HTTPS Grab Bag

Installation

Mitmproxy Official website describes the following command to install

pip install mitmproxy

I encountered some pits in the actual installation process, first of all the OS version of OSX El Capitan and above will be installed with six module dependency errors, depending on the discussion here. Another problem is that permissions errors occur during installation and need to be performed with root privileges. Finally installed successfully with the following command, can not install need to turn over the wall

install mitmproxy --ignore-installed six

Start using

First need to configure the network environment, the phone and computer connected to the same WiFi environment, and then into the phone settings-Wireless LAN, click the current connected WiFi Access Details Settings page, in the HTTP proxy field enter the current connection IP address, port 8080, the IP address can be in the power System Preferences on the brain-view on the network, configuration complete such as,

After the configuration of the network environment, we can start the actual capture, just open the terminal (Command Line Operation window) on the computer, and then enter mitmproxy -p 8080 , if you see the following page shows that you have successfully entered the packet capture mode, took the first step, cheer~

Next you can use the mobile phone to open some apps, not unexpectedly you can see a list of some HTTP requests. At this point we have not been able to catch the HTTPS packet, but also need to do some additional configuration.

The following actions are for the iPhone, and the other devices are similar. Open Safari Browser with IPhone and enter mitm.it, you will see the following page,

Select the corresponding platform and install the certificate, after the installation is ready to catch the HTTPS package, the official website explains how this tool works

Note: You need to be in the capture mode when you open the browser, otherwise you will not be able to see the above page

OK, here we have finished all the preparation, and then go with me to actually experience the HTTPS capture process.

Here, for example, using a mobile phone to open the knowledge, we should be able to see the request is now listed in the list, similar to:

The keyboard moves up and down, enter to view details, press the Tab key to toggle the top navigation bar, as shown,

Tips: Input z can be emptied list, input f and re-enter ~u xxx can filter out the URL for xxx request, more matching rules input ? view

Request interception

The above shows a general operation, and here is another powerful feature of mitmproxy that intercepts the modification of request and response.

Input i , then enter and ~s press ENTER again, this time entered the response interception mode. If the input ~q goes into the request interception mode, more commands can be entered for ？ viewing. The page in intercept mode is displayed as shown in

Where the orange indicates that the request is being intercepted, then enter and then press e to modify request or response. Changes are made with vim for editing, after the modification is completed press a the request release, if you want to release all the request input A .

The response request that I have modified an answer has changed the name of the person who made the answer, because only the response is modified and does not affect the other user's display:)

The above-mentioned instructions ？ can be found after the input, such as, another official web site also has a very detailed description

HTTPS Grab Bag