What is HTTPS?

From Wikipedia.org "Hypertext Transfer Protocol Secure (HTTPS) is an extension of the Hypertext Transfer Protocol (HTTP). It is used for secure communication over a computer network, and is widely used on the Internet.".

So to say, it means that the data you are sending over the HTTP protocol are secured.

So as me, you are probably not understanding a thing about what it means. As it is all about security here, we are going to show the attack that hackers can perform when you are using website using HTTP only and not HTTPS.

This attack is often named as MITM, which is the acronym for Man In The middle. It consists of a person who is listening the interactions between you and the network (the network being often the internet).

In order to make this attack understandable we are going to use the following solution https://mitmproxy.org/, an open source solution released under the MIT license. The big advantage of this solution is that it is very easy to handle and offers a nice UI. As you can read it from the name, MITM Proxy, it will set a proxy, so a computer you will access first in order to access the network, and in fact the MITM will listen all the exchanges that the client has with the network.

How to install https://mitmproxy.org/?

Ok so how to install it? It is really straightforward, you go on: https://mitmproxy.org/. Instructions for each operating system are listed here: https://docs.mitmproxy.org/stable/overview-installation/.

Just run:

sudo apt install mitmproxy

Once installed when you will launch it you will land on a page named such as

So your machine is now the proxy, so to say, the computer by which the traffic will come through. In order for you to see the traffic coming through, you then need a computer to connect to this proxy.

So take another device that you will connect to the same network and add the following advanced options:

  • Add a proxy setting set on manual.
  • Give as a hostname the IP address of the machine running the MITM proxy
  • Add the port number that you will find on the page pay attention it may not be 8081

Ok so at this step your device should react differently when browsing the internet, all websites will be in http so you may not be able to see all websites. To see them in https, you need to add a certificate to your browser. You can get this certificate by going on http://mitm.it/cert/pem ok so once accepted, if you perform an action on a http website form and on a https form, you will clearly identify why it is critical to have websites in https://: File:Screenshot from 2019-04-22 11-01-17.png In the example above a form has been sent, as you can see the content is crypted. Here below a form sent on a non https website: File:Screenshot from 2019-04-22 10-26-44.png you can now imagine the harm it can do when you are inserting important information such as identifiers, passwords, personal things...

That's why SSL is critical.

Last modified: Sunday, 26 January 2020, 2:53 PM