2021-03-12 07:45:21 +00:00
|
|
|
|
# mitmproxy
|
|
|
|
|
|
|
|
|
|
Containerized version of [mitmproxy](https://mitmproxy.org/): an interactive, SSL/TLS-capable intercepting proxy for HTTP/1, HTTP/2, and WebSockets.
|
|
|
|
|
|
2021-10-10 09:59:16 +00:00
|
|
|
|
## Usage
|
2021-03-12 07:45:21 +00:00
|
|
|
|
|
|
|
|
|
```sh
|
|
|
|
|
$ docker run --rm -it [-v ~/.mitmproxy:/home/mitmproxy/.mitmproxy] -p 8080:8080 mitmproxy/mitmproxy
|
2021-10-10 09:59:16 +00:00
|
|
|
|
[terminal user interface of mitmproxy is launched...]
|
2021-03-12 07:45:21 +00:00
|
|
|
|
```
|
2021-10-10 09:59:16 +00:00
|
|
|
|
|
2021-03-12 07:45:21 +00:00
|
|
|
|
The *volume mount* is optional: It's to store the generated CA certificates.
|
|
|
|
|
|
|
|
|
|
Once started, mitmproxy listens as a HTTP proxy on `localhost:8080`:
|
2021-10-10 09:59:16 +00:00
|
|
|
|
|
2021-03-12 07:45:21 +00:00
|
|
|
|
```sh
|
|
|
|
|
$ http_proxy=http://localhost:8080/ curl http://example.com/
|
|
|
|
|
$ https_proxy=http://localhost:8080/ curl -k https://example.com/
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
You can also start `mitmdump` by just adding that to the end of the command-line:
|
2021-10-10 09:59:16 +00:00
|
|
|
|
|
2021-03-12 07:45:21 +00:00
|
|
|
|
```sh
|
|
|
|
|
$ docker run --rm -it -p 8080:8080 mitmproxy/mitmproxy mitmdump
|
2021-10-10 09:59:16 +00:00
|
|
|
|
Proxy server listening at http://*:8080
|
|
|
|
|
[...]
|
2021-03-12 07:45:21 +00:00
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
For `mitmweb`, you also need to expose port 8081:
|
2021-10-10 09:59:16 +00:00
|
|
|
|
|
2021-03-12 07:45:21 +00:00
|
|
|
|
```sh
|
|
|
|
|
# this makes :8081 accessible to the local machine only
|
|
|
|
|
$ docker run --rm -it -p 8080:8080 -p 127.0.0.1:8081:8081 mitmproxy/mitmproxy mitmweb --web-host 0.0.0.0
|
2021-10-10 09:59:16 +00:00
|
|
|
|
Web server listening at http://0.0.0.0:8081/
|
|
|
|
|
No web browser found. Please open a browser and point it to http://0.0.0.0:8081/
|
|
|
|
|
Proxy server listening at http://*:8080
|
|
|
|
|
[...]
|
2021-03-12 07:45:21 +00:00
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
You can also pass options directly via the CLI:
|
2021-10-10 09:59:16 +00:00
|
|
|
|
|
2021-03-12 07:45:21 +00:00
|
|
|
|
```sh
|
|
|
|
|
$ docker run --rm -it -p 8080:8080 mitmproxy/mitmproxy mitmdump --set ssl_insecure=true
|
2021-10-10 09:59:16 +00:00
|
|
|
|
Proxy server listening at http://*:8080
|
|
|
|
|
[...]
|
2021-03-12 07:45:21 +00:00
|
|
|
|
```
|
|
|
|
|
|
2022-09-08 17:42:09 +00:00
|
|
|
|
If `~/.mitmproxy/mitmproxy-ca.pem` is present in the container, mitmproxy will assume uid and gid from the file owner.
|
2021-03-12 07:45:21 +00:00
|
|
|
|
For further details, please consult the mitmproxy [documentation](http://docs.mitmproxy.org/en/stable/).
|
|
|
|
|
|
2021-10-10 09:59:16 +00:00
|
|
|
|
## Tags
|
2021-03-12 07:45:21 +00:00
|
|
|
|
|
|
|
|
|
The available release tags can be seen
|
|
|
|
|
[here](https://hub.docker.com/r/mitmproxy/mitmproxy/tags/).
|
|
|
|
|
|
2021-03-16 15:17:27 +00:00
|
|
|
|
* `dev` always tracks the git-master branch and represents the unstable development tree.
|
2021-03-12 07:45:21 +00:00
|
|
|
|
* `latest` always points to the same image as the most recent stable release, including bugfix releases (e.g., `4.0.0` and `4.0.1`).
|
|
|
|
|
* `X.Y.Z` tags contain the mitmproxy release with this version number.
|
|
|
|
|
|
2021-10-10 09:59:16 +00:00
|
|
|
|
## Security Notice
|
2021-03-12 07:45:21 +00:00
|
|
|
|
|
|
|
|
|
Dependencies in the Docker images are frozen on release, and can’t be updated in
|
|
|
|
|
situ. This means that we necessarily capture any bugs or security issues that
|
|
|
|
|
may be present. We don’t generally release new Docker images simply to update
|
|
|
|
|
dependencies (though we may do so if we become aware of a really serious issue).
|