Account Options

  1. Sign in
The old Google Groups will be going away soon, but your browser is incompatible with the new version.
Google Groups Home
« Groups Home
mitmproxy
Home
+ new post
About this group
Join this group
Using mitmdump on a network dump file
Options
There are currently too many topics in this group that display first. To make this topic appear first, remove this option from another topic.
There was an error processing your request. Please try again.
flag
   4 messages - Collapse all  -  Translate all to Translated (View all originals)
The group you are posting to is a Usenet group. Messages posted to this group will make your email address visible to anyone on the Internet.
Your reply message has not been sent.
Your post was successful
 
From:
To:
Cc:
Followup To:
Add Cc | Add Followup-to | Edit Subject
Subject:
Validation:
For verification purposes please type the characters you see in the picture below or the numbers you hear by clicking the accessibility icon. Listen and type the numbers you hear
 
Kam-Yung Soh  
View profile  
 More options Feb 9 2012, 10:40 pm
From: Kam-Yung Soh <sohkamy...@gmail.com>
Date: Thu, 9 Feb 2012 19:40:21 -0800 (PST)
Local: Thurs, Feb 9 2012 10:40 pm
Subject: Using mitmdump on a network dump file
Print | Individual message | Show original | Report this message | Find messages by this author

Hello,

I just discovered mitmproxy and find it cool.  Thanks for coming up with it.

A request: it is possible to run mitmdump on raw network data (pcap format)
already captured by tcpdump or wireshark?

I work with networked embedded linux devices which cannot run python but
can run tcpdump.  I would use tcpdump to capture network data from the
device, then copy it over to my work PC, run mitmdump to extract out the
http/https transactions, and examine/replay the transactions using
mitmproxy.

Would this be possible?

Regards,
Kam-Yung


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Aldo Cortesi  
View profile  
 More options Feb 9 2012, 11:09 pm
From: Aldo Cortesi <a...@nullcube.com>
Date: Fri, 10 Feb 2012 17:09:12 +1300
Local: Thurs, Feb 9 2012 11:09 pm
Subject: Re: Using mitmdump on a network dump file
Print | Individual message | Show original | Report this message | Find messages by this author

HI Kam-Yung,

> I just discovered mitmproxy and find it cool.  Thanks for coming up with it.

> A request: it is possible to run mitmdump on raw network data (pcap format) already captured by tcpdump or wireshark?

> I work with networked embedded linux devices which cannot run python but can run tcpdump.  I would use tcpdump to capture network data from the device, then copy it over to my work PC, run mitmdump to extract out the http/https transactions, and examine/replay the transactions using mitmproxy.

> Would this be possible?

In theory, it would be possible to follow the TCP streams in the pcap dump, extract the requests and responses, and then reconstruct the matching mitmproxy objects. This would be a huge job, though, and I suspect that this is a very rare use-case. At the moment, though, you're out of luck - sorry!

Regards,

Aldo

--
Aldo Cortesi
blog: http://corte.si
twitter: @cortesi
work: www.nullcube.com
+64 210 718 900

  smime.p7s
6K Download

 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Jim Cheetham  
View profile  
 More options Feb 9 2012, 11:11 pm
From: Jim Cheetham <jim.cheet...@otago.ac.nz>
Date: Fri, 10 Feb 2012 17:11:32 +1300
Local: Thurs, Feb 9 2012 11:11 pm
Subject: Re: Using mitmdump on a network dump file
Print | Individual message | Show original | Report this message | Find messages by this author

Excerpts from Aldo Cortesi's message of Fri Feb 10 17:09:12 +1300 2012:

> HI Kam-Yung,

> > I just discovered mitmproxy and find it cool.  Thanks for coming up with it.

> > A request: it is possible to run mitmdump on raw network data (pcap format) already captured by tcpdump or wireshark?

> > I work with networked embedded linux devices which cannot run python but can run tcpdump.  I would use tcpdump to capture network data from the device, then copy it over to my work PC, run mitmdump to extract out the http/https transactions, and examine/replay the transactions using mitmproxy.

> > Would this be possible?

> In theory, it would be possible to follow the TCP streams in the pcap dump, extract the requests and responses, and then reconstruct the matching mitmproxy objects. This would be a huge job, though, and I suspect that this is a very rare use-case. At the moment, though, you're out of luck - sorry!

As an alternative, perhaps you could put a transparent squid proxy in
your network, and persuade that to use mitmproxy for upstream requests?

-jim
--
Jim Cheetham, Information Security, University of Otago, Dunedin, N.Z.
✉ jim.cheet...@otago.ac.nz          ☏ +64 3 470 4670 ☏ m +64 21 227 0015
⚷ OpenPGP: B50F BE3B D49B 3A8A 9CC3 8966 9374 82CD C982 0605
✔ NZ BeSTGRID RAO                   ✔ CAcert.org Assurer

  signature.asc
< 1K Download

 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Chris Neasbitt  
View profile  
 More options Jun 21 2012, 8:18 pm
From: Chris Neasbitt <chris.neasb...@gmail.com>
Date: Thu, 21 Jun 2012 17:18:28 -0700 (PDT)
Local: Thurs, Jun 21 2012 8:18 pm
Subject: Re: Using mitmdump on a network dump file
Print | Individual message | Show original | Report this message | Find messages by this author

I have written tool to do this call mitmextract.  You can find it at
https://github.com/cjneasbi/mitmextract .


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
End of messages
« Back to Discussions « Newer topic     Older topic »

Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy
©2013 Google