The command I run is:
mitmdump -R http://us.yahoo.com -p 80 -s redirect.py
I run it on my computer for experiment. And I set the DNS on my computer:
Then I just visit news.yahoo.com on my computer, and I was getting the result of us.yahoo.com
What I want is I visit it.yahoo.com, mitmproxy give me the result of it.yahoo.com. And when I visit news.yahoo.com, mitmproxy give me the result of news.yahoo.com.
I tried https://github.com/mitmproxy/mitmproxy/blob/master/examples/complex/dns_spoofing.py and found that when I was visiting news.yahoo.com, the script shows that in request flow.request.pretty_host is not news.yahoo.com but us.yahoo.com in the command line.
I tried read the source and found in mitmproxy\protocol\http.py:194
# update host header in reverse proxy mode
if self.config.options.mode == "reverse":
flow.request.headers["Host"] = self.config.upstream_server.address.host.encode()
flow.request.headers["Host"] = self.config.upstream_server.address.host
# set upstream auth
if self.mode == "upstream" and self.config.upstream_auth is not None:
flow.request.headers["Proxy-Authorization"] = self.config.upstream_auth
This means before process_request_hook, the host in header was replace by self.config.upstream_server.address.host which is us.yahoo.com. So I don't think the script dns_spoofing.py will work.
So, could I read the raw header in request stub in scripting? So I can replace the host header correctly. I didn't found a proper way to do this. I'm not sure if flow.client_conn could be used for this.
Thanks very much!