{"id":3128,"date":"2021-05-03T15:41:58","date_gmt":"2021-05-03T13:41:58","guid":{"rendered":"https:\/\/andreas-klingler.de\/infosec\/?p=3128"},"modified":"2023-12-24T12:46:13","modified_gmt":"2023-12-24T11:46:13","slug":"mitmproxy-mitmdump","status":"publish","type":"post","link":"https:\/\/infosec.andreas-klingler.de\/?p=3128","title":{"rendered":"mitmproxy \/ mitmdump"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">mit\u00adm\u00addump is a proxy which can store and mod\u00adi\u00adfy content.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Change content of a third-party site<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Sce\u00adnario:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>You want to manip\u00adu\u00adlate some con\u00adtent from a web\u00adsite $tar\u00adget visits.<\/li><\/ul>\n\n\n\n<ol class=\"wp-block-list\"><li>Per\u00adform ARP-pois\u00aden\u00ading with Bet\u00adter\u00adcap, Etter\u00adcap, the http_hijack.py script or some\u00adhow&nbsp;else.<\/li><li>Start mit\u00adm\u00addump in trans\u00adpar\u00adent mode:<br><code>mitmdump --mode transparent --replace \/~s\/wars\/trek\/<\/code><br>or alter\u00adna\u00adtive\u00adly to read the new con\u00adtent from a file. Note that the sep\u00ada\u00adra\u00adtor char\u00adac\u00adter can be changed.<br><code>mitmdump --mode transparent --replace :~s:wars:@\/tmp\/trekfile:<\/code><\/li><\/ol>\n\n\n\n<p class=\"wp-block-paragraph\">This replaces all strings wars with trek in the respons\u00ades (<code>~s<\/code>) fil\u00adter. <a href=\"https:\/\/docs.mitmproxy.org\/stable\/concepts-filters\/\">See here for all fil\u00adter expres\u00adsions.<\/a> Note that you prob\u00ada\u00adbly want to cre\u00adate a very spe\u00adcif\u00adic fil\u00adter expres\u00adsion to not cre\u00adate side effects or prob\u00adlems with oth\u00ader&nbsp;pages.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Remove <span class=\"caps\">HTTPS<\/span> references<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Add the <code>-s <a href=\"https:\/\/github.com\/phackt\/mitm\/blob\/master\/script\/sslstrip.py\">sslstrip.py<\/a><\/code> com\u00admand and do the same as before in the change con\u00adtent section.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>mit\u00adm\u00addump is a proxy which can store and mod\u00adi\u00adfy con\u00adtent. Change con\u00adtent of a third-par\u00adty site Sce\u00adnario: You want to manip\u00adu\u00adlate some con\u00adtent from a web\u00adsite $tar\u00adget vis\u00adits. Per\u00adform ARP-pois\u00aden\u00ading with Bet\u00adter\u00adcap, Etter\u00adcap, the http_hijack.py script or some\u00adhow&nbsp;else. Start mit\u00adm\u00addump in trans\u00adpar\u00adent mode:mitmdump \u2013mode trans\u00adpar\u00adent \u2013replace \/~s\/wars\/trek\/or alter\u00adna\u00adtive\u00adly to read the new con\u00adtent from&nbsp;a&nbsp;[\u2026]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"wp_typography_post_enhancements_disabled":false,"footnotes":""},"categories":[470,468],"tags":[389,397,398],"class_list":["post-3128","post","type-post","status-publish","format-standard","hentry","category-active-enum","category-general","tag-mitm","tag-mitmdump","tag-mitmproxy"],"_links":{"self":[{"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/posts\/3128","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3128"}],"version-history":[{"count":3,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/posts\/3128\/revisions"}],"predecessor-version":[{"id":3134,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=\/wp\/v2\/posts\/3128\/revisions\/3134"}],"wp:attachment":[{"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3128"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3128"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/infosec.andreas-klingler.de\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3128"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}