diff options
| author | Maximilian Hils <git@maximilianhils.com> | 2016-11-21 02:16:20 +0100 |
|---|---|---|
| committer | Maximilian Hils <git@maximilianhils.com> | 2016-11-21 02:28:10 +0100 |
| commit | 9af8f4bb31c94a25780a4189bffa406906249626 (patch) | |
| tree | cf52f1c312b7bac3d83d796d6b03bb33b4556f26 /examples/dns_spoofing.py | |
| parent | f74e561524d04c93cd7953f34e78ebe67eaa58a8 (diff) | |
| download | mitmproxy-9af8f4bb31c94a25780a4189bffa406906249626.tar.gz mitmproxy-9af8f4bb31c94a25780a4189bffa406906249626.tar.bz2 mitmproxy-9af8f4bb31c94a25780a4189bffa406906249626.zip | |
organize examples
This commit is largely based on work by Thiago Arrais (@thiagoarrais)
and Shane Bradfield (@l33tLumberjack). I wasn't really able to get their
PR reasonably merged onto the latest master, so I reapplied their changes
manually here and did some further improvements on that.
Diffstat (limited to 'examples/dns_spoofing.py')
| -rw-r--r-- | examples/dns_spoofing.py | 49 |
1 files changed, 0 insertions, 49 deletions
diff --git a/examples/dns_spoofing.py b/examples/dns_spoofing.py deleted file mode 100644 index c020047f..00000000 --- a/examples/dns_spoofing.py +++ /dev/null @@ -1,49 +0,0 @@ -""" -This inline scripts makes it possible to use mitmproxy in scenarios where IP spoofing has been used to redirect -connections to mitmproxy. The way this works is that we rely on either the TLS Server Name Indication (SNI) or the -Host header of the HTTP request. -Of course, this is not foolproof - if an HTTPS connection comes without SNI, we don't -know the actual target and cannot construct a certificate that looks valid. -Similarly, if there's no Host header or a spoofed Host header, we're out of luck as well. -Using transparent mode is the better option most of the time. - -Usage: - mitmproxy - -p 443 - -s dns_spoofing.py - # Used as the target location if neither SNI nor host header are present. - -R http://example.com/ - mitmdump - -p 80 - -R http://localhost:443/ - - (Setting up a single proxy instance and using iptables to redirect to it - works as well) -""" -import re - -# This regex extracts splits the host header into host and port. -# Handles the edge case of IPv6 addresses containing colons. -# https://bugzilla.mozilla.org/show_bug.cgi?id=45891 -parse_host_header = re.compile(r"^(?P<host>[^:]+|\[.+\])(?::(?P<port>\d+))?$") - - -def request(flow): - if flow.client_conn.ssl_established: - flow.request.scheme = "https" - sni = flow.client_conn.connection.get_servername() - port = 443 - else: - flow.request.scheme = "http" - sni = None - port = 80 - - host_header = flow.request.pretty_host - m = parse_host_header.match(host_header) - if m: - host_header = m.group("host").strip("[]") - if m.group("port"): - port = int(m.group("port")) - - flow.request.host = sni or host_header - flow.request.port = port |