0

I'm trying to specify replacements in mitmdump but am having trouble getting the syntax right. What I want to do is replace the entire path in a request with a fixed string.

I've tried -R :~bq:/*:/example.html but that results in "Invalid filter pattern: ~bq"

Any pointers?

imac
  • 47
  • 9

1 Answers1

2

Try to use ~q not ~bq as filter pattern. Because ~bq needs regex itself like ~bq regex. The error "Invalid filter pattern" is caused by using ~bq with regex part.

More details https://github.com/mitmproxy/mitmproxy/pull/2589#issuecomment-340426254

Kevin Cui
  • 766
  • 1
  • 6
  • 8
  • Thanks. What's the correct syntax to use to match the entire path in the request? -R :~q:/:/example.html inserts example.html rather than replacing the whole of the path in the request. I want to steer all requests to specific page... – imac Nov 25 '19 at 15:35
  • not sure if I understand your question clearly, try this `':~q:/.*$:/example.html'`? – Kevin Cui Nov 25 '19 at 16:03
  • Cheers Kevin, that's what I was looking for. – imac Nov 25 '19 at 16:17
  • Though the console output looked promising, it turned out that was not quite what I needed; what I should be doing is changing the path portion of the request whilst retaining the other attributes, in particular MIME type (otherwise I get a 406 error). Having tried and failed, if anyone could point me in the right direction for that, it would be much appreciated! – imac Nov 26 '19 at 13:12
  • How would I restrict replacements to only the path portion of a URL? That would be group 3 in the following regex: (http[s]?:\/\/)?([^\/\s]+\/)(.*), i.e. the (.*) portion? – imac Dec 04 '19 at 16:03
  • Perhaps the question should be, how do I restrict the replacements to GETs only? I can't work the ~m operator in to the command, I get Invalid filter specification: ~m GET -R :~q:/.*$:/example.html. When I review pcaps on the target server the request has "HTTP/1.1" appended; that does not show on the mitmdump console. Why? Also, what does "with no response" mean in relation to the ~q filter description? Is there anywhere that has a decent collection of of real-world examples of mitmdump being used in reverse mode? – imac Dec 05 '19 at 12:21
  • `-R :~q:/.*:/example.html` matches (too many things). The documentation states that "Regexes are Python-style", and `-R :~q:GET /.*:GET /example.html` works fine in a Python regex checker, but fails to trigger replacements. I see the exact same request (GET /test.html) - which worked with the first regex - in the console, but it's not acted on. Is this my mistake, or a bug? @kevin – imac Dec 17 '19 at 10:01