14

I can easily use Netcat (or, Socat) to capture traffic between my browser and a specific host:port.

But for Linux, does there exist any command-line counterpart of a Squid-like HTTP proxy that I can use to capture traffic between my HTTP client (either browser or command-line program) and any arbitrary host:port?

Improve this question
1

3 Answers 3

Reset to default
11

Both Perl and Python (and probably Ruby as well) have simple kits that you can use to quickly build simple HTTP proxies.

In Perl, use HTTP::Proxy. Here's the 3-line example from the documentation. Add filters to filter, log or rewrite requests or responses; see the documentation for examples.

use HTTP::Proxy;
my $proxy = HTTP::Proxy->new( port => 3128 );
$proxy->start;

In Python, use SimpleHTTPServer. Here's some sample code lightly adapted from effbot. Adapt the do_GET method (or others) to filter, log or rewrite requests or responses.

import SocketServer
import SimpleHTTPServer
import urllib
class Proxy(SimpleHTTPServer.SimpleHTTPRequestHandler):
    def do_GET(self):
        self.copyfile(urllib.urlopen(self.path), self.wfile)
httpd = SocketServer.ForkingTCPServer(('', 3128), Proxy)
httpd.serve_forever()
Improve this answer
3
7

This may not be the best solution, but if you use any proxy then it will have a specific host:port so the netcat solution with still work, albeit you'll have to pick apart the proxy meta-data to make sense of it.

The easiest way to do this might be to use any random anonymization proxy out there and just channel all the traffic through netcat. (I.e., set your browser proxy to localhost:port and then forward the data to the real proxy.)

If you want to have a local proxy then a SOCKS5 proxy with ssh -D <port> localhost is probably your easiest option. Obviously, you need to tell your browser to use a "socks" proxy rather than an "http" proxy.

So, something like this (assuming your local machine accepts incoming ssh connections):

ssh -fN -D 8000 localhost
nc -l 8080 | tee capturefile | nc localhost 8000

Naturally, that'll only work for one browser connection attempt, and then exit, and I have not attempted to forward the return data to the browser, so you'll need your full netcat solution.

Improve this answer
5
  • Thanks. Do you have any name suggestions for anonymization proxies for Linux? I would prefer ones that are not as heavyweight as Squid (in terms of size, memory, startup speed), are startable by a non-root user, etc. Commented May 17, 2012 at 14:52
  • Also, I didn't follow your SOCKS5 proxy example. Could you please explain what is going on with the 2 invocations above? I, e.g. know that ssh -fN -D ... starts a SOCKS5 proxy on localhost port 8000, but what does nc -l ... do? And, to which port should I make my browser point to: 8000 or 8080? Commented May 17, 2012 at 15:37
  • 2
    @harry for an anomyzation proxy have a look at privoxy Commented May 17, 2012 at 17:17
  • 1
    When I say "anonymization proxy" I don't mean something you set up yourself: I mean an existing proxy out there on the net. @UlrichDangel suggests privoxy and I'm sure there are others too. Commented May 18, 2012 at 8:04
  • The nc commands accept all traffic from port 8080 and forward it to 8000. I did not provide a full netcat solution because your post suggested you already knew how to do that part. Commented May 18, 2012 at 8:06
2

https://mitmproxy.org/

An example:

mitmdump  --ssl-insecure --mode reverse:google.com
Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.