mitmproxy - filtering by domain? - mitmproxy

I am using mitmproxy for inspecting traffic for my app.
And want to see only traffic for my server.
How can I see only traffic for domain *.some_domain.com?

For mitmproxy
mitmproxy --view-filter "~d .*\.some_domain\.com"
For mitmdump
mitmdump "~d .*\.some_domain\.com"

Related

mitmproxy as a reverse proxy - force SSL?

Say you have some toy project that should get SSL support. Simply set up mitmproxy as a reverse proxy on port 443 and you’re done (mitmdump -p 443 --mode reverse:http://localhost:80/). Mitmproxy auto-detects TLS traffic and intercepts it dynamically.
https://docs.mitmproxy.org/stable/concepts-modes/
Can you have mitmdump enforce SSL? Or verify that the client really uses SSL?
You can write a mitmproxy addon that checks just that:
from mitmproxy import http
def request(flow):
if not flow.client_conn.tls_established:
flow.request.response = http.HTTPResponse.make(400)

All traffic forwarding using SSH tunnel in FreeBSD

I connect to my remote VPS like that:
ssh -f -C2qTnN -D 1080 username#xxx.xxx.xxx.xxx
Then setup Firefox proxy setting to SOCKS5 and 127.0.0.1:1080. That's work.
Now I try to redirect all traffic from my FreeBSD to localhost:1080, but I have no idea. Can you help?
If you want to redirect all traffic, do not use SOCKS5 proxy, but rather use -w option in ssh, which creates something like VPN connection and its own TUN device, which is more suitable for tunnelling system-wide traffic.
There are many examples on the internet, for example here. But this is really advanced use case.

REST server sampler for JMeter

I need to test a blackbox that outputs a POST request to a REST service.
Intend to use JMeter for this.
So my sampler should be a REST server and listen to post from the tested module.
What's the best way? Any ready-made solutions around? (seems like JMeter's REST sampler can only be a REST client)
Not sure JMeter is the solution you're looking for here. You can always start a JMeter proxy on the black box to catch everything that it sends out, but there's not much beyond that it can do.
If watching traffic is all you're doing, I think it would be simpler to ssh the destination server this black box is transmitting to and run
sudo tcpdump -n dst port 8080 -A
Depending on what port the black box POSTs on, you can just change the above port. You can stream these results to file and run whatever tests you need on these with a more appropriate testing tool/script.

Can Fiddler monitor traffic other than HTTP

I have developed a Client/Server type application. XML data is passed between the client and server. I want to simulate how it would run on a very slow network (i.e. radio # 9.6kps). I understand Fiddler can be used in simulate modem speeds mode. But no matter what I do I cannot configure Fiddler to accept traffic from the client and redirect it to the server. And I have also tried a "reverse proxy" too.
Does Fiddler work with protocols other than HTTP?

Proxy for command line utilities in Win XP

How do I get command line utilities like ping to use the default proxy in Windows XP.
proxycfg -u sets the proxy to the default (IE) proxy alright, but it doesn't seem to be working.
Update: I am behind a proxy and would like a way to check if a site is up or not hence trying to use ping! Also would like a way to telnet (without using Putty) to a specific site and port to check connectivity.
A proxy is usually used for web (HTTP) traffic, ping uses ICMP, which is a completely separate protocol. What, exactly are you trying to do?
So, standard ping doesn't go via an HTTP proxy, as everyone's already mentioned. What you probably want is to tunnel your TCP connections (e.g., HTTP, telnet, ssh) via your HTTP proxy using the CONNECT method. For instance, using netcat (telnet will also work, but netcat's better) you'll do the following:
$ nc yourproxy 3128
CONNECT yourtelnetserver:23 HTTP/1.0
then press enter twice.
There are also tools that can do this for you. Keep in mind that some HTTP proxies are configured to allow CONNECT connections only to certain destinations, for example, to port 443 ony (for TLS/SSL/HTTPS).
Ping doesn't use TCP - it uses ICMP, so using a proxy doesn't really make sense.
Do you have another command line utility in mind?
Your best bet will probably be a command line browser for Windows.
You can try out lynx, which is nearly a full browser, or you can go something simpler and use wget. I would recommend wget myself.
Both programs have some way of configuring a proxy, and the documentation should be the same for both Linux and Windows versions.