Included example nginx config

d0nutptr · web-flow · commit 0bad12ef2cbc · 2019-04-22T22:10:02.000-07:00
Thanks nbk_2000!
diff --git a/example_nginx.conf b/example_nginx.conf
@@ -0,0 +1,31 @@
+# Nginx Example Config for sic (Sequential Import Chaining) tool by @d0nutptr
+#
+# Should let Nginx terminate SSL/TLS connections for sic 
+# assuming the sic tool is being run something like this:
+#
+# ./sic -p 3000 --ph "https://a.attacker.com" --ch "https://b.attacker.com" -t template_file
+#
+# NOTE: If you don't have a wildcard certificate, then you'll need to obtain
+# a certificate for the hostname used for the Polling (ph) and Callback (ch) hosts 
+#
+# Config written by @nbk_2000  22-APR-2019
+
+server {
+
+	listen 80 default_server;
+	listen 443 ssl default_server;
+	
+	root /var/www/html;
+
+	index index.html index.php;
+
+    server_name _ ~^(?<sub>.+)\.attacker\.com$;
+	
+	location ~* \/(polling|callback|staging).* {
+		proxy_pass    http://127.0.0.1:3000;
+		proxy_read_timeout  3600;
+    }
+		
+    ssl_certificate     /path/to/your/wildcard/cert/goes/here/fullchain.pem;
+    ssl_certificate_key /path/to/your/wildcard/cert/goes/here/privkey.pem;
+}
