Can someone tell me if the following scenario is possible using mitmproxy?
I have a LAN with a few devices on it and a dnsmasq running on the gateway to provide DHCP and DNS services. This dnsmasq is configured with a large domains list to perform ad blocking (by returning NXDOMAIN or an invalid ip address).
I want to take things a step further and instead of blocking the traffic, I want to redirect it to a small web server running on the same gateway, which will log the requests and return dummy data, like 1x1 px gif/png for images, empty html/js, etc. For this, I’ll configure dnsmasq to return a specific IP address for all blocked domains (e.g. 1.2.3.4) and use iptables to redirect the traffic received from the LAN to 1.2.3.4, to my web server.
The problem will be the HTTPS traffic, as my web server isn’t capable of spoofing SSL certificates for the requested hosts.
So, would it be possible to redirect traffic to mitmproxy, spoof the certificate from the real host and then forward the connection to my web server (via HTTP) instead ?
Yes, it spoofs the certificates for the real host, but it also forwards the connection to that host. I need it forwarded to a different server (other than the client requested).
For example, the regular usage scenario is:
client makes a request to https://example.com
mitmproxy intercepts the request and fetches certificate from example.com
mitmproxy creates a fake cert for “example.com” and gives it to the client
mitmproxy connects to https://example.com and sends requests on behalf of the client
For my use case, I need step 4 to be:
mitmproxy connects to a local server (e.g. localhost:10000) and sends requests on behalf of the client
from mitmproxy import http
def request(flow: http.HTTPFlow):
# redirect to different host
if flow.request.pretty_host == "example.com":
flow.request.host = "mitmproxy.org"