CAPWAP DTLS MITM (Man-In-The-Middle) Proxy
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
Andreas Schultz 90c98f4a83 work arround for gnutls DTLS fragment bug 8 years ago
certs initial version 8 years ago
include/compat/sys initial version 8 years ago
m4 initial version 8 years ago
src work arround for gnutls DTLS fragment bug 8 years ago
.gitignore initial version 8 years ago
AUTHORS initial version 8 years ago
COPYING initial version 8 years ago
ChangeLog initial version 8 years ago
Makefile.am initial version 8 years ago
NEWS initial version 8 years ago
README.md initial version 8 years ago
autogen.sh initial version 8 years ago
configure.ac initial version 8 years ago

README.md

capwap-mitm - CAPWAP DTLS MITM (Man-In-The-Middle) Proxy

This is DTLS MITM proxy for CAPWAP (RFC 5415). It can be used to decrypt and capture (in pcap format) encrypted CAPWAP traffic.

It's main purpose is for development, debugging and reverse engineering of CAPWAP sessions. It has no support for modifying the control or payload traffic.

Building

Requirements:

Under Debian/Ubuntu those dependencies should be available with:

apt-get install automake autoconf shtool libgnutls-dev libev-dev libpcap-dev

Rebuild configure and configure with:

./autogen.sh
./configure

Running

Put CAPWAP client and server certificates into ./certs or specify them on the command line (see capwap-mitm -h). By default cacerts.pem, client.pem, client.key, server.pem and server.key are expected. Certificates and keys can also be combined into a single file, then client.pem and server.pem should be used.

Run with:

src/capwap-mitm -o mitm.pcap <CAPWAP Server> <Local IP>

for example:

src/capwap-mitm -o mitm.pcap 192.168.13.168 172.28.0.2

By default the proxy listens to port 5246 and 5247.