49 lines
1.3 KiB
Markdown
49 lines
1.3 KiB
Markdown
|
capwap-mitm - CAPWAP DTLS MITM (Man-In-The-Middle) Proxy
|
||
|
========================================================
|
||
|
|
||
|
This is DTLS MITM proxy for CAPWAP (RFC 5415). It can be used to decrypt and
|
||
|
capture (in pcap format) encrypted CAPWAP traffic.
|
||
|
|
||
|
It's main purpose is for development, debugging and reverse engineering of
|
||
|
CAPWAP sessions. It has no support for modifying the control or payload
|
||
|
traffic.
|
||
|
|
||
|
Building
|
||
|
--------
|
||
|
|
||
|
Requirements:
|
||
|
* autoconf
|
||
|
* automake
|
||
|
* shtool (http://www.gnu.org/software/shtool/)
|
||
|
* gnutls (http://gnutls.org/)
|
||
|
* libev (http://software.schmorp.de/pkg/libev.html)
|
||
|
* libpcap (http://www.tcpdump.org/)
|
||
|
|
||
|
Under Debian/Ubuntu those dependencies should be available with:
|
||
|
|
||
|
apt-get install automake autoconf shtool libgnutls-dev libev-dev libpcap-dev
|
||
|
|
||
|
Rebuild configure and configure with:
|
||
|
|
||
|
./autogen.sh
|
||
|
./configure
|
||
|
|
||
|
Running
|
||
|
-------
|
||
|
|
||
|
Put CAPWAP client and server certificates into ./certs or specify them on the
|
||
|
command line (see `capwap-mitm -h`). By default cacerts.pem, client.pem,
|
||
|
client.key, server.pem and server.key are expected. Certificates and keys can
|
||
|
also be combined into a single file, then client.pem and server.pem should
|
||
|
be used.
|
||
|
|
||
|
Run with:
|
||
|
|
||
|
src/capwap-mitm -o mitm.pcap <CAPWAP Server> <Local IP>
|
||
|
|
||
|
for example:
|
||
|
|
||
|
src/capwap-mitm -o mitm.pcap 192.168.13.168 172.28.0.2
|
||
|
|
||
|
By default the proxy listens to port 5246 and 5247.
|