mitmproxy 介绍

mitmproxy是一个支持SSL的人在这方面的中间人HTTP代理。它提供了一个控制台界面,允许流量进行检查和编辑的飞行。同时运是mitmdump,mitmproxy的命令行版本,具有相同的功能,但没有多余的装饰。想想tcpdump的断点续传。

资料来源:http://mitmproxy.org/
mitmproxy 首页
mitmproxy 源代码版本库

包含在mitmproxy里的工具

mitmproxy - 支持SSL中间人的HTTP代理

:~# mitmproxy -h
usage: mitmproxy [options]

optional arguments:
  -h, --help            show this help message and exit
  --version             show program's version number and exit
  -b ADDR               Address to bind proxy to (defaults to all interfaces)
  --anticache           Strip out request headers that might cause the server
                        to return 304-not-modified.
  --confdir CONFDIR     Configuration directory. (~/.mitmproxy)
  -e                    Show event log.
  -n                    Don't start a proxy server.
  -p PORT               Proxy service port.
  -P REVERSE_PROXY      Reverse proxy to upstream server:
                        http[s]://host[:port]
  -F FORWARD_PROXY      Proxy to unconditionally forward to:
                        http[s]://host[:port]
  -q                    Quiet.
  -r RFILE              Read flows from file.
  -s "script.py --bar"  Run a script. Surround with quotes to pass script
                        arguments. Can be passed multiple times.
  -t FILTER             Set sticky cookie filter. Matched against requests.
  -T                    Set transparent proxy mode.
  -u FILTER             Set sticky auth filter. Matched against requests.
  -v                    Increase verbosity. Can be passed multiple times.
  -w WFILE              Write flows to file.
  -z                    Try to convince servers to send us un-compressed data.
  -Z SIZE               Byte size limit of HTTP request and response bodies.
                        Understands k/m/g suffixes, i.e. 3m for 3 megabytes.
  --host                Use the Host header to construct URLs for display.
  --no-upstream-cert    Don't connect to upstream server to look up
                        certificate details.
  --debug
  --palette PALETTE     Select color palette: dark, light, solarized_dark,
                        solarized_light

Web App:
  -a                    Disable the mitmproxy web app.
  --app-host host       Domain to serve the app from. For transparent mode,
                        use an IP when a DNS entry for the app domain is not
                        present. Default: mitm.it
  --app-port 80         Port to serve the app from.
  --app-external        Serve the app outside of the proxy.

Client Replay:
  -c PATH               Replay client requests from a saved file.

Server Replay:
  -S PATH               Replay server responses from a saved file.
  -k                    Kill extra requests during replay.
  --rheader RHEADERS    Request headers to be considered during replay. Can be
                        passed multiple times.
  --norefresh           Disable response refresh, which updates times in
                        cookies and headers for replayed responses.
  --no-pop              Disable response pop from response flow. This makes it
                        possible to replay same response multiple times.

Replacements:
  Replacements are of the form "/pattern/regex/replacement", where the
  separator can be any character. Please see the documentation for more
  information.

  --replace PATTERN     Replacement pattern.
  --replace-from-file PATH
                        Replacement pattern, where the replacement clause is a
                        path to a file.

Set Headers:
  Header specifications are of the form "/pattern/header/value", where the
  separator can be any character. Please see the documentation for more
  information.

  --setheader PATTERN   Header set pattern.

Proxy Authentication:
  Specify which users are allowed to access the proxy and the method used
  for authenticating them. These options are ignored if the proxy is in
  transparent or reverse proxy mode.

  --nonanonymous        Allow access to any user long as a credentials are
                        specified.
  --singleuser USER     Allows access to a a single user, specified in the
                        form username:password.
  --htpasswd PATH       Allow access to users specified in an Apache htpasswd
                        file.

SSL:
  --cert CERT           User-created SSL certificate file.
  --client-certs CLIENTCERTS
                        Client certificate directory.

Filters:
  See help in mitmproxy for filter expression syntax.

  -i INTERCEPT, --intercept INTERCEPT
                        Intercept filter expression.

mitmdump(命令行的mitmproxy) - 改进后的tcpdump,用于HTTP

:~# mitmdump -h
usage: mitmdump [options] [filter]

positional arguments:
  args

optional arguments:
  -h, --help            show this help message and exit
  --version             show program's version number and exit
  -b ADDR               Address to bind proxy to (defaults to all interfaces)
  --anticache           Strip out request headers that might cause the server
                        to return 304-not-modified.
  --confdir CONFDIR     Configuration directory. (~/.mitmproxy)
  -e                    Show event log.
  -n                    Don't start a proxy server.
  -p PORT               Proxy service port.
  -P REVERSE_PROXY      Reverse proxy to upstream server:
                        http[s]://host[:port]
  -F FORWARD_PROXY      Proxy to unconditionally forward to:
                        http[s]://host[:port]
  -q                    Quiet.
  -r RFILE              Read flows from file.
  -s "script.py --bar"  Run a script. Surround with quotes to pass script
                        arguments. Can be passed multiple times.
  -t FILTER             Set sticky cookie filter. Matched against requests.
  -T                    Set transparent proxy mode.
  -u FILTER             Set sticky auth filter. Matched against requests.
  -v                    Increase verbosity. Can be passed multiple times.
  -w WFILE              Write flows to file.
  -z                    Try to convince servers to send us un-compressed data.
  -Z SIZE               Byte size limit of HTTP request and response bodies.
                        Understands k/m/g suffixes, i.e. 3m for 3 megabytes.
  --host                Use the Host header to construct URLs for display.
  --no-upstream-cert    Don't connect to upstream server to look up
                        certificate details.
  --keepserving         Continue serving after client playback or file read.
                        We exit by default.

Web App:
  -a                    Disable the mitmproxy web app.
  --app-host host       Domain to serve the app from. For transparent mode,
                        use an IP when a DNS entry for the app domain is not
                        present. Default: mitm.it
  --app-port 80         Port to serve the app from.
  --app-external        Serve the app outside of the proxy.

Client Replay:
  -c PATH               Replay client requests from a saved file.

Server Replay:
  -S PATH               Replay server responses from a saved file.
  -k                    Kill extra requests during replay.
  --rheader RHEADERS    Request headers to be considered during replay. Can be
                        passed multiple times.
  --norefresh           Disable response refresh, which updates times in
                        cookies and headers for replayed responses.
  --no-pop              Disable response pop from response flow. This makes it
                        possible to replay same response multiple times.

Replacements:
  Replacements are of the form "/pattern/regex/replacement", where the
  separator can be any character. Please see the documentation for more
  information.

  --replace PATTERN     Replacement pattern.
  --replace-from-file PATH
                        Replacement pattern, where the replacement clause is a
                        path to a file.

Set Headers:
  Header specifications are of the form "/pattern/header/value", where the
  separator can be any character. Please see the documentation for more
  information.

  --setheader PATTERN   Header set pattern.

Proxy Authentication:
  Specify which users are allowed to access the proxy and the method used
  for authenticating them. These options are ignored if the proxy is in
  transparent or reverse proxy mode.

  --nonanonymous        Allow access to any user long as a credentials are
                        specified.
  --singleuser USER     Allows access to a a single user, specified in the
                        form username:password.
  --htpasswd PATH       Allow access to users specified in an Apache htpasswd
                        file.

SSL:
  --cert CERT           User-created SSL certificate file.
  --cert CERT           User-created SSL certificate file.
  --client-certs CLIENTCERTS
                        Client certificate directory.

mitmproxy 用法示例

运行mitmproxy监听在端口2139(-P)。

:~# mitmproxy -p 2139