Thanks for the gist, making definite progress. Pulse now connects
through mitmdump's proxy. I get some basic logging in the console, but the /tmp 
dir does not contain any logs using the command in the gist (substituting my 
Pulse Secure endpoint of course).

Any ideas?


On Tue, 2018-09-04 at 05:52 -0700, Daniel Lenski wrote:
> Sorry, here's the forgotten Gist:
> https://gist.github.com/dlenski/33bfa3a8691686d02ddaf7a51843a89a
> 
> On Tue, Sep 4, 2018 at 2:42 AM, Brandon Liles <brandon.li...@gmail.co
> m> wrote:
> 
> Client Version:
> 
> Pulse Secure 5.3.4 (1183)
> 
> I did install the root Fiddler MITM cert and Fiddler automatically
> creates certs on the fly for the sites you visit for HTTPS decryption
> if you've enabled that feature.
> 
> Right now I get stuck just after the following two requests to the
> Pulse endpoint, which look like this:
> 
> 1. Results in a 200
> CONNECT xxxxx:443 HTTP/1.1
> User-Agent: Mozilla/4.0
> Host: xxxxx
> 
> 2. Never completes
> GET https://xxxxx/ HTTP/1.1
> Host: xxxxx
> Connection: keep-alive
> User-Agent: odJPAService
> Content-type: EAP
> Upgrade: IF-T/TLS 1.0
> Content-length: 0
> 
> 
> This first CONNECT is just the interaction with the proxy itself, I
> think. Probably this second GET is a fake
> GET-that-should-really-be-a-CONNECT which the proxy doesn't know how
> to handle.  Though I can't say I recognize it from my MITM'ing of
> Juniper clients past…
> 
> Dan
> 

_______________________________________________
openconnect-devel mailing list
openconnect-devel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/openconnect-devel

Reply via email to