Under normal circumstances, when a device cannot set up a proxy, it is difficult to modify its data packet or change the data packet. In the past, we all used arp spoofing for traffic diversion, but I will introduce a new method below.
For example: A is a normal user, B is an attacker, and they are all connected to the C route. (D-Proxy Server)
B wants to modify the traffic of user A
We can use arp spoofing to guide A’s traffic to B to attack, but I found in actual tests that if A’s traffic is too large, it is easy to disconnect, which will cause A’s network to be very unstable, and the forwarded packets are not Easy to handle and many other problems.
So I changed my mind and let the router C connect to the proxy server D, so that all devices connected to the router C will use the proxy server, and then use fiddler or burpsuite to directly process the HTTP and HTTPS traffic inside the proxy server D.
2. Establish a proxy server
(Proxy Server D)
Link: https://pan.baidu.com/s/1Dh7DF5AfIhNUobMXgpAdqg Extraction code: bbvs
Download from the link above, modify the config file inside after downloading
Change the ip to 127.0.0.1 to the ip of your own server, because it is open to the outside world, and then modify the port
My modifications are as follows
Just run v2ray.exe
3.proxifier, fiddler settings
Note that this step is also performed on the proxy server D
Fiddler or burpsuite is set to direct connection, that is, let them directly connect to the Internet, otherwise they will keep going in circles
The default action is https
ip is 127.0.0.1
The port here is 8080. Because the listening port in my fiddler was also changed to 8080 by me
Just check decryption, but the fiddler certificate of the server needs to be trusted locally.
4. NewWifi settings
Select sock5 in the ssr plugin below
Connect to the server created in the first step
ip 192.168.1.234 is A, let’s use a proxy, we can catch A’s packet
This is the packet captured from A.