Intercept HTTPS traffic on non-standard port #5927
Replies: 3 comments
-
Transparent mode on Windows seem to only capture traffic through port 80 and 443 (hardcoded), so I made a quick patch to |
Beta Was this translation helpful? Give feedback.
-
Well nevermind me, that quick patch is enough, it just behaves a bit weirdly with What I did instead was to listen for TLS ClientHello and ignore anything that is not using port 5000: def tls_clienthello(data: mitmproxy.tls.ClientHelloData):
if not data.context.server.address[1] == 5000:
data.ignore_connection = True
return With this (over the |
Beta Was this translation helpful? Give feedback.
-
tl;dr, use local mode, see the last paragraph I had the same issue and since @FabulousCupcake deleted their fork I couldn't see their "quick patch". But I assume it had something to do with these lines: mitmproxy/mitmproxy/platform/windows.py Lines 424 to 429 in f05c050 I first tried changing line 424 to My next idea was wireguard mode, but I wanted to do everything on one machine, so I wasn't sure that would work. And I wanted to use it for just one app. I read somewhere that WireSock (WireGuard client for Windows) supports "selective application tunneling". But instead of trying that I decided to read the warning you get when running mitmproxy in transparent mode on Windows. It mentions "local redirect mode". I couldn't see anything about that mode in help message, but it wasn't hard to find a page that explains how it works. So if you're on Windows or Mac (you can track issue #6531 for progress on Linux support) save yourself a trouble and use |
Beta Was this translation helpful? Give feedback.
-
Hello!
I am running mitmproxy on transparent mode in Windows and I noticed there are some traffic from the client that I am observing that uses port 5000 to talk to the server. Upon closer look, it seems to just be a standard https traffic.
How do I go about to capture this and process it as it were a standard https traffic through port 443?
Beta Was this translation helpful? Give feedback.
All reactions