How to capture HTTP request / response headers with mitmproxy?

前端 未结 3 828
孤独总比滥情好
孤独总比滥情好 2021-02-09 12:41

I have been able to capture the HTTP(s) traffic from a smartphone and also stored this traffic using mitmdump using the command

mitmdump -w outfile
相关标签:
3条回答
  • 2021-02-09 13:33

    You can extract any header fields you need, e.g., with mitmdump and the flow object (python inline scripts). Inline scripts are documented here: https://mitmproxy.org/doc/scripting/inlinescripts.html

    To extract all headers, I used the following command:

    $ mitmdump -n -q -s parse_headers.py -r <file>.mitm
    

    The parse_headers.py inline script is as follows:

    def response(context, flow):
        request_headers = [{"name": k, "value": v} for k, v in flow.request.headers]
        response_headers = [{"name": k, "value": v} for k, v in flow.response.headers]
        print request_headers
        print response_headers
    
    0 讨论(0)
  • 2021-02-09 13:38

    Yet another derived snippet based on previous responses and updated to python3:

    def response(flow):
        print("")
        print("="*50)
        #print("FOR: " + flow.request.url)
        print(flow.request.method + " " + flow.request.path + " " + flow.request.http_version)
    
        print("-"*50 + "request headers:")
        for k, v in flow.request.headers.items():
            print("%-20s: %s" % (k.upper(), v))
    
        print("-"*50 + "response headers:")
        for k, v in flow.response.headers.items():
            print("%-20s: %s" % (k.upper(), v))
            print("-"*50 + "request headers:")
    

    Command line:

    mitmdump -q -v -s parse_headers.py -R http://localhost:9200 -p 30001

    Output:

    ==================================================
    GET / HTTP/1.1
    --------------------------------------------------request headers:
    CONTENT-TYPE        : application/json
    ACCEPT              : application/json
    USER-AGENT          : Jakarta Commons-HttpClient/3.1
    HOST                : localhost
    --------------------------------------------------response headers:
    CONTENT-TYPE        : application/json; charset=UTF-8
    CONTENT-LENGTH      : 327
    
    0 讨论(0)
  • 2021-02-09 13:41

    U was using @rvaneijk, but I was getting the following error:

    Script error: too many values to unpack 
    Script error: too many values to unpack
    

    I found a solution at 'too many values to unpack', iterating over a dict. key=>string, value=>list and changed the code as follows:

    [root@npmjs npmo-server]# cat parse_headers.py
    def response(context, flow):
      request_headers = [{"name": k, "value": v} for k, v in flow.request.headers.iteritems()]
      response_headers = [{"name": k, "value": v} for k, v in flow.response.headers.iteritems()]
      print "################################"
      print "FOR: " + flow.request.url
      print flow.request.method + " " + flow.request.path + " " + flow.request.http_version
      print "HTTP REQUEST HEADERS"
      print request_headers
      print "HTTP RESPONSE HEADERS"
      print response_headers
      print ""
    

    The output of this is as follows:

    10.137.66.4:63870: clientdisconnect
    
    ################################
    FOR: http://pe2enpmas300.corp.company.net:8081/csv-stringify
    GET /csv-stringify HTTP/1.1
    HTTP REQUEST HEADERS
    [{'name': 'accept-encoding', 'value': 'gzip'}, {'name': 'authorization', 'value': 'Bearer d2e0770656a9726dfb559ea2ddccff3078dba9a0'}, {'name': 'version', 'value': '2.11.2'}, {'name': 'accept', 'value': 'application/json'}, {'name': 'referer', 'value': 'install restify'}, {'name': 'npm-session', 'value': 'a9a4d805c6392599'}, {'name': 'user-agent', 'value': 'npm/2.11.2 node/v0.10.25 linux x64'}, {'name': 'if-none-match', 'value': 'W/"43fb-8/w7tzRZ9CvawCJo5Uiisg"'}, {'name': 'host', 'value': 'registry-e2e.npmjs.intuit.net'}, {'name': 'Connection', 'value': 'keep-alive'}, {'name': 'X-Forwarded-For', 'value': '10.181.70.43'}]
    HTTP RESPONSE HEADERS
    [{'name': 'X-Powered-By', 'value': 'Express'}, {'name': 'ETag', 'value': 'W/"43fb-8/w7tzRZ9CvawCJo5Uiisg"'}, {'name': 'Date', 'value': 'Tue, 18 Oct 2016 08:04:45 GMT'}, {'name': 'Connection', 'value': 'keep-alive'}]
    

    You can use Docker as follows:

    1. Create the file locally
    2. Run the following

    Make sure you have read permission on the file.

    docker run -ti -p 8080:8080 -v $PWD/parse_headers.py:/tmp/parse_headers.py 
        mitmproxy/mitmproxy mitmdump -s /tmp/parse_headers.py 
        -R http://npmjs.corp.company.net:8081 8080
    
    0 讨论(0)
提交回复
热议问题