Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

reverse proxy with multiple hosts as destination #486

Closed
chaserhkj opened this issue Feb 25, 2015 · 5 comments
Closed

reverse proxy with multiple hosts as destination #486

chaserhkj opened this issue Feb 25, 2015 · 5 comments
Labels
kind/question

Comments

@chaserhkj
Copy link

Hi, there

I wonder if mitmproxy could be used as a reverse proxy that accepts multiple destination which routes the request according to the host: header of the request.

That is to say, it acts, like this:

  1. mitmproxy listen on 80 port on the proxy machine
  2. on the client machine, use some technique to let it point some domains (take www.a.com and www.b.com for examples) to the proxy machine (such as modifying hosts file or dns hijacking).
  3. requests are made to the proxy machine, and mitmproxy uses host: header to determine the destination.
    • requests with header host: www.a.com will be routed to http://www.a.com
    • requests with header host: www.b.com will be routed to http://www.b.com
  4. mitmproxy could do interception on all requests

It's quite like setting up an apache httpd on virtualhost with server www.a.com and on virtualhost with server www.b.com, both of which virtualhosts are configured with proper reverse proxy settings.

I know that as the cert is delivered during the initialization of TLS connection, before any headers are transmitted, so it may cause cert issues while the cert hostname does not match with url hostname in https proxies. But let's assume that this will be used in http proxies or a wildcard cert would be used to match the hostnames.

Is it possible to do this in the mitmproxy framework by some already implemented feature, writing inline scripts or using libmitmproxy?

Thanks,
Happy Hacking!
mhils added a commit that referenced this issue Feb 27, 2015
@mhils
add example inline script for dns spoofing, refs #486
595bde2
@mhils
Copy link
Member

mhils commented Feb 27, 2015

Hi @chaserhkj,

this closely resembles the use case where someone is doing a DNS spoofing attack. In general, using transparent mode is the better option but I realize that this may not always be possible.
I just added an inline script to our examples that does exactly what you were specifying. There are two major limitations:

  1. If there is SSL and the client doesn't send a Server Name Indication, it will probably fail. If there is no Host header, HTTP redirection won't work.
  2. Getting this running on a single machine is tricky, as mitmproxy will resolve the IP to localhost as well.

Let me know how it works for you!

Cheers,
Max

@mhils mhils closed this as completed Feb 27, 2015
@chaserhkj
Copy link
Author

This is exactly what I want, the script works like a charm.

Thanks a lot !

Happy Hacking!

@felipekunzler
Copy link

Hi @mhils, is this still supported as of today? Was looking for something similar, but couldn't find the example.
Thanks!

@amm0nite
Copy link
Contributor

Hi @felipekunzler ,
It works with the latest release 4.0.4 and the example is the file mitmproxy/examples/complex/dns_spoofing.py.

@felipekunzler
Copy link

Perfect! Thanks.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@mhils @amm0nite @chaserhkj @felipekunzler