Monday, May 7, 2012

Python proxy - Custom reply to requests with pattern in headers

I have been doing some research and i needed to reply to certain requests for specific domains in a constant and certain way,What I normally did was use ZAP or fiddler to MitM the requests and reply with my own self modified requests but i quickly got tired of the manual sisyphic work and decided to look for a simple thin and limber proxy i can modify to my own use.

And so i googled and came across this: Simple python http proxy post by Mitko Haralanov, in the post it mentions that it is based on Suzuki Hisao's Tiny HTTP Proxy. ( I hope i didn't miss anyone, they deserve credit).
Anyway, as I was saying, I found this piece of python code and hacked it to deliver specific responses to specific requests.

And then i thought: "Well, I can make this a little bit more generic for others to use"

and so I did :)

Here is the python script:  TinyHTTPProxy.py

And here is the config file: Config.xml

How to use:
(It is extremely simple to use, so just run it and you will figure it out.)
- First: edit the config.xml file (needs to be in the same dir as the .py file), now the only thing i need to say is that the response part of the xml is the response, so you need to place it there with "\r\n" as needed

Example XML:
    <attack lookInRequestForThis="www.google.co.il" replyWithThis="\r\nKAKA\r\n"/>

What this means is that the proxy will look for the "www.google.co.il" string in all of the requests headers (if it appears more than once than the first occurrence will be identified), once found the proxy will reply with the response given in the "replyWithThis" attribute.

After you configured the XML, you can run the proxy with the command line below as an example, but note, for performance reasons the XML will load when the proxy starts and not per request so if you want to change the data on the fly you will need to stop+start the proxy.

command line to run it:
                 python TinyHTTPProxy.py -l proxy.log -i 10.0.0.1 -p 2222


Enjoy :)

1 comment:

  1. This comment has been removed by a blog administrator.

    ReplyDelete