Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to redirect HTTPS traffic to local HTTP server using mitmproxy?

Tags:

I am trying to setup mitmproxy so that I can make a request from my browser to https://{my-domain} and have it return a response from my local server running at http://localhost:3000 instead, but I cannot get the https request to reach my local server. I see the debugging statements from mitmproxy. Also, I can get it working for http traffic, but not for https.

I read the mitmproxy addon docs and api docs I've installed the cert and I can monitor https through the proxy.

I'm using Mitmproxy: 4.0.4 and Python: 3.7.4

This is my addon (local-redirect.py) and how I run mitmproxy:

from mitmproxy import ctx
import mitmproxy.http

class LocalRedirect:

  def __init__(self):
    print('Loaded redirect addon')

  def request(self, flow: mitmproxy.http.HTTPFlow):
    if 'my-actual-domain-here' in flow.request.pretty_host:
      ctx.log.info("pretty host is: %s" % flow.request.pretty_host)
      flow.request.host = "localhost"
      flow.request.port = 3000
      flow.request.scheme = 'http'

addons = [
  LocalRedirect()
]
$ mitmdump -s local-redirect.py | grep pretty

When I visit the url form my server, I see the logging statement, but my browser hangs on the request and there is no request made to my local server.

like image 343
J W Avatar asked Aug 23 '19 13:08

J W


People also ask

How do you use mitmproxy for https?

To start up mitmproxy, type mitmproxy , and it will start up bound to port 8080. The command-line interface (CLI) has VIM-like keybindings. q will quit, and arrow keys or h , j , k , l will move you up and down through the request list. ? will load the help, and <<enter>> will drill in on a specific request.

What port does mitmproxy use?

By default, mitmproxy listens on port 8080. Quick Check: You should already be able to visit an unencrypted HTTP site through the proxy.

What is mitmproxy tool?

mitmproxy is a free and open source interactive HTTPS proxy. mitmproxy is your swiss-army knife for debugging, testing, privacy measurements, and penetration testing. It can be used to intercept, inspect, modify and replay web traffic such as HTTP/1, HTTP/2, WebSockets, or any other SSL/TLS-protected protocols.

How does MITM proxy work?

Mitmproxy connects to the server, and establishes a TLS connection using the SNI hostname indicated by the client. The server responds with the matching certificate, which contains the CN and SAN values needed to generate the interception certificate.


1 Answers

The above addon was fine, however my local server did not support HTTP2.

Using the --no-http2 option was a quick fix:

mitmproxy -s local-redirect.py --no-http2 --view-filter localhost

or

mitmdump -s local-redirect.py --no-http2 localhost
like image 109
J W Avatar answered Nov 15 '22 04:11

J W