←back to thread

Httptap: View HTTP/HTTPS requests made by any Linux program

(github.com)
664 points alexflint | 1 comments | 03 Feb 25 16:28 UTC | HN request time: 0s | source
Show context
eriksjolund ◴[03 Feb 25 19:25 UTC] No.42921785[source]
Another tool that can be used by an unprivileged user for analysing network traffic is rootless Podman with Pasta.

Just add the podman run option

--network=pasta:--pcap,myfile.pcap

Pasta then records the network traffic into a PCAP file that could later be analysed.

I wrote a simple example where I used tshark to analyse the recorded PCAP file https://github.com/eriksjolund/podman-networking-docs?tab=re...

replies(1): >>42922003 #
alexflint ◴[03 Feb 25 19:44 UTC] No.42922003[source]
Very good to know about. But you still have the problem of decrypting TLS traffic.
replies(1): >>42922209 #
mdaniel ◴[03 Feb 25 20:02 UTC] No.42922209[source]
I don't know if it's a standard but I believe a lot of tls libraries honor the SSLKEYLOGFILE env-var https://wiki.wireshark.org/TLS#:~:text=and%20curl%20when-,th...
replies(1): >>42922704 #
2030ai ◴[03 Feb 25 20:35 UTC] No.42922704[source]
That seems like an unnecessary vulnerability waiting to happen.
replies(2): >>42928262 #>>42931148 #
1. frogsRnice ◴[04 Feb 25 11:44 UTC] No.42931148[source]
At some point someone needs to take responsibility for allowing modification of environment variables via something dumb like http. Debugging interfaces are fine- we should expect more from developers.