3DS SSL mitm with Fiddler: Difference between revisions
From ihaveahax's Site
Jump to navigationJump to search
(use Media: for a direct download link) |
No edit summary |
||
Line 6: | Line 6: | ||
#Enable "Allow remote computers to connect", "Capture HTTPS CONNECTs", "Decrypt HTTPS traffic", and "Ignore server certificate errors (unsafe)". | #Enable "Allow remote computers to connect", "Capture HTTPS CONNECTs", "Decrypt HTTPS traffic", and "Ignore server certificate errors (unsafe)". | ||
To allow the 3DS to still connect regardless of the internet state, set up a rule for AutoResponder with {{code|EXACT:http://conntest.nintendowifi.net/}} and any HTTP 200 for a response, such as [[:Media:Nintendo conn test.dat|Nintendo conn test.dat]]. | To allow the 3DS to still connect regardless of the internet state, set up a rule for AutoResponder with {{code|EXACT:http://conntest.nintendowifi.net/}} and any HTTP 200 for a response, such as [[:Media:Nintendo conn test.dat|Nintendo conn test.dat]]. Don't forget to enable "Unmatched requests passthrough" if you don't want to prevent other connections from being blocked. | ||
I haven't had to re-set this up many times so I keep forgetting something, especially installing the client cert which causes things like the eShop to break. | I haven't had to re-set this up many times so I keep forgetting something, especially installing the client cert which causes things like the eShop to break. | ||
[[Category:Nintendo 3DS]] | [[Category:Nintendo 3DS]] |
Revision as of 15:58, 13 May 2021
In order to use Fiddler to mitm connections on the 3DS:
- Set up
Documents\Fiddler\ClientCertificate.cer
(forgot how to make this) - Set up SciresM/3DS-SSL-Patch. The patch works on 9.6 and 11.4 versions of the SSL module
- Install
ClCertA.p12
from the repo to the Windows certificate store - Enable "Allow remote computers to connect", "Capture HTTPS CONNECTs", "Decrypt HTTPS traffic", and "Ignore server certificate errors (unsafe)".
To allow the 3DS to still connect regardless of the internet state, set up a rule for AutoResponder with EXACT:http://conntest.nintendowifi.net/
and any HTTP 200 for a response, such as Nintendo conn test.dat. Don't forget to enable "Unmatched requests passthrough" if you don't want to prevent other connections from being blocked.
I haven't had to re-set this up many times so I keep forgetting something, especially installing the client cert which causes things like the eShop to break.