Blocking specific HTTPS POST request by payload/endpoint?

victorhooi · October 31, 2019, 12:42am

We have a third party web app served over HTTPS.

There is a specific HTTP POST request that we’d like to block and/or manipulate - but only for certain payloads. We can find this based on a substring in the HTTP payload.

Assuming we can get the certificates setup on all clients, what is the best way to achieve this with mitmproxy?

I saw there’s a scripting (https://docs.mitmproxy.org/master/addons-scripting/) feature but there’s not a lot of examples/explanation on it. Is this the best way? Or is the another feature that works here?

Anybody done something similar?

Thanks,
Victor

mhils · November 4, 2019, 12:22pm

Hi Victor,

You should be able to filter by body payload unless request/response streaming is activated (https://docs.mitmproxy.org/stable/concepts-filters/). Other than that, maybe all you need is https://docs.mitmproxy.org/stable/overview-features/#replacements?

Topic		Replies	Views
Disable https in mitmproxy	0	849	May 25, 2018
Just starting out, have some questions help	4	1862	September 29, 2016
Transparent mode, unable to prevent mitmproxy from contacting upstream server help	0	724	December 21, 2018
Modifying HTTPS response body not working	7	9580	January 21, 2018
HTTP Proxy query	6	2061	June 28, 2017

Blocking specific HTTPS POST request by payload/endpoint?

Related Topics