Capturing Plaintext with Burp Suite Using a Double‑Layer MITM
The article demonstrates a double‑layer MITM setup (mitmproxy → Burp Suite → mitmproxy) to decrypt SM2‑encrypted web request and response traffic, provides step‑by‑step commands, common pitfalls, and a GitHub skill that automates the process.
Problem
The target web application encrypts both request and response payloads with SM2. The public key encrypts data on the client side, while a different private key decrypts data on the server side, making it impossible to obtain plaintext directly.
Principle
Double‑layer MITM intercepts traffic, decrypts it for Burp Suite, then re‑encrypts it before forwarding.
Request: browser → mitmproxy (decrypt) → Burp Suite (plaintext) → mitmproxy (encrypt) → server
Response: server → mitmproxy (decrypt) → Burp Suite (plaintext) → mitmproxy (encrypt) → browserAnalysis of encryption
Use MCP Chrome‑devtools or download the JavaScript files locally so a large language model can analyse the SM2 encryption/decryption logic. Save the captured request/response packets to a markdown file and note the file paths of the public and private keys.
MITM Setup
Install mitmproxy: pip install mitmproxy Run mitmproxy in client mode (upstream proxy points to Burp Suite):
set MITM_MODE=client
mitmdump -s mitmproxy_addon.py --mode upstream:http://127.0.0.1:8080 -p 8888Configure Burp Suite to use the upstream proxy (port 8888).
Run mitmproxy in server mode to forward traffic back to the browser:
set MITM_MODE=server
mitmdump -s mitmproxy_addon.py -p 8889Common issues
If the generated Python script does not replace the public/private keys in the JavaScript files, edit the script to perform the substitution.
When execution errors occur, copy the error messages and feed them to an AI model for troubleshooting.
Skill repository
The complete procedure is packaged as a skill in the following GitHub directory:
https://github.com/boqiqibo/Sec-Skills/tree/main/analyze-encrypted-web-traffic
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
Black & White Path
We are the beacon of the cyber world, a stepping stone on the road to security.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.
