mitmproxy包装说明
mitmproxy是一个支持SSL的人在这方面的中间人HTTP代理。它提供了一个控制台界面,允许流量进行检查和编辑的飞行。同时运是mitmdump,mitmproxy的命令行版本,具有相同的功能,但没有多余的装饰。想想tcpdump的断点续传。 产品特点:
- 截取和修改在飞行HTTP流量
- 保存以备将来回放和分析HTTP会话
- 重播两个HTTP客户端和服务器
- 让使用Python脚本修改HTTP流量
- 在飞行中产生的SSL拦截证书 资料来源:http://mitmproxy.org/
- 作者:阿尔Cortesi的
许可:GPLv3的
0x01 包含在mitmproxy包工具
mitmproxy - 支持SSL的人在这方面的中间人HTTP代理
:~# mitmproxy -h usage: mitmproxy [options] optional arguments: -h, --help show this help message and exit --version show program's version number and exit -b ADDR Address to bind proxy to (defaults to all interfaces) --anticache Strip out request headers that might cause the server to return 304-not-modified. --confdir CONFDIR Configuration directory. (~/.mitmproxy) -e Show event log. -n Don't start a proxy server. -p PORT Proxy service port. -P REVERSE_PROXY Reverse proxy to upstream server: http[s]://host[:port] -F FORWARD_PROXY Proxy to unconditionally forward to: http[s]://host[:port] -q Quiet. -r RFILE Read flows from file. -s "script.py --bar" Run a script. Surround with quotes to pass script arguments. Can be passed multiple times. -t FILTER Set sticky cookie filter. Matched against requests. -T Set transparent proxy mode. -u FILTER Set sticky auth filter. Matched against requests. -v Increase verbosity. Can be passed multiple times. -w WFILE Write flows to file. -z Try to convince servers to send us un-compressed data. -Z SIZE Byte size limit of HTTP request and response bodies. Understands k/m/g suffixes, i.e. 3m for 3 megabytes. --host Use the Host header to construct URLs for display. --no-upstream-cert Don't connect to upstream server to look up certificate details. --debug --palette PALETTE Select color palette: dark, light, solarized_dark, solarized_light Web App: -a Disable the mitmproxy web app. --app-host host Domain to serve the app from. For transparent mode, use an IP when a DNS entry for the app domain is not present. Default: mitm.it --app-port 80 Port to serve the app from. --app-external Serve the app outside of the proxy. Client Replay: -c PATH Replay client requests from a saved file. Server Replay: -S PATH Replay server responses from a saved file. -k Kill extra requests during replay. --rheader RHEADERS Request headers to be considered during replay. Can be passed multiple times. --norefresh Disable response refresh, which updates times in cookies and headers for replayed responses. --no-pop Disable response pop from response flow. This makes it possible to replay same response multiple times. Replacements: Replacements are of the form "/pattern/regex/replacement", where the separator can be any character. Please see the documentation for more information. --replace PATTERN Replacement pattern. --replace-from-file PATH Replacement pattern, where the replacement clause is a path to a file. Set Headers: Header specifications are of the form "/pattern/header/value", where the separator can be any character. Please see the documentation for more information. --setheader PATTERN Header set pattern. Proxy Authentication: Specify which users are allowed to access the proxy and the method used for authenticating them. These options are ignored if the proxy is in transparent or reverse proxy mode. --nonanonymous Allow access to any user long as a credentials are specified. --singleuser USER Allows access to a a single user, specified in the form username:password. --htpasswd PATH Allow access to users specified in an Apache htpasswd file. SSL: --cert CERT User-created SSL certificate file. --client-certs CLIENTCERTS Client certificate directory. Filters: See help in mitmproxy for filter expression syntax. -i INTERCEPT, --intercept INTERCEPT Intercept filter expression.0x02 mitmdump(命令行的同伴mitmproxy) - 改进后的tcpdump的用于HTTP
:~# mitmdump -h usage: mitmdump [options] [filter] positional arguments: args optional arguments: -h, --help show this help message and exit --version show program's version number and exit -b ADDR Address to bind proxy to (defaults to all interfaces) --anticache Strip out request headers that might cause the server to return 304-not-modified. --confdir CONFDIR Configuration directory. (~/.mitmproxy) -e Show event log. -n Don't start a proxy server. -p PORT Proxy service port. -P REVERSE_PROXY Reverse proxy to upstream server: http[s]://host[:port] -F FORWARD_PROXY Proxy to unconditionally forward to: http[s]://host[:port] -q Quiet. -r RFILE Read flows from file. -s "script.py --bar" Run a script. Surround with quotes to pass script arguments. Can be passed multiple times. -t FILTER Set sticky cookie filter. Matched against requests. -T Set transparent proxy mode. -u FILTER Set sticky auth filter. Matched against requests. -v Increase verbosity. Can be passed multiple times. -w WFILE Write flows to file. -z Try to convince servers to send us un-compressed data. -Z SIZE Byte size limit of HTTP request and response bodies. Understands k/m/g suffixes, i.e. 3m for 3 megabytes. --host Use the Host header to construct URLs for display. --no-upstream-cert Don't connect to upstream server to look up certificate details. --keepserving Continue serving after client playback or file read. We exit by default. Web App: -a Disable the mitmproxy web app. --app-host host Domain to serve the app from. For transparent mode, use an IP when a DNS entry for the app domain is not present. Default: mitm.it --app-port 80 Port to serve the app from. --app-external Serve the app outside of the proxy. Client Replay: -c PATH Replay client requests from a saved file. Server Replay: -S PATH Replay server responses from a saved file. -k Kill extra requests during replay. --rheader RHEADERS Request headers to be considered during replay. Can be passed multiple times. --norefresh Disable response refresh, which updates times in cookies and headers for replayed responses. --no-pop Disable response pop from response flow. This makes it possible to replay same response multiple times. Replacements: Replacements are of the form "/pattern/regex/replacement", where the separator can be any character. Please see the documentation for more information. --replace PATTERN Replacement pattern. --replace-from-file PATH Replacement pattern, where the replacement clause is a path to a file. Set Headers: Header specifications are of the form "/pattern/header/value", where the separator can be any character. Please see the documentation for more information. --setheader PATTERN Header set pattern. Proxy Authentication: Specify which users are allowed to access the proxy and the method used for authenticating them. These options are ignored if the proxy is in transparent or reverse proxy mode. --nonanonymous Allow access to any user long as a credentials are specified. --singleuser USER Allows access to a a single user, specified in the form username:password. --htpasswd PATH Allow access to users specified in an Apache htpasswd file. SSL: --cert CERT User-created SSL certificate file. --client-certs CLIENTCERTS Client certificate directory.0x03 mitmproxy用法示例
运行在端口 2139 mitmproxy监听 (P)。
:~# mitmproxy -p 2139
原文来自:https://www.hackfun.org/kali-tools/mitmproxy_zh.html。转载请注明原出处,商用请联系原作者授权。