mitm.sh

#!/bin/bash
set -e
# start a transparent proxy

# Enable IP forwarding.
sudo sysctl -w net.ipv4.ip_forward=1

# Flush the firewall rules.
sudo iptables -F
sudo iptables -X
sudo iptables -t nat -F
sudo iptables -t nat -X
sudo iptables -t mangle -F
sudo iptables -t mangle -X

# Configure NAT for the local LAN.
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
sudo iptables -A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT

# forward all requests to the proxy
for port in 80 443; do
  sudo iptables -t nat -A PREROUTING -i wlan0 -p tcp --dport $port -j REDIRECT --to-port 8080
done

mitmproxy --mode transparent -w out.txt

# Clean up the firewall rules.
for port in 80 443; do
  sudo iptables -t nat -D PREROUTING -i wlan0 -p tcp --dport $port -j REDIRECT --to-port 8080
done