nbk2000 · April 23, 2019 03:58
diff --git a/example.conf b/example.conf
 # Nginx Example Config for sic (Sequential Import Chaining) tool by @d0nutptr
 #
 # Should let Nginx terminate SSL/TLS connections for sic 
 # assuming the sic tool is being run something like this:
 #
 # ./sic -p 3000 --ph "https://a.attacker.com" --ch "https://b.attacker.com" -t template_file
 #
 # NOTE: If you don't have a wildcard certificate, then you'll need to obtain
 # a certificate for the hostname used for the Polling (ph) and Callback (ch) hosts 
 #
 # Config written by @nbk_2000  22-APR-2019

 server {

 	listen 80 default_server;
 	listen 443 ssl default_server;
 	
 	root /var/www/html;

 	index index.html index.php;

    server_name _ ~^(?<sub>.+)\.attacker\.com$;
 	
 	location ~* \/(polling|callback|staging).* {
 		proxy_pass    http://127.0.0.1:3000;
 		proxy_read_timeout  3600;
    }
 		
    ssl_certificate     /path/to/your/wildcard/cert/goes/here/fullchain.pem;
    ssl_certificate_key /path/to/your/wildcard/cert/goes/here/privkey.pem;
 }
	# Nginx Example Config for sic (Sequential Import Chaining) tool by @d0nutptr
	#
	# Should let Nginx terminate SSL/TLS connections for sic
	# assuming the sic tool is being run something like this:
	#
	# ./sic -p 3000 --ph "https://a.attacker.com" --ch "https://b.attacker.com" -t template_file
	#
	# NOTE: If you don't have a wildcard certificate, then you'll need to obtain
	# a certificate for the hostname used for the Polling (ph) and Callback (ch) hosts
	#
	# Config written by @nbk_2000 22-APR-2019

	server {

	listen 80 default_server;
	listen 443 ssl default_server;

	root /var/www/html;

	index index.html index.php;

	server_name _ ~^(?<sub>.+)\.attacker\.com$;

	location ~* \/(polling\|callback\|staging).* {
	proxy_pass http://127.0.0.1:3000;
	proxy_read_timeout 3600;
	}

	ssl_certificate /path/to/your/wildcard/cert/goes/here/fullchain.pem;
	ssl_certificate_key /path/to/your/wildcard/cert/goes/here/privkey.pem;
	}