All geek questions in one place

How can I respond to a CONNECT method request on a proxy using a socket in python?

I am currently programming a proxy server using httplib, and when I try to connect to HTTPS websites (like facebook and google), my client sends me “CONNECT” requests that look like this:

CONNECT www.google.co.il:443 HTTP/1.1\r\n User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:35.0) Gecko/20100101 Firefox/35.0\r\n Proxy-Connection: keep-alive\r\n Connection: keep-alive\r\n Host: www.google.co.il:443\r\n \r\n

I took a working proxy from the Internet and put it on, then sniffed the network on wirehark, and the response to this request should look like this:

 HTTP/1.1 200 Connection established\n Proxy-agent: Python Proxy/0.1.0 Draft 1\n \n

I noticed that the client sends the request to the proxy itself, so I decided to use the socket and send the response to the client this way:

 if getmethod(clientreq) is "CONNECT": text="HTTP/1.1 200 Connection established\nProxy-Agent: THE BB Proxy\n\n" client.send(text)

I really hoped that processing these "CONNECT" requests would be a solution and that my server would finally take care of HTTPS requests, but that was not the case, and the response packets that I sent to the client did not even appear on Wireshark.

So my questions are: 1. What does the "CONNECT" method really do? 2. What else do I need besides processing the "CONNECT" method requests to communicate with HTTPS servers?

+5
source share
1 answer

I answer after this long time, because recently I worked with this concept. It may help others.

To work with the CONNECT http proxy server, you need to create a socket connection with the server https port (for example, 443). After establishing the connection, you can send "HTTP / 1.1 200 Connection established" as a response.

After that, the client and server communicate with each other through a proxy. The proxy should simply transfer data from the client socket to the server socket and vice versa. The client and server will exchange information about the certificate to establish a connection, after the connection is confirmed, they will begin to transmit data in an encrypted format, so the proxy will not be able to understand anything.

The following code may help.

 def _read_write(self): socs = [self.client, self.target] count = 0 while 1: count += 1 (recv, _, error) = select.select(socs, [], socs, 3) if error: break if recv: for in_ in recv: data = in_.recv(BUFLEN) if in_ is self.client: out = self.target else: out = self.client if data: out.send(data) print(data) count = 0 if count == time_out_max: break

Hope this answer helps anyone who needs it. Since I had to go through a lot to find this answer.

+3
source

Source: https://habr.com/ru/post/1213304/

More articles:


All Articles