Troubleshooting HTTPS connections with mitmproxy

Programming Snapshot – mitmproxy

© Lead Image © sergwsq and robert hyrons, 123RF.com

© Lead Image © sergwsq and robert hyrons, 123RF.com

Article from Issue 224/2019
Author(s):

Finding the data zipping back and forth between the browser and server is not only interesting for snooping spies, but also for debugging developers. Mike Schilli gets you started with mitmproxy and shows how to customize it using Python scripts.

If things just don't work when you are developing a web application, the question immediately arises as to what data the browser and web server are actually exchanging. Tools for snooping on the network such as Wireshark (as well as proxies that sit between the client and the server) leave both requests and responses untouched, while logging them for inspection.

mitmproxy, which stands for man in the middle (MITM) proxy, is the king of the hill in this category; it makes the impossible possible by logging encrypted HTTPS requests. But first, let's look at the simplest, unencrypted case, for which my aging website perlmeister.com that still uses plain old unencrypted HTTP is a great choice.

Figure 1 shows how the browser retrieves the requested page's HTML text, along with some images and JavaScript snippets from the server. The mitmproxy tool, which is available for download as binary from [1], sports a terminal user interface (UI), which displays a double arrow to the left of the current request, called Flow in mitmproxy parlance. When you press the Enter key, the detailed request data come up, as shown in Figure 2.

[...]

Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
Print Issues
Digital Issues
 
SUBSCRIPTIONS
Print Subs
Digisubs
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Privoxy

    Add-on ad blockers can help mitigate the degradation of your browsing experience, but sometimes you need to bring stronger weapons. A filtering web proxy can scrub web traffic to eliminate unwanted ads and scripts.

    more »
  • Nginx

    The fast and practical Nginx web server is easy to configure and extend.

    more »
  • Socks 5

    Socks is a universal proxy protocol for TCP and UDP that allows internal hosts to securely pass the firewall and authenticates users. This article describes the latest version of the Socks proxy protocol and shows how to implement it.

    more »
  • HTTPS Proxy

    How do you monitor the network when your client systems are connecting to secure web servers through HTTPS? We’ll show you how to keep watch using the Squid proxy server and share some inventive certificate tricks.

    more »
  • ProxyChains

    If you want to stay anonymous on the web, you don't need the Tor browser or a Tor-based distro like Tails. ProxyChains obscures your presence through proxies – with or without Tor on the back end.

    more »
comments powered by Disqus