mitmproxy无界面抓包软件的安装与使用

1，原理，和Fiddler一样，先自己搭一个服务器，开启端口
windows或手机开启代理，流量通过mitmproxy，截获数据

2，安装(用python默认的下载源可以)

cmd输入：pip install mitmproxy==5.0.1
提示：ERROR: mitmproxy 5.3.0 requires kaitaistruct<0.10,>=0.7, which is not installed.
可以先卸载pip uninstall mitmproxy
然后pip install mitmproxy kaitaistruct==0.7
pip install mitmproxy==5.0.1

3，使用
windows在小娜处输入：网络代理设置
地址框输入：http=127.0.0.1:8889;https=127.0.0.1:8889 端口框不输入

cmd输入：mitmdump -s mit.py -p 8889 --ssl-insecure

打开http://mitm.it/安装证书

mit.py代码如下：

import json

def response(flow):
    if 'wechat.zhifeishengwu.com/wx/HandlerSubscribe.ashx?act=User' in flow.request.url:
        with open("1.txt","a",encoding='UTF-8') as f:
            print(flow.request.headers)
            print(flow.request.headers['Cookie'])
            print(json.loads(flow.response.text))
            f.write("\n")

这里使用python自带写文件功能，当然你也可以使用管道

mitmdump -s mit.py -p 8889 --ssl-insecure | python extract.py

教程自己去看：《Python爬虫开发：从入门到实战（微课版）》谢乾坤

4，错误解决：

Certificate verification error for watson.telemetry.microsoft.com: unable to get local issuer certificate (errno: 20, depth: 1)

--ssl-insecure 解决


Cannot establish TLS with client (sni: wechat.zhifeishengwu.com): TlsException("(-1, 'Unexpected EOF')",)

打开http://mitm.it/安装证书

下面是测试抓微信读书的使用代码

import json
import time

def getCurrentStrTime():
    return time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(time.time()))

def response(flow):
    # if 'https://question-zh.hortor.net/question/bat/findQuiz' in flow.request.url:
    #     print(json.loads(flow.request.content))
    #
    # if 'https://question-zh.hortor.net/question/bat/choose' in flow.request.url:
    #     print(json.loads(flow.request.content))



    if 'weread' in flow.request.url:
        print(flow.response.headers)
        print(flow.request.content)
        # print(flow.request.headers['Cookie'])


    if 'wechat.zhifeishengwu.com/wx/HandlerSubscribe.ashx?act=User' in flow.request.url:
        with open("1.txt","a",encoding='UTF-8') as f:
            cookie = flow.request.headers['Cookie']
            if 'ASP.NET_SessionId=' in cookie:
                f.write(getCurrentStrTime()+'\n')
                f.write(cookie+'\n')

下面是测试抓Https的包

import json
import time
from mitmproxy import ctx

def getCurrentStrTime():
    return time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(time.time()))

def request(flow):
    # 获取请求对象
    request = flow.request
    # 实例化输出类
    info = ctx.log.info
    # 打印请求的url
    info(request.url)
    # 打印请求方法
    info(request.method)
    # 打印host头
    info(request.host)
    # 打印请求端口
    info(str(request.port))
    # 打印所有请求头部
    info(str(request.headers))
    # 打印cookie头
    info(str(request.cookies))

# 所有服务器响应的数据包都会被这个方法处理
# 所谓的处理，我们这里只是打印一下一些项
def response(flow):


    if "c1.5yyz.com/UserApi?" in flow.request.url:
        # 获取响应对象
        response = flow.response
        # 实例化输出类
        info = ctx.log.info
        # 打印响应码
        info(str(response.status_code))
        # 打印所有头部
        info(str(response.headers))
        # 打印cookie头部
        info(str(response.cookies))
        # 打印响应报文内容
        info(str(response.text))
    

    if 'weread' in flow.request.url:
        print(flow.response.headers)
        print(flow.request.content)
        # print(flow.request.headers['Cookie'])


    if 'c1.5yyz.com/UserApi?' in flow.request.url:
        with open("1.txt","a",encoding='UTF-8') as f:
            f.write(flow.request)
            #cookie = flow.request.headers['Cookie']
            #f.write(getCurrentStrTime()+'\n')
            #f.write(cookie+'\n')


#def response(flow):
    # if 'https://question-zh.hortor.net/question/bat/findQuiz' in flow.request.url:
    #     print(json.loads(flow.request.content))
    #
    # if 'https://question-zh.hortor.net/question/bat/choose' in flow.request.url:
    #     print(json.loads(flow.request.content))