Merge pull request #1948 from amm0nite/fix_dns_spoofing_example

Fix for dns_spoofing.py example
2026-04-27 19:15:33 +08:00 · 2017-02-01 15:25:51 +01:00
parent cf991ba4e2 9e3f06b7f2
commit 212d9f1b98
2 changed files with 52 additions and 17 deletions
--- a/examples/complex/dns_spoofing.py
+++ b/examples/complex/dns_spoofing.py
@@ -28,22 +28,35 @@ import re
 parse_host_header = re.compile(r"^(?P<host>[^:]+|\[.+\])(?::(?P<port>\d+))?$")


-def request(flow):
-    if flow.client_conn.ssl_established:
-        flow.request.scheme = "https"
-        sni = flow.client_conn.connection.get_servername()
-        port = 443
-    else:
-        flow.request.scheme = "http"
-        sni = None
-        port = 80
+class Rerouter:
+    def requestheaders(self, flow):
+        """
+        The original host header is retrieved early
+        before flow.request is replaced by mitmproxy new outgoing request
+        """
+        flow.metadata["original_host"] = flow.request.headers["Host"]

-    host_header = flow.request.pretty_host
-    m = parse_host_header.match(host_header)
-    if m:
-        host_header = m.group("host").strip("[]")
-        if m.group("port"):
-            port = int(m.group("port"))
+    def request(self, flow):
+        if flow.client_conn.ssl_established:
+            flow.request.scheme = "https"
+            sni = flow.client_conn.connection.get_servername()
+            port = 443
+        else:
+            flow.request.scheme = "http"
+            sni = None
+            port = 80

-    flow.request.host = sni or host_header
-    flow.request.port = port
+        host_header = flow.metadata["original_host"]
+        m = parse_host_header.match(host_header)
+        if m:
+            host_header = m.group("host").strip("[]")
+            if m.group("port"):
+                port = int(m.group("port"))
+
+        flow.request.headers["Host"] = host_header
+        flow.request.host = sni or host_header
+        flow.request.port = port
+
+
+def start():
+    return Rerouter()
--- a/test/mitmproxy/test_examples.py
+++ b/test/mitmproxy/test_examples.py
@@ -103,6 +103,28 @@ class TestScripts(mastertest.MasterTest):
        m.request(f)
        assert f.response.content == b"Hello World"

+    def test_dns_spoofing(self):
+        m, sc = tscript("complex/dns_spoofing.py")
+        original_host = "example.com"
+
+        host_header = Headers(host=original_host)
+        f = tflow.tflow(req=tutils.treq(headers=host_header, port=80))
+
+        m.requestheaders(f)
+
+        # Rewrite by reverse proxy mode
+        f.request.scheme = "https"
+        f.request.host = "mitmproxy.org"
+        f.request.port = 443
+
+        m.request(f)
+
+        assert f.request.scheme == "http"
+        assert f.request.host == original_host
+        assert f.request.port == 80
+
+        assert f.request.headers["Host"] == original_host
+

 class TestHARDump: