An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

Overview

mitmproxy

Continuous Integration Status Coverage Status Latest Version Supported Python versions

mitmproxy is an interactive, SSL/TLS-capable intercepting proxy with a console interface for HTTP/1, HTTP/2, and WebSockets.

mitmdump is the command-line version of mitmproxy. Think tcpdump for HTTP.

mitmweb is a web-based interface for mitmproxy.

Installation

The installation instructions are here. If you want to install from source, see CONTRIBUTING.md.

Documentation & Help

General information, tutorials, and precompiled binaries can be found on the mitmproxy website.

mitmproxy.org

The documentation for mitmproxy is available on our website:

mitmproxy documentation stable mitmproxy documentation master

If you have questions on how to use mitmproxy, please ask them on StackOverflow!

StackOverflow: mitmproxy

Contributing

As an open source project, mitmproxy welcomes contributions of all forms.

Dev Guide

Also, please feel free to join our developer Slack!

Slack Developer Chat

Comments
  • poor interactive performance / hanging requests

    poor interactive performance / hanging requests

    i use mitmproxy for interactive browsing a lot. that is, i run an mitmdump instance continuously, and use it from multiple browsers on multiple computers.

    recently this started to be a rather frustrating experience. i suspect it's related to the new proxy core, or it could be related to debian upgrading to python 3.9? sadly it turned out non-trivial to roll this back.

    initially after mitmproxy startup, everything works smoothly, but then suddenly stalls, many requests hang for a very long time until mitmproxy returns a response. sometimes this starts almost immediately, sometimes after hours, it possibly recovers by itself, but usually i give up waiting and restart mitmproxy. (most times the requests seem to do finish, but only after many minutes.) this is probably most easily reproduced with resource-heavy sites, like facebook.com, openstreetmap.org, ...

    in netstat, i don't see mitmproxy having many connections to the destination servers open, so i suspect it's an internal limitation. ( i typically check with $ netstat -ntp | grep EST.*python | grep -v :8080 | awk '{print $5}' | sort | uniq -c | sort -n)

    my initial suspicion was that there is a limit on the number of concurrent connections, and that that pool is used up by connections that are in some invalid state and/or waiting for a timeout.

    i already found a per-connection.address] limit at https://github.com/mitmproxy/mitmproxy/blob/dc6c5f55cd25236e9469c24b85c8cafd29573281/mitmproxy/proxy/server.py#L84 and increased it significantly, but that did not lead to consistent improvements. (i also added a warning on if self.max_conns[command.connection.address].locked():, but it doesn't seem to trigger.)

    can you suggest what else i could do to diagnose this? is there another connection limit besides max_conns in proxy? is there existing code/facilities to introspect/dump the currently open incoming connections and their state? an option to log connection-level tracing info?

    System Information

    Paste the output of "mitmproxy --version" here.

    (venv) [email protected][~/mitmproxy]$ mitmproxy --version
    Mitmproxy: 7.0.0.dev (+332, commit aebc40c)
    Python:    3.9.1+
    OpenSSL:   OpenSSL 1.1.1i  8 Dec 2020
    Platform:  Linux-5.8.0-1-amd64-x86_64-with-glibc2.31
    
    kind/triage 
    opened by r00t- 64
  • Move to Python 3

    Move to Python 3

    Creating this as a catch-all ticket to elicit some discussion of Python3 support, which has become something of an FAQ.

    We're going to have to make the jump to Python3 at some point. All our dependencies (last time I checked) were Python 3-ready, so in theory we could make the leap. If we do it, we would do Python 3-only - I don't think there's a benefit to trying to maintain Python 2/3 Frankenstein that gives us the worst of both worlds.

    This leaves us with two issues. First, there's a legacy concern - quite a few people use libmproxy to build things, and I know that I personally would probably have a few weeks of work ahead of me just in converting existing related projects over.

    The second thing has to do with Python 3 and its treatment of Unicode/strings. Mitmproxy is "special", in the sense that it deals with loosely typed, untrusted and possibly intentionally corrupted data flows. It's a boundary layer between a weird world where string encodings can't be assumed, and the higher levels like the UI and so forth, where Python 3 forces us to have unicode. In this sense, it's similar to other programs that deal with on-the-wire data, like web frameworks (though our problem is even worse). Have a look at Armin Ronacher's experience with Python 3 Unicode and Flask/Jinja2/etc.:

    http://lucumr.pocoo.org/2014/1/5/unicode-in-2-and-3/

    http://lucumr.pocoo.org/2014/5/12/everything-about-unicode/

    I know that this has frustrated some people working on similar programs enough that they've moved away from Python altogether....

    Where does this leave us? Well, clearly we clearly can't stay on Python2 in the longer term. The Python3 situation is pretty dire, but has very gradually been getting very slightly better. 3.4 included some improvements, and I think 3.5 will have a few more. The key issues are intrinsic to the language design, though, and will never go away.

    opened by cortesi 53
  • add transparent server mode based on WireGuard

    add transparent server mode based on WireGuard

    This is a draft for a transparent mode implementation based on WireGuard. I'm filing this "early" even though some things aren't finished yet, but I'm looking for feedback on whether things are generally looking "OK" or if some things should be done differently.

    New mode spec for a WireGuard mode:

    • simple and extensible key-value based settings syntax (in case more settings need to be specified in the future)
    • currently supported settings: listen_port to override the default WireGuard port (51820), name to override the default filename prefix for generated WireGuard configuration files (mitmproxy_wireguard), and peers to override the default number of peers (1) for which a configuration will be generated
    • unit tests to verify that the new mode spec is parsed correctly

    New WireGuard server mode implementation:

    • new implementation of WireGuardConnectionHandler (based on ProxyConnectionHandler but using mitmproxy_wireguard.TcpStream instead of `asyncio.StreamReader/StreamWriter)
    • new implementation of WireGuardInstance: based on TcpServerInstance / TransparentInstance for TCP, and UdpServerInstance for UDP (not hooked up yet, better support for UDP connections needs to be implemented in mitmproxy_wireguard first)
    • small adaptations for accepted types of reader / writer in ConnectionIO (might need to be refactored to be generic, and / or require further adaptations once mitmproxy_wireguard.UdpStream is ready for handling UDP packets)
    • not done yet: unit tests (maybe something similar to the test_transparent test in tests/mitmproxy/proxy/test_mode_servers.py?)

    What's not working yet:

    • TcpStream.get_extra_info("original_addr") is not implemented yet, but exposing the original destination in this manner should be relatively straightforward in mitmproxy_wireguard.
    • Running mitmdump --mode wireguard:[spec] correctly generates WireGuard configuration files with the given settings, but then crashes with invalid IP address syntax and I cannot find where this error message is coming from (grepping mitmproxy source code doesn't yield any hits for this string and relevant substrings of it).
    opened by decathorpe 44
  • Error: [('PEM routines', 'PEM_read_bio', 'no start line'), ('SSL routines', 'SSL_CTX_use_certificate_file', 'PEM lib')]

    Error: [('PEM routines', 'PEM_read_bio', 'no start line'), ('SSL routines', 'SSL_CTX_use_certificate_file', 'PEM lib')]

    just did git clone mitmproxy, but error is still here


    Error in processing of request from 46.72.191.27:52247 Traceback (most recent call last): File "/opt/python2.7/lib/python2.7/site-packages/netlib/tcp.py", line 353, in request_thread self.handle_connection(request, client_address) File "/opt/python2.7/lib/python2.7/site-packages/libmproxy/proxy.py", line 536, in handle_connection h.handle() File "/opt/python2.7/lib/python2.7/site-packages/libmproxy/proxy.py", line 191, in handle while self.handle_request(cc) and not cc.close: File "/opt/python2.7/lib/python2.7/site-packages/libmproxy/proxy.py", line 206, in handle_request request = self.read_request(cc) File "/opt/python2.7/lib/python2.7/site-packages/libmproxy/proxy.py", line 455, in read_request return self.read_request_proxy(client_conn) File "/opt/python2.7/lib/python2.7/site-packages/libmproxy/proxy.py", line 395, in read_request_proxy self.convert_to_ssl(dummycert, self.config.certfile or self.config.cacert, handle_sni=sni) File "/opt/python2.7/lib/python2.7/site-packages/netlib/tcp.py", line 290, in convert_to_ssl ctx.use_certificate_file(cert) Error: [('PEM routines', 'PEM_read_bio', 'no start line'), ('SSL routines', 'SSL_CTX_use_certificate_file', 'PEM lib')]


    runing libmproxy application on centos 5

    getting errors

    There's been a recent contributed patch that could be relevant to this. Could you please try a current git checkout, and see if you still see these problems?

    Also, please do report this kind of thing on the Github bug tracker. It makes it much easier to keep track of things.

    Regards,

    Aldo

    opened by dsultanr 41
  • When I input “mitproxy”in commands, it is show 'module' object has no attribute 'TLSv1_2_METHOD'

    When I input “mitproxy”in commands, it is show 'module' object has no attribute 'TLSv1_2_METHOD'

    ➜  ~  mitmproxy
    Traceback (most recent call last):
      File "/usr/local/bin/mitmproxy", line 9, in <module>
        load_entry_point('mitmproxy==0.13.1', 'console_scripts', 'mitmproxy')()
      File "/Library/Python/2.7/site-packages/distribute-0.6.28-py2.7.egg/pkg_resources.py", line 337, in load_entry_point
        return get_distribution(dist).load_entry_point(group, name)
      File "/Library/Python/2.7/site-packages/distribute-0.6.28-py2.7.egg/pkg_resources.py", line 2311, in load_entry_point
        return ep.load()
      File "/Library/Python/2.7/site-packages/distribute-0.6.28-py2.7.egg/pkg_resources.py", line 2017, in load
        entry = __import__(self.module_name, globals(),globals(), ['__name__'])
      File "/Library/Python/2.7/site-packages/libmproxy/main.py", line 7, in <module>
        from . import version, cmdline
      File "/Library/Python/2.7/site-packages/libmproxy/cmdline.py", line 6, in <module>
        from . import filt, utils, version
      File "/Library/Python/2.7/site-packages/libmproxy/filt.py", line 38, in <module>
        from .protocol.http import decoded
      File "/Library/Python/2.7/site-packages/libmproxy/protocol/__init__.py", line 1, in <module>
        from .primitives import *
      File "/Library/Python/2.7/site-packages/libmproxy/protocol/primitives.py", line 4, in <module>
        import netlib.tcp
      File "/Library/Python/2.7/site-packages/netlib/tcp.py", line 26, in <module>
        'TLSv1.2': SSL.TLSv1_2_METHOD,
    AttributeError: 'module' object has no attribute 'TLSv1_2_METHOD'
    
    opened by cryingDream94 37
  • Memory Leaks in Native Code

    Memory Leaks in Native Code

    Steps to reproduce the problem:
    1. Download and extract Linux binaries from https://github.com/mitmproxy/mitmproxy/releases/download/v4.0.1/mitmproxy-4.0.1-linux.tar.gz
    2. sudo ./mitmweb --web-iface 192.168.86.88 --web-port 8081 --showhost --listen-host 192.168.86.88 --listen-port 8080
    3. Generate load from an external device or from a local browser. I use MITMProxy to capture video traffic, which tears through memory rather quickly against an HLS stream like http://bitdash-a.akamaihd.net/content/sintel/hls/playlist.m3u8. You can install https://addons.mozilla.org/en-US/firefox/addon/native_hls_playback/ in Firefox to get the playback to happen natively.
    4. Watch the stream tear through your RAM with .ts fragments (this is expected - video is heavy).
    5. Clear the screen with MITMProxy --> New
    6. Watch the RAM usage - it won't go down, and will continue to rise when new fragments come in.
    Any other comments? What have you tried so far?
    • Occurs in Docker and running natively tested on both x86 and ARMv7
    • Reproduced in Ubuntu 18.04 LTS and Alpine 3.7 Linux.

    I'm wondering if there's a part of the Python API for MITMProxy that MITMWeb needs to add to the "New" instruction in the React code.

    System information

    Mitmproxy: 4.0.1 binary Python: 3.6.3 OpenSSL: OpenSSL 1.1.0h 27 Mar 2018 Platform: Linux-4.15.0-22-generic-x86_64-with-debian-buster-sid

    kind/bug 
    opened by ironsalsa 36
  • Use mitmproxy behind reverse proxy

    Use mitmproxy behind reverse proxy

    Problem Description

    I currently have mitmproxy running on port 2010. However, I want to also be able to access under a host name, like mitmproxy.test

    Proposal

    Access mitmproxy from https://$DOMAIN.$TLD

    Alternatives

    A clear and concise description of any alternative solutions or features you've considered.

    Additional context

    Add any other context or screenshots about the proposal here.

    kind/feature 
    opened by DUOLabs333 34
  • mitmdump memory usage is always constantly growing

    mitmdump memory usage is always constantly growing

    (orignally mentioned in #4451 , but i don't think it's related to the issue discussed there and should get a separate ticket)

    Problem Description

    i use mitmdump for interactive browsing a lot. that is, i run an mitmdump instance continuously, and use it from multiple browsers on multiple computers.

    i find that mitmdump's memory usage constantly grows, it appears as if it allocates memory for any request/response data it processes and then never frees it. note that i would expect this behaviour from mitmproxy running interactively, as it displays all the data in the UI, but mitmdump should have no reason to keep flows in memory after writing them out.

    here's a typical mitmdump memory usage graph out of my monitoring stack: mitmdump_rss

    mitmdump memory usage appears as a sawtooth pattern, rising until it's terminated. the growth rate is currently typically around 500mb/hour, it was less in the past, when it got through a whole day with under 2gb, and is higher than the rate of data actually dumped (under 1gb/day). in this graph mitmdump is manually terminated a few times, because of debugging #4451, and by a daily restart at midnight. (i also run a script that terminates it if it exceeds 3gb, to avoid it taking down my system.)

    some very rare phases of non-growth (as seen in the graph above) are very unlikely related to zero traffic - thanks to websites constantly loading stuff in the background nowadays, and many browsers and tabs, it's unlikely that traffic is ever zero.

    i see some extremely rare occurences (at most once a week) of larger amounts of memory being allocated and freed again, in the expected pattern of allocating it to handle a request, and freeing it again after the request is finished.

    Steps to reproduce the behavior:

    1. run mitmdump for a longer period and use it, possibly with multiple browsers with a large number of tabs open
    2. observe memory usage

    System Information

    i think it has been the case ever since i started using mitmproxy, the above graph is of current git master. (running with --set proxy_debug -vvv, but it doesn't make a difference to the behaviour.)

    kind/triage 
    opened by r00t- 33
  • Command language

    Command language

    The aim of this ticket is to come up with an on-paper design for an extension to the mitmproxy command language, before @kajojify moves to implementation. This is a GSoC project, but anyone should feel free to contribute to the discussion.

    Context

    The most significant change to mitmproxy in the last few years has been the shift to a modular core. Under this system, functionality is implemented in completely self-contained addons. Users interact with addons (and by extension with mitmproxy itself) ONLY through commands and options. Commands have globally unique names, a set of typed arguments, and a single typed return value. The command language we're discussing here is strictly the textual language users use to invoke and combine these typed addon commands.

    At the moment, the command language is used in two places:

    • The interactive command prompt of the console app.
    • Console key bindings, where all user interaction occurs through commands bound to keys.

    In coming releases, the command language will be even more prominent:

    • There will be a new key binding configuration file for customizing key bindings. #2963
    • All tools will support commands passed on the command-line, to be run at startup and shutdown. See discussion in #2963.
    • We're considering a new primitive called Actions. These are compound commands, like key bindings, but not bound to keys. See discussion in #2718.
    • Mitmweb will need to expose commands in some form to users. We'll have to discuss how to do this without re-implementing parsing on the client side.

    Aims

    What we're trying to achieve here is a language that works at two extrema:

    • On the interactive prompt and the command-line, it has to be terse and minimal. Any extra keystroke here has to be very clearly motivated. The current expression for short commands is literally as simple as possible, and probably can't be improved.
    • For commands can be composed of multiple subcommands - we have examples of up to 4 combined commands in key bindings - the language has to be readable, clear and minimise error.

    We should also keep in mind that it is explicitly not an aim to replace Python. Complicated commands are best expressed as full addons written in Python. This means that I want to be cautious about flow control in the command language - it might never be needed at all. There is a separate discussion to be had about making cross-addon invocation of commands better from within Python.

    Current language

    Commands support a small number of predefined argument and return value types. For each type, we define a parser, which converts a textual representation given by the user to the underlying type, a tab completer for interactive use, and a validator that checks whether an arbitrary Python value is a valid value. We know the arity of all functions up-front (with the exception of varargs as the last argument to a command). That lets us have a complete parser with no grouping operators.

    Syntactically, the language is very simple. It consists of a list of possibly quoted strings that can either be command names or arguments (as interpreted through the appropriate type parser).

    The text representation of a type value can be expanded in complex ways. For instance, mitmproxy's core primitive is the flow, and the current language supports sophisticated ways to select flows from the current session on the command-line. Another example is the cuts mechanism, which will be much more prominent in future releases. This expressiveness is a critical feature that I would like to maintain.

    Let's structure discussion around a set of examples that cover common use-cases. Below, I give a set of definitions in terms of the current language, along with a motivation and explanation. Please accompany concrete language suggestions with a similar table expressing the same examples, and any new ones you think are relevant.

    | Command | Description | | --- | --- | | view.remove @marked | Interactive. Remove all marked flows. | | replay.client "~h google.com" | Interactive. Replay all flows for host google.com. | | cut.save @all server_conn.address.host ~/hosts.csv | Complex interactive. Select the server host from all flows, and save to file. | | console.choose.cmd Format export.formats console.command export.file {choice} @focus | Complex key binding. This composes 4 commands - console.choose.cmd takes a prompt, a command to invoke to retrieve a set of options, and a command to invoke once the user has selected an option with a selected argument. A good example of something that is hard to parse in the current language, and which may in fact be hard in any variant. Anything much more complicated than this should be expressed in Python. |

    Implementation

    Implementations should maintain current usability features like tab expansion and syntax highlighting for partial commands. This means that parsers must be incremental. It also means that a parser needs to be reversible - we should be able to parse a command string, annotate it with syntax highlighting, and then recompose it on the command line for the user to continue editing. Please see the current implementation for how all of this works.

    We should aim to elaborate the language that's currently there step-by-step, rather than attempting a wholesale re-implementation. Please try to make proposals incremental, and tease separable ideas out into separate proposals.

    gsoc 
    opened by cortesi 33
  • twitter.com goes in timeout if HTTP2 is enabled

    twitter.com goes in timeout if HTTP2 is enabled

    Steps to reproduce the problem:
    1. Intercepting twitter.com with Firefox and Chrome -> timeout after ClientConnect Page never appears, with no error in logs

    Seen on SlackFor @cortesi, for him was working on Firefox but not Chrome

    Any other comments? What have you tried so far?

    Disabling HTTP2 works directly with --no-http2

    System information

    Mitmproxy version: 0.18.2 Python version: 3.5.2 Platform: Darwin-16.1.0-x86_64-i386-64bit SSL version: OpenSSL 1.0.2j 26 Sep 2016 Mac version: 10.12.1 ('', '', '') x86_64

    upstream area/protocols 
    opened by tomlabaude 30
  • tutorial addon to improve onboarding new users

    tutorial addon to improve onboarding new users

    Description

    Added a draft of the tutorial addon. To test the current state: start mitmproxy and open http://tutorial.mitm.it

    refs #3142

    Tasks

    • [x] Tutorial layout
    • [x] Sample voting app
    • [x] Tutorials: View flows / UI intro
    • [x] Tutorials: Interception / Modify
    • [x] Tutorials: Replay
    • [ ] Tutorials should be valid for mitmproxy and mitmweb
    • [ ] Add tests

    PR Checklist

    • [ ] I have updated tests where applicable.
    • [ ] I have added an entry to the CHANGELOG.
    gsoc 
    opened by mplattner 29
  • Ignored sites doesn't work as expected

    Ignored sites doesn't work as expected

    Problem Description

    I have 2 ios clients that connect through the proxy. I already installed the certs and everything works fine for the sites allowed. The issue is that on one of the two ios client (same configuration) facebook and tik tok app doesn't download data. I'm expect to works fine because is out of https inspection. If i try to check on logs, nothing there because is not in allowed host.

    mitmdump --allow-hosts google.

    Steps to reproduce the behavior:

    1. mitmdump --allow-hosts google.
    2. start ios facebook app or tik tok.
    3. The app doesn't work as expected

    System Information

    Paste the output of "mitmproxy --version" here.

    Mitmproxy: 6.0.2 Python: 3.10.7 OpenSSL: OpenSSL 3.0.5 5 Jul 2022 Platform: Linux-5.19.0-26-generic-x86_64-with-glibc2.36

    kind/triage 
    opened by mironalessandro 0
  • Undo/redo support for flow editing

    Undo/redo support for flow editing

    Problem Description

    When I'm pentesting an application with mitmproxy, I often perform a series of edits to a captured request. After each edit, I send the request and observe the result.

    Sometimes I reach a dead end and want to go back to a previous state in order to try out a different approach. But I've already made destructive modifications to the request, such as deleting headers.

    It would be nice if there was support for undoing my edits, so that I could easily roll back some of them.

    Proposal

    Keep a history of all edits done to a particular flow. Implement undo/redo actions, so that edits can easily be rolled back. Example bindings: u/<C-r> for undo/redo, respectively, similar to vim.

    Alternatives

    A partial workaround for the missing functionality is to duplicate the flow before you start editing.

    However, this is cumbersome to do when you're doing complex tests for a single endpoint for a number of reasons.

    First, you always have to ensure you leave at least one pristine copy to be able to roll back to the starting state.

    Second, a single mistake can ruin a given copy, so that you have to start all over again.

    Finally, sometimes a request has to be heavily edited to bring it into a base state for testing something. If you then want to make several smaller modifications on top of this heavily edited base state, it's much easier to just be able to edit, send, u, edit, send, u, ... rather than having to prepare the request all over again from scratch.

    kind/feature 
    opened by dkasak 2
  • Added dark mode to the Web UI

    Added dark mode to the Web UI

    Description

    Added Dark mode for the web interface with minimum changes.

    • Added toggle to Options tab
    • Added darkreader package

    Related issue https://github.com/mitmproxy/mitmproxy/issues/3886

    Checklist

    • [x] I have updated tests where applicable.
    • [x] I have added an entry to the CHANGELOG.
    opened by devapro 1
  • An 'AttributeError' error is raised when attempting to inject a WebSocket payload

    An 'AttributeError' error is raised when attempting to inject a WebSocket payload

    Problem Description

    The following error is raised when trying to inject a payload to the client for a WebSocket flow:

    warn: [15:49:35.042] Cannot inject WebSocket messages into non-WebSocket flows.
    error: [15:49:35.043] Traceback (most recent call last):
    
      File "asyncio/events.py", line 80, in _run
      File "urwid/raw_display.py", line 416, in <lambda>
      File "urwid/raw_display.py", line 515, in parse_input
      File "urwid/main_loop.py", line 412, in _update
      File "urwid/main_loop.py", line 513, in process_input
      File "mitmproxy/tools/console/window.py", line 304, in keypress
      File "urwid/container.py", line 1123, in keypress
      File "mitmproxy/tools/console/statusbar.py", line 203, in keypress
      File "mitmproxy/tools/console/statusbar.py", line 145, in keypress
      File "mitmproxy/tools/console/statusbar.py", line 174, in prompt_execute
      File "mitmproxy/tools/console/statusbar.py", line 110, in execute_command
      File "mitmproxy/tools/console/commandexecutor.py", line 18, in __call__
      File "mitmproxy/command.py", line 285, in execute
      File "mitmproxy/command.py", line 273, in call_strings
      File "mitmproxy/command.py", line 144, in call
      File "mitmproxy/command.py", line 315, in wrapper
      File "mitmproxy/addons/proxyserver.py", line 293, in inject_websocket
      File "mitmproxy/addons/proxyserver.py", line 273, in inject_event
    
    AttributeError: 'str' object has no attribute 'client_conn'
    

    Steps to reproduce the behavior:

    1. Try executing the following command, whilst focused on a flow: inject.websocket @focus true 'something' true

    System Information

    Mitmproxy: 9.0.1 binary
    Python:    3.11.0
    OpenSSL:   OpenSSL 3.0.7 1 Nov 2022
    Platform:  Linux-5.15.0-56-generic-x86_64-with-glibc2.35
    
    kind/bug area/console 
    opened by MaDKaTZe 2
  • Using mitmproxy with username/password and

    Using mitmproxy with username/password and "any auth" timeouts.

    Problem Description

    Using mitmproxy with username/password and "any auth" fails with a timeout.

    Steps to reproduce the behavior:

    1. Start mitmproxy (i.e docker container and setup authentication (i.e with "username:password")
    # docker run -it -p 8080:8080 -p 8081:8081 mitmproxy/mitmproxy mitmweb --web-host 0.0.0.0
    

    Now set "username:password" in the mitmweb gui for proxy authentication

    1. Using curl with curl -v -x http://proxy:8080 --proxy-anyauth https://upstream -U username:password
    # curl -v -x http://127.0.0.1:8080 --proxy-anyauth https://www.google.de -U username:password
    *   Trying 127.0.0.1:8080...
    * Connected to localhost (127.0.0.1) port 8080 (#0)
    * allocate connect buffer
    * Establish HTTP proxy tunnel to www.google.de:443
    > CONNECT www.google.de:443 HTTP/1.1
    > Host: www.google.de:443
    > User-Agent: curl/7.83.1
    > Proxy-Connection: Keep-Alive
    >
    < HTTP/1.1 407 Proxy Authentication Required
    < Proxy-Authenticate: Basic realm="mitmproxy"
    < content-length: 129
    <
    * Ignore 129 bytes of response-body
    * Establish HTTP proxy tunnel to www.google.de:443
    * Proxy auth using Basic with user 'username'
    > CONNECT www.google.de:443 HTTP/1.1
    > Host: www.google.de:443
    > Proxy-Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=
    > User-Agent: curl/7.83.1
    > Proxy-Connection: Keep-Alive
    >
    * Operation timed out after 1005 milliseconds with 0 bytes received
    * CONNECT phase completed
    * Closing connection 0
    

    it seems that mitmproxy does ignore the 2nd CONNECT after its 407 response

    output of the mitmproxy log:

    [07:19:32.889][172.17.0.1:50652] client connect
    [07:19:33.886][172.17.0.1:50652] client disconnect
    

    When using a squid proxy (i.e with TheBoroer/docker-squid-basic-auth)

    docker run -e SQUID_USERNAME=username -e SQUID_PASSWORD=password -p 8080:3128 boro/squid-basic-auth
    

    I get

    # curl -v -k -x http://localhost:8080 --proxy-anyauth https://www.google.de -U username:password
    *   Trying 127.0.0.1:8080...
    * Connected to localhost (127.0.0.1) port 8080 (#0)
    * allocate connect buffer
    * Establish HTTP proxy tunnel to www.google.de:443
    > CONNECT www.google.de:443 HTTP/1.1
    > Host: www.google.de:443
    > User-Agent: curl/7.83.1
    > Proxy-Connection: Keep-Alive
    >
    < HTTP/1.1 407 Proxy Authentication Required
    < Server: squid/3.5.12
    < Mime-Version: 1.0
    < Date: Wed, 30 Nov 2022 07:49:47 GMT
    < Content-Type: text/html;charset=utf-8
    < Content-Length: 3540
    < X-Squid-Error: ERR_CACHE_ACCESS_DENIED 0
    < Vary: Accept-Language
    < Content-Language: en
    < Proxy-Authenticate: Basic realm="Access restricted"
    < X-Cache: MISS from 9b6cf0b978a5
    < X-Cache-Lookup: NONE from 9b6cf0b978a5:3128
    < Via: 1.1 9b6cf0b978a5 (squid/3.5.12)
    < Connection: keep-alive
    <
    * Ignore 3540 bytes of response-body
    * Establish HTTP proxy tunnel to www.google.de:443
    * Proxy auth using Basic with user 'username'
    > CONNECT www.google.de:443 HTTP/1.1
    > Host: www.google.de:443
    > Proxy-Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=
    > User-Agent: curl/7.83.1
    > Proxy-Connection: Keep-Alive
    >
    < HTTP/1.1 200 Connection established
    <
    * Proxy replied 200 to CONNECT request
    * CONNECT phase completed
    * schannel: disabled automatic use of client certificate
    * ALPN: offers http/1.1
    * ALPN: server accepted http/1.1
    > GET / HTTP/1.1
    > Host: www.google.de
    > User-Agent: curl/7.83.1
    > Accept: */*
    >
    < HTTP/1.1 200 OK
    ... (google web page output stripped)
    

    System Information

    Mitmproxy: 9.0.1 Python: 3.11.0 OpenSSL: OpenSSL 3.0.7 1 Nov 2022 Platform: Linux-5.10.102.1-microsoft-standard-WSL2-x86_64-with-glibc2.31

    kind/bug area/protocols 
    opened by Flow86 1
Releases(9.0.1)
Log4j minecraft with python

log4jminecraft This code DOES NOT promote or encourage any illegal activities! The content in this document is provided solely for educational purpose

David Bombal 154 Dec 24, 2022
RapiDAST provides a framework for continuous, proactive and fully automated dynamic scanning against web apps/API.

RapiDAST RapiDAST provides a framework for continuous, proactive and fully automated dynamic scanning against web apps/API. Its core engine is OWASP Z

Red Hat Product Security 17 Nov 11, 2022
labsecurity is a tool that brings together python scripts made for ethical hacking, in a single tool, through a console interface

labsecurity labsecurity is a tool that brings together python scripts made for ethical hacking, in a single tool, through a console interface. Warning

Dylan Meca 16 Dec 08, 2022
Official repository for Pyew.

pyew Pyew is a (command line) python tool to analyse malware. It does have support for hexadecimal viewing, disassembly (Intel 16, 32 and 64 bits), PE

Joxean 362 Nov 28, 2022
Get important strings inside [Info.plist] & and Binary file also all output of result it will be saved in [app_binary].json , [app_plist_file].json file

Get important strings inside [Info.plist] & and Binary file also all output of result it will be saved in [app_binary].json , [app_plist_file].json file

12 Sep 28, 2022
Hack computer in the form of RAR files from all types of clients, even Linux

Program Features 📌 Hide malware 📌 Vulnerability software vulnerabilities RAR 📌 Creating malware 📌 Access client files 📌 Client Hacking 📌 Link Do

hack4lx 5 Nov 25, 2022
Python implementation for PrintNightmare (CVE-2021-1675 / CVE-2021-34527) using standard Impacket.

PrintNightmare Python implementation for PrintNightmare (CVE-2021-1675 / CVE-2021-34527) using standard Impacket. Installtion $ pip3 install impacket

Oliver Lyak 140 Dec 27, 2022
Flutter Reverse Engineering Framework

This framework helps reverse engineer Flutter apps using patched version of Flutter library which is already compiled and ready for app repacking. There are changes made to snapshot deserialization p

PT SWARM 910 Jan 01, 2023
CodeTest信息收集和漏洞利用工具

CodeTest信息收集和漏洞利用工具,可在进行渗透测试之时方便利用相关信息收集脚本进行信息的获取和验证工作,漏洞利用模块可选择需要测试的漏洞模块,或者选择所有模块测试,包含CVE-2020-14882, CVE-2020-2555等,可自己收集脚本后按照模板进行修改。

23 Mar 18, 2021
This collection of tools that makes it easy to secure and/or obfuscate messages, files, and data.

Scrambler App This collection of tools that makes it easy to secure and/or obfuscate messages, files, and data. It leverages encryption tools such as

Mystic 2 Aug 31, 2022
A collection of intelligence about Log4Shell and its exploitation activity

Log4Shell-IOCs Members of the Curated Intelligence Trust Group have compiled a list of IOC feeds and threat reports focused on the recent Log4Shell ex

Curated Intel 172 Nov 17, 2022
对安卓APP注入MSF PAYLOAD,并且对手机管家进行BYPASS。

520_APK_HOOK 介绍 将msf生成的payload,注入到一个正常的apk文件中,重新打包后进行加固,bypass手机安全管家的检测。 项目地址: https://github.com/cleverbao/520apkhook 作者: BaoGuo 优点 相比于原始的msf远控,此版本ap

BaoGuo 368 Jan 02, 2023
AnonStress-Stored-XSS-Exploit - An exploit and demonstration on how to exploit a Stored XSS vulnerability in anonstress

AnonStress Stored XSS Exploit An exploit and demonstration on how to exploit a S

صلى الله على محمد وآله 3 Jun 22, 2022
A Python replicated exploit for Webmin 1.580 /file/show.cgi Remote Code Execution

CVE-2012-2982 John Hammond | September 4th, 2021 Checking searchsploit for Webmin 1.580 I only saw a Metasploit module for the /file/show.cgi Remote C

John Hammond 25 Dec 08, 2022
这次是可可萝病毒!

可可萝病毒! 事情是这样的,我又开始不干正事了。 众所周知,在Python里,0x0等于0,但是不等于可可萝。 这很不好,我们得把它改成可可萝! 效果 一般的Python—— Python 3.8.0 (tags/v3.8.0:fa919fd, Oct 14 2019, 19:37:50) [MSC

黄巍 29 Jul 14, 2022
TOOLS CRACK FACEBOOK

Installation $ pkg update && pkg upgrade $ pkg install python2 $ pkg install git $ git clone https://github.com/Mark-Zuck/zafi $ cd zafi $ pip2 instal

Romi Afrizal 50 Dec 26, 2022
python写的一款免杀工具(shellcode加载器)BypassAV,国内杀软全过(windows denfend)

python写的一款免杀工具(shellcode加载器)BypassAV,国内杀软全过(windows denfend)

1frame 266 Jan 02, 2023
A Modified version of TCC's Osprey poc framework......

fierce-fish fierce-fish是由TCC(斗象能力中心)出品并维护的开源漏洞检测框架osprey的改写,去掉臃肿功能的精简版本poc框架 PS:真的用不惯其它臃肿的功能,不过作为一个收集漏洞poc && exp的框架还是非常不错的!!! osprey For beginners fr

lUc1f3r11 10 Dec 30, 2022
Remote Desktop Protocol in Twisted Python

RDPY Remote Desktop Protocol in twisted python. RDPY is a pure Python implementation of the Microsoft RDP (Remote Desktop Protocol) protocol (client a

Sylvain Peyrefitte 1.6k Dec 30, 2022
Gefilte Fish GMail filter creator

Gefilte Fish: GMail filter maker Gefilte Fish automates the creation of GMail filters. Use it like this: from gefilte import GefilteFish,

Ned Batchelder 31 Sep 28, 2022