Hello, I’m Yue Chuang.

This chapter explains how to operate Mitmproxy in Linux.

1. Start Mitmproxy in Linux

Let me first talk about how to start Mitmproxy in the Linux operating system. We can directly enter Mitmproxy in the command line to start it.

By default, Mitmproxy listens on port 8080. That is to say: our browser and mobile phone should also set the proxy to port 8080. The operation is shown in figure 1:

Let’s take a look at our current Linux IP address and enter the following command line (Figure 2) :

ifconfig
Copy the code

So, my Linux IP address is 192.168.220.130, so let’s open Up Our Chrome browser and do the same thing we did with Fiddler: SwitchyOmega, here I still play the GIF, students can see the GIF (Figure 3) :

Do you remember the first thing we did when we set up Fiddler?

We have installed a certificate for it. If you do not install the certificate, you will not be able to access HTTPS website. Here I will visit my website as a test: www.aiyc.top/ We can verify (Linux starts Mitmproxy) the operation is as follows (Figure 4) :

From the above operation, we can not access the network, the browser shows you: your connection is not private connection “, that means: our current network (traffic) is through mitmProxy, but not decrypted.

So what’s next?

So this is why we need to configure the certificate. Next, we will install the certificate of MitmProxy. We will enter your mitm.it in the browser address as follows (Figure 5) :

You also need to run mitmProxy on Linux. Here, I will repeat the operation of mitmProxy. Students did not close mitmProxy when learning by themselves, and the reason I repeat here is to avoid some students who forget to open mitmProxy and cannot operate it. Then come to me.

After entering the page, this page is the page for us to install the certificate. We can install the corresponding certificate according to the actual platform, as shown in the following figure (Figure 6) :

If you cannot access the page, turn off the Linux firewall:

  1. CentOS 7.0 uses the firewall by default

  2. Check the firewall status: firewall-cmd –state

  3. Stop the firewall: systemctl stop firewalld.service

  4. Disable firewall startup: systemctl disable firewalld.service

  5. CentOS 7 Run the iptables command of the following versions

  6. To open ports 80,22,8080, enter the following command

/sbin/iptables -I INPUT -p tcp --dport 80 -j ACCEPT
/sbin/iptables -I INPUT -p tcp --dport 22 -j ACCEPT
/sbin/iptables -I INPUT -p tcp --dport 8080 -j ACCEPT
Copy the code

More information can be found at www.aiyc.top/archives/47…

Because I will download the certificate of Windows platform here, and you can download the corresponding certificate of other platforms. So, if I click on the Windows browser here, it will automatically start downloading and then click Install, as shown in the following GIF (Figure 7) :

So we have successfully imported, so that our browser can access HTTPS sites, and our mitmProxy can parse HTTPS sites.

We accessed the link between us: www.aiyc.top/, but the following results were displayed (Figure 8) :

Because we just finished importing the certificate, the browser has not taken effect at this time. I need to restart our browser and then open it again.

After re-opening, we visit the link: www.aiyc.top/, and the interface appears as follows (Figure 9) :

If we have successfully visited my website, we can look at the interface of MitmProxy. We can see that Flows, our data flow, is in the upper left corner after mitmProxy is started. (FIG. 10)

I can use the up and down keys to move the little arrow in the image above. For example, now nine moves to the get request to “www.aiyc.top”. We can hit Enter so that we can see some details about the flow, as shown in figure 11:

Here, in order to demonstrate more comprehensively, we request again: www.baidu.com/ (FIG. 12) :

So how do we go to response?

Directly select the mouse, Tab key, and left and right key of the keyboard. Response is actually the message returned to us by Baidu server, which also contains HTML Body information, as shown in the following GIF (FIG. 13) :

And then we can hit Tab again, and we can get to the detail, which is the summary of this stream. (Sheet 14)

So how do we get out?

Very simple, in the mitmProxy interface, we press ESC and then Q to exit. This brings us back to the current capture screen, where we can see the request mode with the link in front of each stream and the status code of the request.

Above, is a simple introduction of MITmProxy, more detailed introduction will be introduced for you later.

Start mitmProxy on Linux There are three components of MitmProxy installed just now, one of which is that mitmProxy cannot run in Windows operating system, but can run in Linux operating system. And then there’s mitmdump and mitmWeb which I’m going to show you on Windows.