove the HTTP Strict Transport Security (HSTS) pinned certificates.
Related
Possible duplicate of Charles Proxy SSL Certificate not working but I provide more details since those answers didn't help me.
I am on my MacBook (High Sierra 10.13.6) and I want to see what my web app is sending/receving over Chrome browser, Version 71.0.3578.98 (Official Build) (64-bit). I am using Charles V3.12.3 (old but I don't have license for the most recent one).
According to their doc for Mac OS:
In Charles go to the Help menu and choose "SSL Proxying > Install
Charles Root Certificate". Keychain Access will open. Find the
"Charles Proxy..." entry, and double-click to get info on it. Expand
the "Trust" section, and beside "When using this certificate" change
it from "Use System Defaults" to "Always Trust". Then close the
certificate info window, and you will be prompted for your
Administrator password to update the system trust settings.
It's trusted in my Keychain as you see here:
However, I still get a lot of <unknown> things! in Charles:
Any idea what I am missing?
I have restarted Chrome browser as well as Charles few times. I even restarted my system once however I am still getting same <unknown> responses.
I'm able to see my request/responses on Chrome DevTools without any problem.
My VPN is off. In fact I deleted the whole app (as several people complained about having it on).
Charles will (thankfully) not automatically perform man in the middle attacks on all your SSL connections.
You need to enable SSL proxying on a per domain basis. Either by context clicking the connection and choosing Enable SSL Proxying from the menu or in the SSL Proxying Settings window in the Tools menubar.
Try restart your browser.
I have the same issue, certificate is trust, but content still unknow.
After quit and restart Chrome browser. Everything works.
I can't open non secure sites (any direction with hhtp://) . Only works in https sites.
I Tried the following with no results except in safe mode.
-Diferent browsers (Safari, Chrome, Firefox).
-Deleting Preferences and system configuration.
-Reboot in safe mode (Thats Works!!).
-Checking the proxies configuration (i haven't proxies)
-Changing the DNS.
-Turning off/on wifi.
-Repair directory permissions.
-Flushing DNS Cache.
-Reseting Router.
Anyone that can help me?. I am little desperate.
Thks in advance
Finally i solved the problem and it was very very strange.
I found the following " com.erythropoieic.net - preferences.plist " file under the "Library / LaunchDaemons / " folder. This file called this script " change_net_settings.sh " changing the network Properties. I removed that files and thew problem was solved.
I faced the same with all browsers on my macbook pro. This is a malware issue. Please run anti- malware clean up using the malwarebytes.
This is a frequent problem when updating Microsoft OS or Internet Explorer. Seems the update flips the LAN Connection setting, so:
Start Internet Explorer
Click on Setting (upper right)
Click the Tools button
Click on Internet Options
Click on Connections tab
Click on LAN settings
UNCHECK Proxy Server for your LAN
Select OKAY
Validate you can now get to websites without having to manually enter https://
I had the same issue in FireFox (45.X ESR) from Linux. I could only browse to sites if I used https://. If I used http:// or www:// I got redirected to dnssearch.com (my ISP is Time Warner). It turn's my issue was with how Firefox was configured to connect to the Internet. To resolve this issue in Firefox, click the open menu icon and select Options (or Preferences in older versions) and then select Advanced. On the Advanced page, click the Network tab. On the Network page, click Settings (For how Firefox connects to the internet). Under Configure Proxies to Access the internet, there a several radio buttons. In my case, the Manual proxy configuration was checked. I changed this and check: No proxy. This resolved my issue. I could then access any site as normal.
I had Firefox 30.0 and I was able to access some intranet Apache servers using HTTPS just by bypassing the Untrusted Connection warning. After upgrading to Firefox 31.0, in some computers it's not possible to connect to some of our servers anymore. After typing the URL, all we see is a blank page and the "connecting..." message on the status bar.
This happened with some OSX and Windows 7 clients, but for some clients and some servers with the same code, it works fine. Other browsers are also fine.
Here's a solution that works for OSX and Windows 7 and doesn't require the Reset Firefox feature. Basically we want to Delete or Distrust the "problematic" certificates from the Authorities:
Go to Firefox Menu > Options
Go to Advanced tab >Certificates > View Certificates
Go to Authorities tab on the Certificate Manager dialog and look for the Certificate Name (in my case it is an IP number, grouped by the company that issued it)
Select all the "problematic" certificates (it might have more than one for the same site) and click on Delete or Distrust and confirm. Here is important to make sure no "problematic" certificate is left there.
Once you followed these steps, close the options dialogs and just access the site with untrusted certificates again and Add Exception to trust the self-signed certificate.
Please refer to these threads for more information:
Firefox 31.0 (OSX) Sites with untrusted certificate won't load
Security certificate no longer valid after upgrading to latest FF
As Apple introduce extension support in Safari 5, I want to make an extension that manage proxy settings directly in the browser (like AutoProxy for Firefox or Proxy Switchy for Chrome).
I skimmed the source code of Proxy Switchy. It is mainly written in Javascript/HTML, but uses an external binary bundle to do proxy switching. Is this scheme doable in Safari extension? If not, is there other way to manage proxy settings in the extension?
I am having exactly same question although it is almost 2016 already and I am using Safari 9.0.2. It seems that Apple does not provide such an API for defining browser-specific proxy in extensions as Google does for Chrome. So I guess one would have to deal with system-wide proxy settings, that is to find solutions for setting up app-specific proxy.
(this the the link, not advertising) http://www.techrepublic.com/forum/questions/101-226884
https://apple.stackexchange.com/questions/18370/why-isnt-my-auto-proxy-setting-working-for-safari-5-1-in-lion
(answer from techrepublic and apple.stackexchange it's not advertising)
I think they say you can
Actually the easiest way is to use Apple's concept of 'Location'. In the Apple Menu, choose Location > Network Preferences ...
Most likely your current location is set as 'Automatic'. Choose "Edit Locations ..." in the selection menu, and add additional Proxy Locations. For each Location you can setup different proxy settings, which you can switch directly from the apple menu. Just make sure you edit the correct Network Interface on which you want to apply the proxy settings (if you are connected through LAN, but you set the proxy only on Wifi - it wouldn't work).
The Proxy Settings are under the [Advanced ...] button [proxies] tab. Enable and modify the proxies as you need.
Make sure that your Safari browser - or any browser you will be using - is set to use the "System Proxy Settings" ... and not it's own override. Safari always links back to the System Network Settings.
After considering this - would we still need a plugin doing essentially the same?
Yes it is possible to set proxy setting in safari. Please follow below steps.
1.) Open Safari if it is not already open.
2.) Choose Safari > Preferences, and then click Advanced.
3.) Click Change Settings.
The Network pane of System Preferences opens.
Use the information you got from your network administrator to change the proxy settings.
Click OK.
I have an HTML5 application that requires offline support. For running the application, I use a local Apache server. I am trying to figure out what the best way is to simulate offline mode.
Currently, in Firefox I disable my Air-Port to simulate offline mode, but this is a pain.
Any suggestions? I am open to using other browsers, if a method exists that doesn't require turning off my Internet.
For Firefox
☰ (hamburger menu)->More->Work Offline
Google Chrome doesn't appear to have this feature
Edit:
Also, another alternative is slightly more time-consuming to setup in the beginning but might be worth it. For Firefox/Chrome there should be proxy plugins, set up a fake/bad profile for each so that you proxy to something that doesn't exist... like 127.0.0.20:8080. After that you can switch the proxy setting on and off to emulate a full-stack test.
The other answers are out of date. The only place this appears in Firefox v92 is under
File > Work Offline
The File menu can be accessed in the top left of Firefox by pressing the ALT key.
Be warned that this does not prevent traffic from "localhost" loop-back itself, unless you additionally turn on
network.disable-localhost-when-offline
preference in about:config.
Bugzilla issue: Add option to disallow connections to localhost while in offline mode.
In Chrome you can open developer tools switch to the network tab and set throttling to offline
For Firefox, from the ☰ (hamburger menu), choose Web Developer > Work Offline.
For Chrome, open DevTools and select the Network panel. Throttling is set to Online (Disabled) by default. From the dropdown menu, you can choose presets Fast 3G and Slow 3G, but to simulate Offline Mode, you want to choose Offline.