How to capture HTTP request / response headers with mitmproxy?
I have been able to capture the HTTP(s) traffic from a smartphone and also stored this traffic using mitmdump using the command
mitmdump -w outfile
-
You can extract any header fields you need, e.g., with mitmdump and the flow object (python inline scripts). Inline scripts are documented here: https://mitmproxy.org/doc/scripting/inlinescripts.html
To extract all headers, I used the following command:
$ mitmdump -n -q -s parse_headers.py -r <file>.mitmThe parse_headers.py inline script is as follows:
def response(context, flow): request_headers = [{"name": k, "value": v} for k, v in flow.request.headers] response_headers = [{"name": k, "value": v} for k, v in flow.response.headers] print request_headers print response_headers讨论(0) -
Yet another derived snippet based on previous responses and updated to python3:
def response(flow): print("") print("="*50) #print("FOR: " + flow.request.url) print(flow.request.method + " " + flow.request.path + " " + flow.request.http_version) print("-"*50 + "request headers:") for k, v in flow.request.headers.items(): print("%-20s: %s" % (k.upper(), v)) print("-"*50 + "response headers:") for k, v in flow.response.headers.items(): print("%-20s: %s" % (k.upper(), v)) print("-"*50 + "request headers:")Command line:
mitmdump -q -v -s parse_headers.py -R http://localhost:9200 -p 30001Output:
================================================== GET / HTTP/1.1 --------------------------------------------------request headers: CONTENT-TYPE : application/json ACCEPT : application/json USER-AGENT : Jakarta Commons-HttpClient/3.1 HOST : localhost --------------------------------------------------response headers: CONTENT-TYPE : application/json; charset=UTF-8 CONTENT-LENGTH : 327讨论(0) -
U was using @rvaneijk, but I was getting the following error:
Script error: too many values to unpack Script error: too many values to unpackI found a solution at 'too many values to unpack', iterating over a dict. key=>string, value=>list and changed the code as follows:
[root@npmjs npmo-server]# cat parse_headers.py def response(context, flow): request_headers = [{"name": k, "value": v} for k, v in flow.request.headers.iteritems()] response_headers = [{"name": k, "value": v} for k, v in flow.response.headers.iteritems()] print "################################" print "FOR: " + flow.request.url print flow.request.method + " " + flow.request.path + " " + flow.request.http_version print "HTTP REQUEST HEADERS" print request_headers print "HTTP RESPONSE HEADERS" print response_headers print ""The output of this is as follows:
10.137.66.4:63870: clientdisconnect ################################ FOR: http://pe2enpmas300.corp.company.net:8081/csv-stringify GET /csv-stringify HTTP/1.1 HTTP REQUEST HEADERS [{'name': 'accept-encoding', 'value': 'gzip'}, {'name': 'authorization', 'value': 'Bearer d2e0770656a9726dfb559ea2ddccff3078dba9a0'}, {'name': 'version', 'value': '2.11.2'}, {'name': 'accept', 'value': 'application/json'}, {'name': 'referer', 'value': 'install restify'}, {'name': 'npm-session', 'value': 'a9a4d805c6392599'}, {'name': 'user-agent', 'value': 'npm/2.11.2 node/v0.10.25 linux x64'}, {'name': 'if-none-match', 'value': 'W/"43fb-8/w7tzRZ9CvawCJo5Uiisg"'}, {'name': 'host', 'value': 'registry-e2e.npmjs.intuit.net'}, {'name': 'Connection', 'value': 'keep-alive'}, {'name': 'X-Forwarded-For', 'value': '10.181.70.43'}] HTTP RESPONSE HEADERS [{'name': 'X-Powered-By', 'value': 'Express'}, {'name': 'ETag', 'value': 'W/"43fb-8/w7tzRZ9CvawCJo5Uiisg"'}, {'name': 'Date', 'value': 'Tue, 18 Oct 2016 08:04:45 GMT'}, {'name': 'Connection', 'value': 'keep-alive'}]You can use Docker as follows:
- Create the file locally
- Run the following
Make sure you have read permission on the file.
docker run -ti -p 8080:8080 -v $PWD/parse_headers.py:/tmp/parse_headers.py mitmproxy/mitmproxy mitmdump -s /tmp/parse_headers.py -R http://npmjs.corp.company.net:8081 8080讨论(0)
加载中...
- 热议问题