JZTXT

mitm命令和脚本

发布时间 2023-04-18 18:38:40作者: 挖洞404

1、介绍

在命令窗口中,输入命令可以获得帮助。

常用的一些命令整理:

-h, --help 查看帮助信息
--version 查看版本新
-q, --quiet 退出
-v, --verbose 增加日志详情
--scripts script, -s script 这里的script是.py文件

mitmweb:
  --no-web-open-browser
  --web-open-browser    Start a browser.
  --web-port PORT       Web UI port.
  --web-host HOST       Web UI host.

  Proxy Options:
  --listen-host HOST  
  --listen-port PORT, -p PORT

2、脚本

import os
import time

import mitmproxy.http

"""
本模块用于监听浏览器,并存储报文到日志中
"""


class Counter:
    def __init__(self):
        self.id = 1
        if not os.path.exists(os.path.abspath("") + "\\log"):
            os.mkdir(os.path.abspath("") + "\\log")
        t = time.strftime("%Y%m%d-%H%M%S")
        self.message_log = os.path.abspath("") + "\\log\\" + t + ".log"
        self.err_log = os.path.abspath("") + "\\log\\" + t + "_err.log"
        f = open(self.message_log, mode="w+", encoding="utf-8")
        f.close()

    def response(self, flow):
        flow: mitmproxy.http.HTTPFlow
        sep = "======================================================\n"
        # 信息行
        s = sep + time.strftime("%Y%m%d-%H:%M:%S") + "  " + flow.request.scheme + "  " + "-1" + "  " + \
            str(self.id) + "\n"
        # 请求报文
        s = s + sep + flow.request.method + " " + flow.request.path + " " + flow.request.http_version
        for name, value in flow.request.headers.items():
            s = s + "\n" + str(name) + ": " + str(value)
        s = s + "\n\n"
        try:
            if flow.request.content:
                text = flow.request.content.decode("utf-8")
                s = s + text
        except Exception as e:
            s = s + "体部是非文本,或者非utf-8编码"
            print(e)
            f = open(self.err_log, mode="a+", encoding="utf-8")
            f.write(str(time.strftime("%H:%M:%S")) + "  " + str(self.id) + "  " + "request" + "\n" + str(e) + "\n")
            f.close()
        s = s + "\n"
        # 响应报文
        flow.response: mitmproxy.http.Response
        s = s + sep + flow.response.http_version + " " + str(flow.response.status_code) + " " + flow.response.reason
        for name, value in flow.response.headers.items():
            s = s + "\n" + str(name) + ": " + str(value)
        s = s + "\n\n"
        try:
            if flow.response.content:
                text = flow.response.content.decode("utf-8")
                s = s + text
        except Exception as e:
            s = s + "体部是非文本,或者非utf-8编码"
            print(e)
            f = open(self.err_log, mode="a+", encoding="utf-8")
            f.write(str(time.strftime("%H:%M:%S")) + "  " + str(self.id) + "  " + "response" + "\n" + str(e) + "\n")
            f.close()
        s = s + "\n"
        # 结尾
        s = s + sep + "\n\n\n"

        f = open(self.message_log,  mode="a+", encoding="utf-8")
        f.write(s)
        f.close()
        self.id = self.id + 1


addons = [
    Counter()
]