Frankencert

Frankencerts facilitates Man in the Middle/HTTPS attacks by providing a fuzzing framework for certificates.

This basically starts with a base input certificate, then fuzzes the certificate in order to test a certificate checking mechanism and see if it breaks.

Installing

Frankencerts needs OpenSSL development headers, so install those:

$ apt-get install libssl-dev

It needs a custom build of PyOpenSSL, and if you try and remove PyOpenSSL from Kali using aptitude, it wants to uninstall kali-linux-full. Yikes.

Using a virtual environment.

$ pip install virtualenv
$ virtualenv venv

Now you can do a couple of things. To run an interpreter (python comamnd line) using the virtual environment:

$ virtualenv -p /usr/bin/python2.7 venv # run the python interpreter using this virtual environment

We want to install the custom version of PyOpenSSL, then install Frankencerts, in our virtual environment. Start by copying the modified PyOpenSSL from frankencerts project into our virtual directory:

$ cp -r /path/to/frankencerts/pyOpenSSL-0.13 .

Now we can install this by running setup.py build/install, but using our virtual environment python binary:

$ source venv/bin/activate

(venv) $ ls
pyOpenSSL-0.13  venv
(venv) $ cd pyOpenSSL-0.13/
(venv) $ python setup.py build
(venv) $ python setup.py install

Now grab the frankengen directory and the utilities provided with frankencert:

(venv) $ cp -r /path/to/frankencert/{utils,frankengen} .

Currently running into an issue: can't install/run because SSLv3 functionality not available from OpenSSL library. Warning, implicitly declared function. SSLv23 is just fine. don't understand what the issue is.