Fuhui

mitmproxy使用


介绍一款非常好用的抓包工具,官网地址:https://www.mitmproxy.org。实际上,在调试苹果IAP支付时,始终没有抓成功过,反而因为设置了代理,导致苹果沙盒用户无法成功支付。它名字的全拼是Man-in-the-middle-proxy,代表中间人攻击。

常用的快捷键

  1. 在列表界面,按回车进入详情界面
  2. 在详情界面,按q返回列表界面
  3. 在详情界面,按tab键在Request,Response,Detail三个tab之间切换。按jk可以滚动查看详情.
  4. 在列表界面,按G跳到最新一个请求
  5. 在列表界面,按g跳到第一个请求
  6. 在列表界面,按d删除当前选中的请求,按D恢复刚才删除的请求
  7. 在列表界面,按z清空请求列表

常用的过滤表达式

列表界面,按f进入过滤模式。详细的过滤表达式,可以查看:Filter expressions

  1. ~h regex Header
  2. ~u regex URL
  3. ~m regex Method

原理

  1. Subject Alternative Name:is an extension to X.509 that allows various values to be associated with a security certificate using a subjectAltName field. These values are called Subject Alternative Names (SANs). Names include
  2. Server Name Indication: is an extension to the TLS computer networking protocol by which a client indicates which hostname it is attempting to connect to at the start of the handshaking process. This allows a server to present multiple certificates on the same IP address and TCP port number and hence allows multiple secure (HTTPS) websites (or any other service over TLS) to be served by the same IP address without requiring all those sites to use the same certificate.