Blog post: setting up and using nogotofail

[Doug Sillars]

Hey all, 

I wrote up a post on how I set up nogotofail (using a GCE instance) and some test results I obtained.  It covered some issues that I think others may also be having with the setup:

Using nogotofail to Find Issues with Your HTTPS Connections

Hope you al find it useful.

Doug

[Chad Brubaker]

I saw it when you posted it, great writeup!

One minor nits:

> In this attack, the nogotofail MITM proxy used a random self-signed certificate and provided it to the application (whose name I have redacted). 

Not quite 'random', its a self-signed cert for the domain the client is trying to connect to. Ngtf copies the CN and subject alt names returned by the actual server and generates a self signed cert with the same.

Were there any particular pain points you saw in the documentation or logging? I'm going to be cleaning them up and adding better detail when I have some free time.

--
You received this message because you are subscribed to the Google Groups "nogotofail" group.
To unsubscribe from this group and stop receiving emails from it, send an email to nogotofail+...@googlegroups.com.
To post to this group, send email to nogot...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/nogotofail/890e9794-03b4-4988-a8f3-d6d83e72ea9a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Doug Sillars]

Thanks Chad - I updated the post.

I didn't have any real issues, but I had never used GCE before, so I
had to pick up some of the syntax to make the instances work. :)

I would really love to get it working on my local Linux box, but it
does not support Wi-Fi hotspots... and despite many hours of work, I
could not get my phones to reverse tether to the computer. Fingers
crossed that the next machine will be better.

Doug
Douglass Sillars, PhD
(206) 295-4980

[Chad Brubaker]

On Wed, Mar 25, 2015 at 2:30 PM, Doug Sillars <doug.s...@gmail.com> wrote:

Thanks Chad - I updated the post.

I didn't have any real issues, but I had never used GCE before, so I
had to pick up some of the syntax to make the instances work. :)

I would really love to get it working on my local Linux box, but it
does not support Wi-Fi hotspots... and despite many hours of work, I
could not get my phones to reverse tether to the computer.  Fingers
crossed that the next machine will be better.

Most laptop's onboard wireless don't supported master mode but you can find cheap (~$10ish?) USB NICs that do, that's what I've always done.

Also nogotofail can be run as a SOCKS proxy using `--mode socks`, though you lose the guarantee that all traffic goes through ngtf since you're reliant on the client properly honoring proxy settings. Or you can run the OpenVPN server on your Linux machine the same as on the GCE instance as long as the device can route to your Linux box.

[yzn...@gmail.com]

Thanks so much for your post Doug. I was able to solve the issue I had connecting the ngtf client to the ngtf server on GCE.

For the client "Host" setting (under Settings > Advanced) I set the value to "mitm.nogotofail" (like in your screenshot). After that the client could see the ngtf server on GCE.

Previously I specified the static IP that was allocated on GCE for the "Host" setting but the client wouldn't connect.

Alex/Chad - also should the mitm.conf file be in the /etc/nogotofail folder on GCE? I could only get the ngtf server to start when I put the .conf file there (ngtf didn't see the .conf file when I put it in the /opt/nogotofail directory).

[abhishek...@gmail.com]

Hey Doug sillars ,
greeting !
I am a student of IT final year doing B.tech i am doing an project for Testing and identification of android vulnerabilities please tell me how can i test android  applications i have seen ur blog also but little confused that how can i set up all this to test an android app it would be great pleasure for me if you tell me.....thanks in advance....