This small project includes two scripts:
- TinyHTTPProxy.py - is HTTP proxy server, that logs all the traffic going through it
It's based on code from SUZUKI Hisao, I've added the logging capabilities.
Recently also added possibility for proxy to encrypt outgoing communication with SSL - can be used to
monitor, debug secure traffic.
Log can be directed either to stdout or to file (with -f option)
- ReplayClient.py - is HTTP client, that can replay file created by TinyHTTPProxy. It supports cookies and simple variables, so it can be used also for replay in some dynamic scenarios.
Usage:
usage: TinyHTTPProxy.py [options]
options:
-h, --help show this help message and exit
-p PORT listening port
-a ALLOWED list of allowed client names (comma separated)
-f FILE output file for the log
-s starts to encrypt outgoing connection with ssl, except for further link
that were unsecure
- In the output requests and responses are separated by line "-"*80
usage: ReplayClient.py [options]
options:
-h, --help show this help message and exit
-f FILE input log file
-b logs also response body
-i INPUT input file with variables (name=value lines), if name is - then
std input is used
-o OUTFILE output log file
- Cookies are handled automatically - e.g. if new cookies are set by server then they are used in subsequent communication
- In the input log log (e.g. the one that will be replayed, you can add variables, that will be replaced either by values specified by -i option, or by values extracted from previous responses. Variable in input log can ge specified as ${varname}
- In the input log file you can also specify definitions of variables in section of responses -
if anywhere in the response senction at the begining of the line following pattern will be match:
name="reg_exp",x
then it'll be interpreted as commad for grebbing variable from the response text - name will be name of the variable, reg_exp is regular expression to find value of this variable and x is a number of group within matched text that is the actual value of this variable
Quick guide
- Start TinyHTTPProxy (with appropriate port) and -f log.txt (optionaly -s if you want to encrypt
connection with SSL)
- Set up your browser to go through proxy localhost port 8000 (or other supplied to TinyHTTPProxy)
- Use browser to grab the whole session - log file will contain all requests and responses
- Edit the log.txt file
- Add definitions of variables into response sections on separate lines: var="reg_expr",group_no
- Add variables to the requests (typically to POST bodies to query parts of URL): ${var}
- Run Replay client with -f log.txt ( and if needed global var can be supplied by -i option)
Download
TinyHTTPProxy.py
ReplayClient.py
|