Hello, a quick post to allow everyone to play along at home with this Superfish thing. (In case this isn't clear: this post is for security professionals only)
Disclaimer: sleep deprived and exhausted. Been working on Badfish for 16 hours now, expect inconsistencies.
- First get the "IE11 on Win8.1" VM from modern.ie.
Trust me, you want that one.
- Download it, load it and take a snapshot before starting.
- Boot it and navigate to https://filippo.io/Badfish/installer
- NEW: disable Windows Defender real-time protection
- If you want Firefox connections to be intercepted and the cert to be inserted in Firefox, either install Firefox before and quit it (this thing is buggy as hell) or reboot after installing Firefox
- Execute the installer. No need to reboot.
Congratulations, you now have a really convenient MitM service!