(推荐)Linux(Centos)上搭建anyProxy抓包工具

(推荐)Linux(Centos)上搭建anyProxy抓包工具

anyProxy简单介绍

AnyProxy是一个开放式的HTTP代理服务器。

主要特性包括:

  • 基于Node.js,开放二次开发能力,允许自定义请求处理逻辑
  • 支持Https的解析
  • 提供GUI界面,用以观察请求
  • 基于编程的代理工具,灵活强大 ...

看下GUI界面:

一:安装NodeJs (请自行google安装)

[root@10-10-127-163 script]# node -v
v9.8.0
[root@10-10-127-163 script]# npm -v
5.6.0

确保node和npm都可以正常使用

二:安装anyProxy

npm install -g anyproxy

查看安装路径:

[root@10-10-127-163 script]# find / -name 'anyproxy'
/usr/local/bin/app/node-v9.8.0-linux-x64/bin/anyproxy
/usr/local/bin/app/node-v9.8.0-linux-x64/lib/node_modules/anyproxy
/usr/local/bin/app/node-v9.8.0-linux-x64/lib/node_modules/anyproxy/bin/anyproxy

可知我的安装路径在:/usr/local/bin/app/node-v9.8.0-linux-x64/bin/ 进入安装目录:

cd /usr/local/bin/app/node-v9.8.0-linux-x64/bin/

三:启动

  • 默认启动方式
[root@10-10-127-163 bin]# node anyproxy -i
[AnyProxy WARN][2019-08-31 14:45:20]: ROOT CA NOT INSTALLED YET
[AnyProxy Log][2019-08-31 14:45:20]: The root CA file path is: /root/.anyproxy/certificates/rootCA.crt
[AnyProxy Log][2019-08-31 14:45:20]: Http proxy started on port 8001
[AnyProxy Log][2019-08-31 14:45:20]: web interface started on port 8002

可以看到,代理监听端口是8001。web访问端口是8002

  • 使用其他端口启动
node anyporxy --port 1001 -i 

三:访问GUI管理界面

打开防火墙8001和8002

 firewall-cmd --zone=public --add-port=8001/tcp --permanent    //开启8001端口
 firewall-cmd --zone=public --add-port=8002/tcp --permanent    //开启8002端口
 firewall-cmd --reload //刷新防火墙配置

访问web界面:http://ip:8002

四:抓包拦截配置 (http)

  • 打开wifi,设置代理 (每个手机设置方式不同,请自行google)。这里以iphone为例

  • 随便用手机浏览几个网页,可以看到linux服务器的代理日志
[AnyProxy Log][2019-08-31 15:13:04]: [internal https]proxy server for itunes.apple.com established
[AnyProxy Log][2019-08-31 15:13:04]: received request to: GET itunes.apple.com/lookup?bundleId=com.microsoft.bing&country=CN&entity=software
[AnyProxy Log][2019-08-31 15:13:04]: received https CONNECT request p41-keyvalueservice.icloud.com
[AnyProxy Log][2019-08-31 15:13:04]: will forward to local https server
[AnyProxy Log][2019-08-31 15:13:04]: [internal https]proxy server for p41-keyvalueservice.icloud.com established
[AnyProxy Log][2019-08-31 15:13:05]: received https CONNECT request 180.97.10.109
[AnyProxy Log][2019-08-31 15:13:05]: received https CONNECT 
[AnyProxy Log][2019-08-31 15:13:06]: [internal https]proxy server for cn.bing.com established
[AnyProxy Log][2019-08-31 15:13:07]: received request to: GET cn.bing.com/
[AnyProxy Log][2019-08-31 15:13:07]: received request to: GET cn.bing.com/rs/2T/i2/cj,nj/da14a018/49a68749.js
[AnyProxy Log][2019-08-31 15:13:07]: received https CONNECT request cn.bing.com
[AnyProxy Log][2019-08-31 15:13:07]: received https CONNECT request cn.bing.com
[AnyProxy Log][2019-08-31 15:13:07]: will forward to local https server
[AnyProxy Log][2019-08-31 15:13:07]: [internal https]proxy server for cn.bing.com established
[AnyProxy Log][2019-08-31 15:13:07]: will forward to local https server
y Log][2019-08-31 15:13:08]: will forward to local https server
IG=F6C3E0EFF6EC4049BF23F5036C1A9362&TYPE=Event.ClientInst&DATA=%5B%7B%22T%22%3A%22CI.Init%22%2C%22FID%22%3A%22CI%22%2C%22Name%22%3A%22Base%22%2C%22TS%22%3A1567235588774%7D%2C%7B%22Time%22%3A1332%2C%22T%22%3A%22CI.Latency%22%2C%22FID%22%3A%22HP%22%2C%22Name%22%3A%22ImageStart%22%2C%22TS%22%3A1567235588774%7D%2C%7B%22Time%22%3A675%2C%22T%22%3A%22CI.Latency%22%2C%22FID%22%3A%22HP%22%2C%22Name%22%3A%22Image%22%2C%22TS%22%3A1567235589450%7D%5D
  • 打开web界面,可以看到已经拦截到了很多请求(只能解析http请求)

proxyList

五:抓包拦截配置 (https)

  • 进入anyporxy安装目录,执行node anyproxy-ca
[root@10-10-127-163 bin]# node anyproxy-ca 
detecting CA status...
AnyProxy CA exists, but not be trusted
? Would you like to open the folder and trust it ? Yes

安装完毕后,就可以解析所有的http/https请求了~

评论

Your browser is out-of-date!

Update your browser to view this website correctly. Update my browser now

×