From a55eba3b379fc8e0d3377510fcc5aaa5c16da129 Mon Sep 17 00:00:00 2001 From: Ammonite Date: Fri, 20 Jan 2017 23:43:53 +0100 Subject: Get the the original header in requestheaders instead of request --- examples/complex/dns_spoofing.py | 47 ++++++++++++++++++++++++---------------- 1 file changed, 28 insertions(+), 19 deletions(-) (limited to 'examples/complex/dns_spoofing.py') diff --git a/examples/complex/dns_spoofing.py b/examples/complex/dns_spoofing.py index c020047f..b814e178 100644 --- a/examples/complex/dns_spoofing.py +++ b/examples/complex/dns_spoofing.py @@ -27,23 +27,32 @@ import re # https://bugzilla.mozilla.org/show_bug.cgi?id=45891 parse_host_header = re.compile(r"^(?P[^:]+|\[.+\])(?::(?P\d+))?$") +class DnsSpoofing: + def __init__(self): + self.hostHeader = None -def request(flow): - if flow.client_conn.ssl_established: - flow.request.scheme = "https" - sni = flow.client_conn.connection.get_servername() - port = 443 - else: - flow.request.scheme = "http" - sni = None - port = 80 - - host_header = flow.request.pretty_host - m = parse_host_header.match(host_header) - if m: - host_header = m.group("host").strip("[]") - if m.group("port"): - port = int(m.group("port")) - - flow.request.host = sni or host_header - flow.request.port = port + def requestheaders(self, flow): + self.hostHeader = flow.request.headers.get('host') + + def request(self, flow): + if flow.client_conn.ssl_established: + flow.request.scheme = "https" + sni = flow.client_conn.connection.get_servername() + port = 443 + else: + flow.request.scheme = "http" + sni = None + port = 80 + + host_header = self.hostHeader + m = parse_host_header.match(host_header) + if m: + host_header = m.group("host").strip("[]") + if m.group("port"): + port = int(m.group("port")) + + flow.request.host = sni or host_header + flow.request.port = port + +def start(): + return DnsSpoofing() -- cgit v1.2.3 From 8aa250d679a0e03546001295ee2e30fcb82516aa Mon Sep 17 00:00:00 2001 From: Ammonite Date: Fri, 20 Jan 2017 23:48:26 +0100 Subject: Change class name --- examples/complex/dns_spoofing.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'examples/complex/dns_spoofing.py') diff --git a/examples/complex/dns_spoofing.py b/examples/complex/dns_spoofing.py index b814e178..5a1b95d3 100644 --- a/examples/complex/dns_spoofing.py +++ b/examples/complex/dns_spoofing.py @@ -27,7 +27,7 @@ import re # https://bugzilla.mozilla.org/show_bug.cgi?id=45891 parse_host_header = re.compile(r"^(?P[^:]+|\[.+\])(?::(?P\d+))?$") -class DnsSpoofing: +class Rerouter: def __init__(self): self.hostHeader = None @@ -55,4 +55,4 @@ class DnsSpoofing: flow.request.port = port def start(): - return DnsSpoofing() + return Rerouter() -- cgit v1.2.3 From 93172460aa1d2f69aff1498ff399a286aedc6fc0 Mon Sep 17 00:00:00 2001 From: Ammonite Date: Sat, 21 Jan 2017 09:39:34 +0100 Subject: Add blank lines for lint --- examples/complex/dns_spoofing.py | 2 ++ 1 file changed, 2 insertions(+) (limited to 'examples/complex/dns_spoofing.py') diff --git a/examples/complex/dns_spoofing.py b/examples/complex/dns_spoofing.py index 5a1b95d3..eae4860b 100644 --- a/examples/complex/dns_spoofing.py +++ b/examples/complex/dns_spoofing.py @@ -27,6 +27,7 @@ import re # https://bugzilla.mozilla.org/show_bug.cgi?id=45891 parse_host_header = re.compile(r"^(?P[^:]+|\[.+\])(?::(?P\d+))?$") + class Rerouter: def __init__(self): self.hostHeader = None @@ -54,5 +55,6 @@ class Rerouter: flow.request.host = sni or host_header flow.request.port = port + def start(): return Rerouter() -- cgit v1.2.3 From e8fc4af4c62cc6daddea182b01ca0fd093b159c7 Mon Sep 17 00:00:00 2001 From: Ammonite Date: Sun, 22 Jan 2017 14:59:46 +0100 Subject: Follow PEP-8 and add comment --- examples/complex/dns_spoofing.py | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) (limited to 'examples/complex/dns_spoofing.py') diff --git a/examples/complex/dns_spoofing.py b/examples/complex/dns_spoofing.py index eae4860b..c93930f3 100644 --- a/examples/complex/dns_spoofing.py +++ b/examples/complex/dns_spoofing.py @@ -30,10 +30,14 @@ parse_host_header = re.compile(r"^(?P[^:]+|\[.+\])(?::(?P\d+))?$") class Rerouter: def __init__(self): - self.hostHeader = None + self.host_header = None def requestheaders(self, flow): - self.hostHeader = flow.request.headers.get('host') + """ + The original host header is retrieved early + before flow.request is replaced by mitmproxy new outgoing request + """ + self.host_header = flow.request.headers.get('host') def request(self, flow): if flow.client_conn.ssl_established: @@ -45,14 +49,13 @@ class Rerouter: sni = None port = 80 - host_header = self.hostHeader - m = parse_host_header.match(host_header) + m = parse_host_header.match(self.host_header) if m: host_header = m.group("host").strip("[]") if m.group("port"): port = int(m.group("port")) - flow.request.host = sni or host_header + flow.request.host = sni or self.host_header flow.request.port = port -- cgit v1.2.3 From 0ca1916f1bb8728af3289f5fe975951af97f4ffa Mon Sep 17 00:00:00 2001 From: Ammonite Date: Sun, 22 Jan 2017 15:28:14 +0100 Subject: Fix host extraction --- examples/complex/dns_spoofing.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'examples/complex/dns_spoofing.py') diff --git a/examples/complex/dns_spoofing.py b/examples/complex/dns_spoofing.py index c93930f3..1d703537 100644 --- a/examples/complex/dns_spoofing.py +++ b/examples/complex/dns_spoofing.py @@ -51,7 +51,7 @@ class Rerouter: m = parse_host_header.match(self.host_header) if m: - host_header = m.group("host").strip("[]") + self.host_header = m.group("host").strip("[]") if m.group("port"): port = int(m.group("port")) -- cgit v1.2.3 From c2c6050df398ecb922cf040ea7c5c3ab8cdeac03 Mon Sep 17 00:00:00 2001 From: Ammonite Date: Sun, 29 Jan 2017 14:33:53 +0100 Subject: Store original host in flow metadata --- examples/complex/dns_spoofing.py | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) (limited to 'examples/complex/dns_spoofing.py') diff --git a/examples/complex/dns_spoofing.py b/examples/complex/dns_spoofing.py index 1d703537..5e6cf978 100644 --- a/examples/complex/dns_spoofing.py +++ b/examples/complex/dns_spoofing.py @@ -29,15 +29,12 @@ parse_host_header = re.compile(r"^(?P[^:]+|\[.+\])(?::(?P\d+))?$") class Rerouter: - def __init__(self): - self.host_header = None - def requestheaders(self, flow): """ The original host header is retrieved early before flow.request is replaced by mitmproxy new outgoing request """ - self.host_header = flow.request.headers.get('host') + flow.metadata["original_host"] = flow.request.headers["Host"] def request(self, flow): if flow.client_conn.ssl_established: @@ -49,13 +46,14 @@ class Rerouter: sni = None port = 80 - m = parse_host_header.match(self.host_header) + host_header = flow.metadata["original_host"] + m = parse_host_header.match(host_header) if m: - self.host_header = m.group("host").strip("[]") + host_header = m.group("host").strip("[]") if m.group("port"): port = int(m.group("port")) - flow.request.host = sni or self.host_header + flow.request.host = sni or host_header flow.request.port = port -- cgit v1.2.3 From aaff9dfd32ec32e98000b66c4ee9f3e328ab0c91 Mon Sep 17 00:00:00 2001 From: Ammonite Date: Mon, 30 Jan 2017 23:41:47 +0100 Subject: Reset the host header to the correct destination --- examples/complex/dns_spoofing.py | 1 + 1 file changed, 1 insertion(+) (limited to 'examples/complex/dns_spoofing.py') diff --git a/examples/complex/dns_spoofing.py b/examples/complex/dns_spoofing.py index 5e6cf978..1fb59f74 100644 --- a/examples/complex/dns_spoofing.py +++ b/examples/complex/dns_spoofing.py @@ -53,6 +53,7 @@ class Rerouter: if m.group("port"): port = int(m.group("port")) + flow.request.headers["Host"] = host_header flow.request.host = sni or host_header flow.request.port = port -- cgit v1.2.3