Installation - snap

Snap is Ubuntu-oriented app store. You can install smithproxy from there.

Note: the functionality is limited for smithproxy snap and usage is slightly different.
It's recommended only for local traffic captures, portal services are not supported.

Use sudo (or run a root shell) on all smithproxy components 

sudo snap install smithproxy --edge

sudo snap connect smithproxy:firewall-control
sudo snap connect smithproxy:network-control

Now you have smithproxy installed and connected to all plugs needed to be running properly. * firewall-control plug is needed to get iptables diverting traffic correctly * network-control plug is required to investigate IP routing to select inbound and outbound ports

Initial smithproxy snap setup

  • Display signing CA information: sudo smithproxy.certinfo-ca

  • Generate a new signing CA: sudo smithproxy.regencert

  • From previous output copy displayed CA public key and save it somewhere

  • Use saved CA public key file and import it to trusted CAs in browser on application you will test

Starting smithproxy

  • Set up traffic redirection sudo smithproxy.net start

  • Run smithproxy itself sudo smithproxy.exe

Accessing CLI

You can access CLI using telnet to localhost:50000. Non-snap smithproxy packages come with sx_cli command doing the same, snap however won't allow to install telnet application into itself. So telnet is not included and therefore you have to connect to CLI yourself:

telnet localhost 50000

Brief intro to snap filesystem locations

Consider this directory structure of smithproxy snap:

xu@cr4:~$ find /var/snap/smithproxy/ -type d,l -ls | grep -v pem
 524433      4 drwxr-xr-x   5 root     root         4096 Dec  6 14:11 /var/snap/smithproxy/
 548946      4 drwxr-xr-x   4 root     root         4096 Nov 23 17:43 /var/snap/smithproxy/144/etc/smithproxy
 548955      4 drwxr-xr-x   2 root     root         4096 Nov 23 17:43 /var/snap/smithproxy/144/captures
 548953      4 drwxr-xr-x   3 root     root         4096 Nov 23 17:43 /var/snap/smithproxy/144/ca-bundle
 548952     20 drwxr-xr-x   2 root     root        20480 Dec  6 14:11 /var/snap/smithproxy/144/certs
 548956      4 drwxr-xr-x   2 root     root         4096 Nov 23 17:46 /var/snap/smithproxy/144/log
 529916      4 drwxr-xr-x   2 root     root         4096 Nov 23 17:43 /var/snap/smithproxy/common
 524373      0 lrwxrwxrwx   1 root     root            3 Dec  6 14:11 /var/snap/smithproxy/current -> 144
 524361      4 drwxr-xr-x   8 root     root         4096 Nov 23 17:43 /var/snap/smithproxy/129
 529980      4 drwxr-xr-x   4 root     root         4096 Nov 23 17:43 /var/snap/smithproxy/129/etc/smithproxy
 799904      4 drwxr-xr-x   2 root     root         4096 Nov 23 17:43 /var/snap/smithproxy/129/captures
 798688      4 drwxr-xr-x   3 root     root         4096 Nov 23 17:43 /var/snap/smithproxy/129/ca-bundle
 530004     20 drwxr-xr-x   2 root     root        20480 Dec  1 08:38 /var/snap/smithproxy/129/certs
 799905      4 drwxr-xr-x   2 root     root         4096 Nov 23 17:46 /var/snap/smithproxy/129/log

Numbers 129 and 144 are smithproxy build numbers. Whenever you upgrade snap, files are copied to a new location. If you are looking for logs and captures, always look into
/var/snap/smithproxy/current
directory.

Because snap files organization differs a bit compared to common places on regular installs, let's check where is what.

Content of /var/snap/smithproxy/current:
* ca-bundle: public root authorities bundle delivered with snap (snap doesn't have access to your /etc/ssl)
* ca-certificates: TBA, empty time being
* captures: contains all capture files you took
* log: logs :)
* smithproxy.default.sslkeylog.log: SSL key dump - usable in wireshark

Check youtube video

There is youtube video demonstrating above steps. If you read the doc down here, you will better understand what's going on there.