mitmproxy is a tool, or rather a package for python, that operates on the command line.
MITM or Man-in-the-middle attack.
It is useful to use this tool to capture packets on the command line and also to script the captured packets.
Installing mitmproxy
To install this we must first have pip installed. pip comes with python, so you can ignore it if you have python installed, and we won't go into how to install it here, just the mitmproxy.
Open the command line and type pip install mitmproxy.
Press enter to download
But in the end the download failed
error: Microsoft Visual C++ 14.0 is required. Get it with “Microsoft Visual C++ Build Tools”: /visual-cpp-build-tools
The reason is that you need to install Microsoft Visual C++ V14.0 or above on your window system to install this package.
This can be done in the/zh-hans/downloads/You can just download it directly, after installing it you need to install all the c++ de libraries and stuff, and then just install mitmproxy from the command line.
Check the mitmproxy version after installation
At the command line, enter mitmproxy --version
This is because the window operating system does not support the use of the mitmproxy command, we can use mitmdump or mitmweb instead.
That made it work.
How to use mitmproxy to capture packets
Enable packet capture: mitmdump
This is the beginning of the packet capture, listening to all the addresses, the port is 8080, if you need to change the port number, you can press ctrl + c to exit the packet capture, and then enter the following command:
mitmdump -p 8889
This changes the port number to 8889.
If you need to grab packets from your cell phone, you need to change the proxy on the wifi you are connected to.
The host name above is the ip address of your computer that captured the packet, and the port number is the port number you just set. After setting up, open your browser to view it.
We found that there is a problem with the certificate required, we also need to install the certificate provided by mitmproxy, otherwise the packet capture will fail.
Installation of the certificate: Browser input
Then just install it according to your phone system.
Then you can do a packet capture. Type in your browser and you'll see the following.
The computer side is almost the same way, both set up the proxy and then install the certificate, so I won't say more here.
post-capture operation
Because of the operation on the window, you can only use mitmdump and mitmweb two commands, mitmdump command is no interface, can only be silently capture packets, can not be viewed and filtered packets. The mitmweb command has no interface, it can only capture packets silently, it can't view or filter packets. mitmweb can capture packets on a web page for debugging. So we will use mitmweb for debugging.
1. Start grabbing packets
mitmweb -p 8889
You'll see these packages as you type.
Viewing the request and response information for a package is simply a matter of clicking on the corresponding package. The rest is self-explanatory.
Running python scripts on mitmproxy
The power of mitmproxy lies in its ability to run python scripts to handle requests, so let's see how.
mitmdump -p 889 -s
This is the script that is run at the same time as the packet capture, the code is:
# It has to be written like this. def request(flow): print() # Print Request Header
This is to print the captured request header, the name of the method and the name of the parameter are fixed, if you write the wrong one, you can't run the script.
This looks like a start, then open the page on your phone.
This way it outputs their request header.
But the output is not obvious, we can use one of the logging modules inside to output, this way it will show a different color.
The command line shows this:
It's much clearer this way.
In addition to the request headers above, we also have access to their request methods, request paths, etc.
The response to the request can also be fetched:
Again, the method name and parameters are fixed here, and not writing this will not capture it.
This is the whole content of this article.