mitmproxy
跳转到导航
跳转到搜索
代码片断
保存经过代理的所有图片
#!/usr/bin/mitmdump -s
from __future__ import print_function
import os
from urlparse import urlsplit
from libmproxy.protocol.http import decoded
def response(context, flow):
with decoded(flow.response):
if flow.response.headers['Content-Type'][0].startswith('image/'):
url = urlsplit(flow.request.url)
name = os.path.basename(url.path)
with open(name, 'wb') as f:
f.write(flow.response.content)
print(name, 'written')
透明 HTTP 代理
可直接接收 HTTP 流量,依据 HTTP Host 头或者 TLS SNI 来确定要连接的服务器地址。[1]
#!/usr/bin/mitmproxy -s
'''
usage: ./dns_spoofing -R http://example.com/
'''
import re
# This regex extracts splits the host header into host and port.
# Handles the edge case of IPv6 addresses containing colons.
# https://bugzilla.mozilla.org/show_bug.cgi?id=45891
parse_host_header = re.compile(r"^(?P<host>[^:]+|\[.+\])(?::(?P<port>\d+))?$")
def request(context, flow):
if flow.client_conn.ssl_established:
flow.request.scheme = "https"
sni = flow.client_conn.connection.get_servername()
port = 443
else:
flow.request.scheme = "http"
sni = None
port = 80
host_header = flow.request.pretty_host
m = parse_host_header.match(host_header)
if m:
host_header = m.group("host").strip("[]")
if m.group("port"):
port = int(m.group("port"))
flow.request.host = sni or host_header
flow.request.port = port
服务端重放
记录数据:
mitmdump -w nvdump -p 7890
运行要被重放的程序。这里设置 FAKEROOTDONTTRYCHOWN=1 是为了 fakeroot pacman。
http_proxy=http://localhost:7890 https_proxy=$http_proxy FAKEROOTDONTTRYCHOWN=1 bwrap --dev-bind / / --bind ~/.mitmproxy/mitmproxy-ca-cert.pem /etc/ssl/cert.pem pytest
重放并记录之前未被记录的请求到新文件:
mitmdump -S nvdump -p 7890 --server-replay-reuse --server-replay-extra=forward -w newdump
新文件可以和旧文件 cat 到一起。