Hijack HTTPS over TLS 1.2 without Charles Proxy

TLS 1.2 Charles Proxy 3.9 uses the bouncycastle 1.4 for SSL/TLS, but TLS 1.2 is not yet supported in bcprov’s latest release(1.51), that’s why I got a

on some sites. I tried to upgrade bcprov.jar, some incompatible exceptions were thrown. To check if a https site uses TLSv1.2:

Incoming search terms:receive fatal alert … Continue reading “Hijack HTTPS over TLS 1.2 without Charles Proxy”

OpenConnect Public Key Authentication

Here are old articles about OpenConnect, the open source AnyConnect server: OpenConnect on Ubuntu Open Connect Server Configuration (Working for iOS) Cisco AnyConnect Client for OS X/Windows/Linux (Version 3.1.05160) This time, OCServ 0.80 on Ubuntu 14.04. And still doesn’t work for OS X. I was using password based authentication, but clients on iOS can not … Continue reading “OpenConnect Public Key Authentication”

Open Connect Server Configuration (Working for iOS)

Working for iOS only, but for OSX, (Cisco AnyConnect Client for OS X 3.1.05160), captive portal is detected. ‘Web Authentication Required’ and error log like

OpenConnect on Ubuntu Generate Certificate with GnuTLS and Sign with OpenSSL Incoming search terms:ROUTETABLE_ERROR_GETBESTROUTE_FAILEDNo valid certificates available for authentication192 168 1 99;29001no valid certificates available for authentication 設定ANyConnect No … Continue reading “Open Connect Server Configuration (Working for iOS)”