python实现HTTP代理的思路和Demo

一、首先什么是代理:

  代理其实就是中间转发的那个玩意,所以在代码逻辑上也是如此的。

二、Python写http代理的基本逻辑:

  (1)接受浏览器发出的请求,解析,拼凑成该有的样子,然后使用套接字发出去。

  (2)完了,其实Demo就这么简单。

三、下面讲讲如何接受浏览器发起的请求,其实只要是请求就可以,没必要是浏览器的。外部发来的请求一样OK哦。

#接受请求就是一个服务器,没毛病老铁。所以用到了一个库BaseHTTPServer

 #-*- coding:utf-8 -*-

 #import lib-file
import urllib
import socket
from BaseHTTPServer import BaseHTTPRequestHandler,HTTPServer #define handler function class
class MyHandler(BaseHTTPRequestHandler):
#HTTP method GET (e.x.)
def do_GET(self):
url = self.path
print "url:",url
protocol,rest = urllib.splittype(url)
print "protocol:",protocol
host,rest = urllib.splithost(rest)
print "host:",host
path = rest
print "path:",path
host,port = urllib.splitnport(host)
print "host:",host
port = 80 if port < 0 else port
host_ip = socket.gethostbyname(host)
print (host_ip,port)
#above easy to understand
del self.headers['Proxy-Connection']
print self.headers
self.headers['Connection'] = 'close'
#Above! Three lines code removes Proxy-Connection columns and set connection to close to make sure no keep-alive link
#Bottom! Lines make request like what we see in the burpsuite!
send_data = 'GET ' + path + ' ' + self.protocol_version + '\r\n'
head = ''
for key, val in self.headers.items():
head = head + "%s: %s\r\n" % (key, val)
send_data = send_data + head + '\r\n'
print send_data
#
client = socket.socket(socket.AF_INET,socket.SOCK_STREAM)
client.connect((host_ip,port))
client.send(send_data)
#while True:
# ret = server.recv(4096)
# print ret
data = ''
while True:
tmp = client.recv(4096)
if not tmp:
break
data = data + tmp # socprint data
client.close()
self.wfile.write(data)

看逻辑很简单,利用basehttpserver 收请求socket转发

起main函数:

 def main():
try:
server = HTTPServer(('127.0.0.1', 8888), MyHandler)
print 'Welcome to the machine...'
server.serve_forever()
print "testend"
except KeyboardInterrupt:
print '^C received, shutting down server'
server.socket.close() if __name__ == '__main__':
main()

这里可以看到已经ok了,但是由于百度那边跳转和阻塞,还是没能成功完成代理,不过数据包确确实实转发出去了,但是代码逻辑已经ok。

python实现HTTP代理的思路和Demo

参考:

http://www.lyyyuna.com/2016/01/16/http-proxy-get1/

上一篇:web 安全相关(一):Log注入(转)


下一篇:DVWA全级别之SQL Injection(SQL注入)