初試使用mitmproxy搭建網絡代理
##1 參考文章
老版本的很多功能已經不能用了,用新的版本研究了一下
參考文章
https://mitmproxy.org/
http://www.freebuf.com/sectool/76361.html
案例及其源碼參考:
https://github.com/mitmproxy/mitmproxy
##2 環境安裝
使用ubuntu進行安裝工作:
sudo apt-get install python3-dev python3-pip libffi-dev libssl-dev`
sudo pip3 install mitmproxy
搭建手機代理,ubuntu或者kali的網絡配置可參考
http://blog.csdn.net/zhy025907/article/details/54994221
手機端需要導入的證書:
瀏覽器訪問:mitm.it
或者使用自定義證書:http://docs.mitmproxy.org/en/stable/certinstall.html
##3 測試demo
保存所有的response和request報文,一般這兩個足夠用了,後面再怎麼加過濾條件,都可以根據需求做一點調整,注意數據流
flow -> httpflow ->(HTTPRequest,HTTPResponse)
####測試腳本 test.py
def response(flow):
##查看源碼獲得的response字典
response_dic = {
'http_version' : None,
'status_code' : None,
'reason' : None,
'headers' : None,
'content' : None,
'timestamp_start' : None,
'timestamp_end' : None,
'is_replay' : False
}
response_dic['http_version'] = flow.response.http_version
response_dic['status_code'] = flow.response.status_code
response_dic['reason'] = flow.response.reason
response_dic['headers'] = flow.response.headers
response_dic['content'] = flow.response.content
response_dic['timestamp_start'] = flow.response.timestamp_start
response_dic['timestamp_end'] = flow.response.timestamp_end
response_dic['is_replay'] = flow.response.is_replay
###test
print(response_dic['http_version'])
####
####根據需求寫正則表達式進行過濾
####
print(flow.response.http_version)
for key in response_dic:
fin = open("response_list.txt","a")
fin.write("handle response %s: %s\n" % (key,response_dic[key]))
fin.close()
def request(flow):
##查看源碼獲得的request字典
request_dic = {
'first_line_format' : None,
'method' : None,
'scheme' : None,
'host' : None,
'port' : None,
'path' : None,
'http_version' : None,
'headers' : None,
'content' : None,
'timestamp_start' : None,
'timestamp_end' : None,
}
request_dic['first_line_format'] = flow.request.first_line_format
request_dic['method'] = flow.request.method
request_dic['scheme'] = flow.request.scheme
request_dic['host'] = flow.request.host
request_dic['port'] = flow.request.port
request_dic['path'] = flow.request.path
request_dic['http_version'] = flow.request.http_version
request_dic['headers'] = flow.request.headers
request_dic['content'] = flow.request.content
request_dic['timestamp_start'] = flow.request.timestamp_start
request_dic['timestamp_end'] = flow.request.timestamp_end
####
####根據需求寫正則表達式進行過濾
####
for key in request_dic:
fin = open("request_list.txt","a")
fin.write("handle request %s : %s\n" % (key,str(request_dic[key]).encode("gbk")))
fin.close()