moooofly / MarkSomethingDownLLS

本仓库用于记录自 2017年10月16日起,在英语流利说任职期间的各方面知识汇总(以下内容不足以体现全部,一些敏感内容已移除)~
MIT License
79 stars 42 forks source link

测试 elazarl/goproxy 记录 #44

Open moooofly opened 5 years ago

moooofly commented 5 years ago

相关 task


key value
项目名称 elazarl/goproxy
地址 https://github.com/elazarl/goproxy
实现语言 golang
一句话描述 An HTTP proxy library for Go
详细说明
Package goproxy provides a customizable HTTP proxy library for Go (golang)

It supports regular HTTP proxy, HTTPS through CONNECT, and "hijacking" HTTPS connection using "Man in the Middle" style attack.

The intent of the proxy is to be usable with reasonable amount of traffic, yet customizable and programmable.

The proxy itself is simply a net/http handler.

In order to use goproxy, one should set their browser to use goproxy as an HTTP proxy.
项目依赖
相关链接
调研日期 2019-01-17

安装

go get -v github.com/elazarl/goproxy

帮助

https://github.com/elazarl/goproxy/blob/master/doc.go

moooofly commented 5 years ago

测试

本地启动代理

[#47#root@ubuntu-1604 /go/src/github.com/elazarl/goproxy/examples/goproxy-eavesdropper]$./goproxy-eavesdropper -v

默认监听 8080 端口

[#29#root@ubuntu-1604 /go/src/github.com/elazarl/goproxy]$netstat -nltp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
...
tcp6       0      0 :::8080                 :::*                    LISTEN      12535/goproxy-eaves
...

测试针对 https://example.com/ 的代理

基于 curl 访问 proxy ,未指定 -k

[#43#root@ubuntu-1604 ~]$curl -Lv --proxy-header "Custom-Info: moooofly" --proxy http://localhost:8080 https://example.com/
*   Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 8080 (#0)
* Establish HTTP proxy tunnel to example.com:443
> CONNECT example.com:443 HTTP/1.1
> Host: example.com:443
> User-Agent: curl/7.47.0
> Proxy-Connection: Keep-Alive
> Custom-Info: moooofly
>
< HTTP/1.0 200 OK
<
* Proxy replied OK to CONNECT request
* found 148 certificates in /etc/ssl/certs/ca-certificates.crt
* found 592 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256
* server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none
* Closing connection 0
curl: (60) server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none
More details here: http://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle"
 of Certificate Authority (CA) public keys (CA certs). If the default
 bundle file isn't adequate, you can specify an alternate file
 using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
 the bundle, the certificate verification probably failed due to a
 problem with the certificate (it might be expired, or the name might
 not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
 the -k (or --insecure) option.
[#44#root@ubuntu-1604 ~]$

由于证书原因,proxy 主动断开了 tcp 连接

[#47#root@ubuntu-1604 /go/src/github.com/elazarl/goproxy/examples/goproxy-eavesdropper]$./goproxy-eavesdropper -v

2019/01/22 15:47:56 [016] INFO: Running 3 CONNECT handlers
2019/01/22 15:47:56 [016] INFO: on 1th handler: &{2 <nil> 0x65d290} example.com:443
2019/01/22 15:47:56 [016] INFO: Assuming CONNECT is TLS, mitm proxying it
2019/01/22 15:47:56 [016] INFO: signing for example.com
2019/01/22 15:47:56 [016] INFO: Exiting on EOF

抓包信息

image

基于 curl 访问 proxy ,指定 -k

[#44#root@ubuntu-1604 ~]$curl -Lv --proxy-header "Custom-Info: moooofly" --proxy http://localhost:8080 https://example.com/ -k
*   Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 8080 (#0)
* Establish HTTP proxy tunnel to example.com:443
> CONNECT example.com:443 HTTP/1.1
> Host: example.com:443
> User-Agent: curl/7.47.0
> Proxy-Connection: Keep-Alive
> Custom-Info: moooofly
>
< HTTP/1.0 200 OK
<
* Proxy replied OK to CONNECT request
* found 148 certificates in /etc/ssl/certs/ca-certificates.crt
* found 592 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256
*    server certificate verification SKIPPED
*    server certificate status verification SKIPPED
*    common name: example.com (matched)
*    server certificate expiration date OK
*    server certificate activation date OK
*    certificate public key: RSA
*    certificate version: #3
*    subject: O=GoProxy untrusted MITM proxy Inc,CN=example.com
*    start date: Thu, 01 Jan 1970 00:00:00 GMT
*    expire date: Fri, 31 Dec 2049 00:00:00 GMT
*    issuer: C=IL,ST=Center,L=Lod,O=GoProxy,OU=GoProxy,CN=goproxy.github.io,EMAIL=elazarl@gmail.com
*    compression: NULL
* ALPN, server did not agree to a protocol
> GET / HTTP/1.1
> Host: example.com
> User-Agent: curl/7.47.0
> Accept: */*
>
< HTTP/1.1 200 OK
< Accept-Ranges: bytes
< Cache-Control: max-age=604800
< Connection: close
< Content-Type: text/html; charset=UTF-8
< Date: Tue, 22 Jan 2019 07:48:07 GMT
< Etag: "1541025663"
< Expires: Tue, 29 Jan 2019 07:48:07 GMT
< Last-Modified: Fri, 09 Aug 2013 23:54:35 GMT
< Server: ECS (sjc/4E8B)
< Transfer-Encoding: chunked
< Vary: Accept-Encoding
< X-Cache: HIT
<
<!doctype html>
<html>
<head>
    <title>Example Domain</title>

    <meta charset="utf-8" />
    <meta http-equiv="Content-type" content="text/html; charset=utf-8" />
    <meta name="viewport" content="width=device-width, initial-scale=1" />
    <style type="text/css">
    body {
        background-color: #f0f0f2;
        margin: 0;
        padding: 0;
        font-family: "Open Sans", "Helvetica Neue", Helvetica, Arial, sans-serif;

    }
    div {
        width: 600px;
        margin: 5em auto;
        padding: 50px;
        background-color: #fff;
        border-radius: 1em;
    }
    a:link, a:visited {
        color: #38488f;
        text-decoration: none;
    }
    @media (max-width: 700px) {
        body {
            background-color: #fff;
        }
        div {
            width: auto;
            margin: 0 auto;
            border-radius: 0;
            padding: 1em;
        }
    }
    </style>
</head>

<body>
<div>
    <h1>Example Domain</h1>
    <p>This domain is established to be used for illustrative examples in documents. You may use this
    domain in examples without prior coordination or asking for permission.</p>
    <p><a href="http://www.iana.org/domains/example">More information...</a></p>
</div>
</body>
</html>
* Closing connection 0
[#45#root@ubuntu-1604 ~]$

调整后,成功输出

2019/01/22 15:48:06 [017] INFO: Running 3 CONNECT handlers
2019/01/22 15:48:06 [017] INFO: on 1th handler: &{2 <nil> 0x65d290} example.com:443
2019/01/22 15:48:06 [017] INFO: Assuming CONNECT is TLS, mitm proxying it
2019/01/22 15:48:06 [017] INFO: signing for example.com
2019/01/22 15:48:06 [018] INFO: req example.com:443
2019/01/22 15:48:06 [018] INFO: Sending request GET https://example.com:443/
2019/01/22 15:48:07 [018] INFO: resp 200 OK
2019/01/22 15:48:07 [017] INFO: Exiting on EOF

抓包信息

image

image

测试针对 https://apineo.llsapp.com/ 的代理

基于 curl 访问 proxy ,未指定 -k

2019/01/22 16:33:36 [006] INFO: Running 3 CONNECT handlers
2019/01/22 16:33:36 [006] INFO: on 1th handler: &{2 <nil> 0x65d290} apineo.llsapp.com:443
2019/01/22 16:33:36 [006] INFO: Assuming CONNECT is TLS, mitm proxying it
2019/01/22 16:33:36 [006] INFO: signing for apineo.llsapp.com
2019/01/22 16:33:36 [006] INFO: Exiting on EOF

curl 失败日志(证书问题)

[#49#root@ubuntu-1604 ~]$curl -Lv --proxy-header "Custom-Info: moooofly" --proxy http://localhost:8080 https://apineo.llsapp.com
* Rebuilt URL to: https://apineo.llsapp.com/
*   Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 8080 (#0)
* Establish HTTP proxy tunnel to apineo.llsapp.com:443
> CONNECT apineo.llsapp.com:443 HTTP/1.1
> Host: apineo.llsapp.com:443
> User-Agent: curl/7.47.0
> Proxy-Connection: Keep-Alive
> Custom-Info: moooofly
>
< HTTP/1.0 200 OK
<
* Proxy replied OK to CONNECT request
* found 148 certificates in /etc/ssl/certs/ca-certificates.crt
* found 592 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256
* server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none
* Closing connection 0
curl: (60) server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none
More details here: http://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle"
 of Certificate Authority (CA) public keys (CA certs). If the default
 bundle file isn't adequate, you can specify an alternate file
 using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
 the bundle, the certificate verification probably failed due to a
 problem with the certificate (it might be expired, or the name might
 not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
 the -k (or --insecure) option.
[#50#root@ubuntu-1604 ~]$

image

基于 curl 访问 proxy ,指定 -k

2019/01/22 16:33:51 [007] INFO: Running 3 CONNECT handlers
2019/01/22 16:33:51 [007] INFO: on 1th handler: &{2 <nil> 0x65d290} apineo.llsapp.com:443
2019/01/22 16:33:51 [007] INFO: Assuming CONNECT is TLS, mitm proxying it
2019/01/22 16:33:51 [007] INFO: signing for apineo.llsapp.com
2019/01/22 16:33:51 [008] INFO: req apineo.llsapp.com:443
2019/01/22 16:33:51 [008] INFO: Sending request GET https://apineo.llsapp.com:443/
2019/01/22 16:33:51 [008] INFO: resp 301 Moved Permanently
2019/01/22 16:33:51 [007] INFO: Exiting on EOF
2019/01/22 16:33:51 [009] INFO: Running 3 CONNECT handlers
2019/01/22 16:33:51 [009] INFO: on 1th handler: &{2 <nil> 0x65d290} www.liulishuo.com:443
2019/01/22 16:33:51 [009] INFO: Assuming CONNECT is TLS, mitm proxying it
2019/01/22 16:33:51 [009] INFO: signing for www.liulishuo.com
2019/01/22 16:33:51 [010] INFO: req www.liulishuo.com:443
2019/01/22 16:33:51 [010] INFO: Sending request GET https://www.liulishuo.com:443/
2019/01/22 16:33:52 [010] INFO: resp 200 OK
2019/01/22 16:33:52 [009] INFO: Exiting on EOF

curl 成功日志

[#50#root@ubuntu-1604 ~]$curl -Lv --proxy-header "Custom-Info: moooofly" --proxy http://localhost:8080 https://apineo.llsapp.com -k
* Rebuilt URL to: https://apineo.llsapp.com/
*   Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 8080 (#0)
* Establish HTTP proxy tunnel to apineo.llsapp.com:443
> CONNECT apineo.llsapp.com:443 HTTP/1.1
> Host: apineo.llsapp.com:443
> User-Agent: curl/7.47.0
> Proxy-Connection: Keep-Alive
> Custom-Info: moooofly
>
< HTTP/1.0 200 OK
<
* Proxy replied OK to CONNECT request
* found 148 certificates in /etc/ssl/certs/ca-certificates.crt
* found 592 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256
*    server certificate verification SKIPPED
*    server certificate status verification SKIPPED
*    common name: apineo.llsapp.com (matched)
*    server certificate expiration date OK
*    server certificate activation date OK
*    certificate public key: RSA
*    certificate version: #3
*    subject: O=GoProxy untrusted MITM proxy Inc,CN=apineo.llsapp.com
*    start date: Thu, 01 Jan 1970 00:00:00 GMT
*    expire date: Fri, 31 Dec 2049 00:00:00 GMT
*    issuer: C=IL,ST=Center,L=Lod,O=GoProxy,OU=GoProxy,CN=goproxy.github.io,EMAIL=elazarl@gmail.com
*    compression: NULL
* ALPN, server did not agree to a protocol
> GET / HTTP/1.1
> Host: apineo.llsapp.com
> User-Agent: curl/7.47.0
> Accept: */*
>
< HTTP/1.1 301 Moved Permanently
< Cache-Control: no-cache
< Connection: close
< Content-Language: en
< Content-Type: text/html
< Location: https://www.liulishuo.com
< Transfer-Encoding: chunked
< Vary: Origin
< X-Kong-Proxy-Latency: 0
< X-Kong-Upstream-Latency: 6
< X-Login: 0
< X-Request-Id: e884b66a-bf7a-42e2-94d3-75a6bde5b5b3
< X-Runtime: 0.004709
<
* Closing connection 0
* Issue another request to this URL: 'https://www.liulishuo.com'
* Rebuilt URL to: https://www.liulishuo.com/
* Hostname localhost was found in DNS cache
*   Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 8080 (#1)
* Establish HTTP proxy tunnel to www.liulishuo.com:443
> CONNECT www.liulishuo.com:443 HTTP/1.1
> Host: www.liulishuo.com:443
> User-Agent: curl/7.47.0
> Proxy-Connection: Keep-Alive
> Custom-Info: moooofly
>
< HTTP/1.0 200 OK
<
* Proxy replied OK to CONNECT request
* found 148 certificates in /etc/ssl/certs/ca-certificates.crt
* found 592 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256
*    server certificate verification SKIPPED
*    server certificate status verification SKIPPED
*    common name: www.liulishuo.com (matched)
*    server certificate expiration date OK
*    server certificate activation date OK
*    certificate public key: RSA
*    certificate version: #3
*    subject: O=GoProxy untrusted MITM proxy Inc,CN=www.liulishuo.com
*    start date: Thu, 01 Jan 1970 00:00:00 GMT
*    expire date: Fri, 31 Dec 2049 00:00:00 GMT
*    issuer: C=IL,ST=Center,L=Lod,O=GoProxy,OU=GoProxy,CN=goproxy.github.io,EMAIL=elazarl@gmail.com
*    compression: NULL
* ALPN, server did not agree to a protocol
> GET / HTTP/1.1
> Host: www.liulishuo.com
> User-Agent: curl/7.47.0
> Accept: */*
>
< HTTP/1.1 200 OK
< Accept-Ranges: bytes
< Connection: close
< Content-Type: text/html; charset=utf-8
< Date: Tue, 22 Jan 2019 08:33:51 GMT
< Faas-Match: try-file
< Faas-Version: v0.3.0-1-45e6981e
< Last-Modified: Tue, 22 Jan 2019 06:38:07 GMT
< Transfer-Encoding: chunked
< Vary: Accept-Encoding
< X-Kong-Proxy-Latency: 0
< X-Kong-Upstream-Latency: 2
<
<!DOCTYPE html>
<html lang="zh-CN">
<head>
  <meta charset="UTF-8">
  <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
  <title>英语流利说 - 轻松学英语,用人工智能老师</title>
  <meta name="description" content="流利说(LAIX)是领先的人工智能驱动的教育科技公司。作为智能教育的倡行者,流利说拥有一支业内领先的人工智能团队,其自主研发的人工智能英语老师,基于深度学习技术,能够为每一位用户提供个性化、自适应的学习课程。">
  <meta name="keywords" content="AI老师,人工智能老师,懂你英语,懂你英语官网,LAIX,流利说,英语流利说,英语,liulishuo,雅思流利说,英语口语,口语评分,口语打分,外教,口语培训,雅思口语,职场口语,旅游口语,口语教材,手机,手机口语,外教,人工智能,智能教育,在线教育,智能英语云课堂,乡村教师赋能计划">
  <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no">
  <link rel="shortcut icon" href="https://cdn.llscdn.com/faas/frontend/liulishuo.com/favicon.ico?t=1548126066775" type="image/x-icon">
  <link rel="canonical" href="https://www.liulishuo.com">
  <script type="text/javascript">
    if(/Android|iPhone|mobile/i.test(navigator.userAgent)) {
        var host = 'https://m.liulishuo.com' +  window.location.pathname + window.location.search;
        location.replace(host);
    }
</script>

  <!--[if lte IE 8]>
    <script type="text/javascript" src="https://cdn.llscdn.com/faas/frontend/liulishuo.com/javascripts/libs/html5shiv.min.js?t=1548126066775"></script>
  <![endif]-->
  <link rel="stylesheet" href="https://cdn.llscdn.com/faas/frontend/liulishuo.com/styles/common.css?t=1548126066775">
  <link rel="stylesheet" href="https://cdn.llscdn.com/faas/frontend/liulishuo.com/styles/index.css?t=1548126066775">
  <script type="text/javascript" src="https://cdn.llscdn.com/faas/frontend/liulishuo.com/javascripts/libs/jquery-1.12.4.min.js?t=1548126066775"></script>
  <!--[if lte IE 9]>
    <script type="text/javascript" src="https://cdn.llscdn.com/faas/frontend/liulishuo.com/javascripts/libs/jquery.xdomainrequest.min.js?t=1548126066775"></script>
  <![endif]-->
  <script type="text/javascript" src="https://cdn.llscdn.com/faas/frontend/liulishuo.com/javascripts/libs/ckplayer.js?t=1548126066775"></script>
  <script type="text/javascript" src="https://cdn.llscdn.com/faas/frontend/liulishuo.com/javascripts/common.js?t=1548126066775"></script>
  <script type="text/javascript">
    (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
    (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
    m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
    })(window,document,'script','https://www.google-analytics.com/analytics.js','ga');
    ga('create', 'UA-38218737-1', 'auto');
    ga('send', 'pageview');
  </script>
  <script>
    (function(h,o,t,j,a,r){
    h.hj=h.hj||function(){(h.hj.q=h.hj.q||[]).push(arguments)};
    h._hjSettings={hjid:1083213,hjsv:6};
    a=o.getElementsByTagName('head')[0];
    r=o.createElement('script');r.async=1;
    r.src=t+h._hjSettings.hjid+j+h._hjSettings.hjsv;
    a.appendChild(r);
    })(window,document,'https://static.hotjar.com/c/hotjar-','.js?sv=');
  </script>
</head>
<body>
...
</body>
</html>
* Closing connection 1
[#51#root@ubuntu-1604 ~]$

image

image

没做抓到针对 www.liulishuo.com. 的 DNS 解析(应该和缓存有关系)

moooofly commented 5 years ago

遇到的问题

调整代码后

examples/goproxy-eavesdropper/main.go 中增加

...
    username, password := "foo", "bar"
    f := func(user, pwd string) bool {                                                                                                                                                    return user == username && password == pwd
    }

    proxy.OnRequest().HandleConnect(auth.BasicConnect("my_realm", f))
...

curl 输出如下

[#77#root@ubuntu-1604 ~]$curl -Lv --proxy http://foo:bar@localhost:8080 https://apineo.llsapp.com -k
* Rebuilt URL to: https://apineo.llsapp.com/
*   Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 8080 (#0)
* Establish HTTP proxy tunnel to apineo.llsapp.com:443
* Proxy auth using Basic with user 'foo'
> CONNECT apineo.llsapp.com:443 HTTP/1.1
> Host: apineo.llsapp.com:443
> Proxy-Authorization: Basic Zm9vOmJhcg==
> User-Agent: curl/7.47.0
> Proxy-Connection: Keep-Alive
>
< HTTP/1.0 200 OK
<
* Proxy replied OK to CONNECT request
* found 148 certificates in /etc/ssl/certs/ca-certificates.crt
* found 592 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256
*    server certificate verification SKIPPED
*    server certificate status verification SKIPPED
*    common name: apineo.llsapp.com (matched)
*    server certificate expiration date OK
*    server certificate activation date OK
*    certificate public key: RSA
*    certificate version: #3
*    subject: O=GoProxy untrusted MITM proxy Inc,CN=apineo.llsapp.com
*    start date: Thu, 01 Jan 1970 00:00:00 GMT
*    expire date: Fri, 31 Dec 2049 00:00:00 GMT
*    issuer: C=IL,ST=Center,L=Lod,O=GoProxy,OU=GoProxy,CN=goproxy.github.io,EMAIL=elazarl@gmail.com
*    compression: NULL
* ALPN, server did not agree to a protocol
> GET / HTTP/1.1
> Host: apineo.llsapp.com
> User-Agent: curl/7.47.0
> Accept: */*
>
< HTTP/1.1 301 Moved Permanently
< Cache-Control: no-cache
< Connection: close
< Content-Language: en
< Content-Type: text/html
< Location: https://www.liulishuo.com
< Transfer-Encoding: chunked
< Vary: Origin
< X-Kong-Proxy-Latency: 0
< X-Kong-Upstream-Latency: 19
< X-Login: 0
< X-Request-Id: ce1d0db9-e7bc-4eed-8541-64b72824e967
< X-Runtime: 0.017249
<
* Closing connection 0
* Issue another request to this URL: 'https://www.liulishuo.com'
* Rebuilt URL to: https://www.liulishuo.com/
* Hostname localhost was found in DNS cache
*   Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 8080 (#1)
* Establish HTTP proxy tunnel to www.liulishuo.com:443
* Proxy auth using Basic with user 'foo'
> CONNECT www.liulishuo.com:443 HTTP/1.1
> Host: www.liulishuo.com:443
> Proxy-Authorization: Basic Zm9vOmJhcg==
> User-Agent: curl/7.47.0
> Proxy-Connection: Keep-Alive
>
< HTTP/1.0 200 OK
<
* Proxy replied OK to CONNECT request
* found 148 certificates in /etc/ssl/certs/ca-certificates.crt
* found 592 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256
*    server certificate verification SKIPPED
*    server certificate status verification SKIPPED
*    common name: www.liulishuo.com (matched)
*    server certificate expiration date OK
*    server certificate activation date OK
*    certificate public key: RSA
*    certificate version: #3
*    subject: O=GoProxy untrusted MITM proxy Inc,CN=www.liulishuo.com
*    start date: Thu, 01 Jan 1970 00:00:00 GMT
*    expire date: Fri, 31 Dec 2049 00:00:00 GMT
*    issuer: C=IL,ST=Center,L=Lod,O=GoProxy,OU=GoProxy,CN=goproxy.github.io,EMAIL=elazarl@gmail.com
*    compression: NULL
* ALPN, server did not agree to a protocol
> GET / HTTP/1.1
> Host: www.liulishuo.com
> User-Agent: curl/7.47.0
> Accept: */*
>
< HTTP/1.1 200 OK
< Accept-Ranges: bytes
< Connection: close
< Content-Type: text/html; charset=utf-8
< Date: Tue, 22 Jan 2019 16:58:49 GMT
< Faas-Match: try-file
< Faas-Version: v0.3.0-1-45e6981e
< Last-Modified: Tue, 22 Jan 2019 06:38:05 GMT
< Transfer-Encoding: chunked
< Vary: Accept-Encoding
< X-Kong-Proxy-Latency: 0
< X-Kong-Upstream-Latency: 79
<
<!DOCTYPE html>
<html lang="zh-CN">
<head>
  <meta charset="UTF-8">
  <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
  <title>英语流利说 - 轻松学英语,用人工智能老师</title>
  <meta name="description" content="流利说(LAIX)是领先的人工智能驱动的教育科技公司。作为智能教育的倡行者,流利说拥有一支业内领先的人工智能团队,其自主研发的人工智能英语老师,基于深度学习技术,能够为每一位用户提供个性化、自适应的学习课程。">
  <meta name="keywords" content="AI老师,人工智能老师,懂你英语,懂你英语官网,LAIX,流利说,英语流利说,英语,liulishuo,雅思流利说,英语口语,口语评分,口语打分,外教,口语培训,雅思口语,职场口语,旅游口语,口语教材,手机,手机口语,外教,人工智能,智能教育,在线教育,智能英语云课堂,乡村教师赋能计划">
  <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no">
  <link rel="shortcut icon" href="https://cdn.llscdn.com/faas/frontend/liulishuo.com/favicon.ico?t=1548126066775" type="image/x-icon">
  <link rel="canonical" href="https://www.liulishuo.com">
  <script type="text/javascript">
    if(/Android|iPhone|mobile/i.test(navigator.userAgent)) {
        var host = 'https://m.liulishuo.com' +  window.location.pathname + window.location.search;
        location.replace(host);
    }
</script>
...

proxy 日志

2019/01/23 00:58:48 [022] INFO: Running 3 CONNECT handlers
2019/01/23 00:58:48 [022] INFO: on 0th handler: &{2 <nil> 0x65d400} apineo.llsapp.com:443
2019/01/23 00:58:48 [022] INFO: Assuming CONNECT is TLS, mitm proxying it
2019/01/23 00:58:48 [022] INFO: signing for apineo.llsapp.com
2019/01/23 00:58:48 [023] INFO: req apineo.llsapp.com:443
2019/01/23 00:58:48 [023] INFO: Sending request GET https://apineo.llsapp.com:443/
2019/01/23 00:58:48 [023] INFO: resp 301 Moved Permanently
2019/01/23 00:58:48 [022] INFO: Exiting on EOF
2019/01/23 00:58:48 [024] INFO: Running 3 CONNECT handlers
2019/01/23 00:58:48 [024] INFO: on 0th handler: &{2 <nil> 0x65d400} www.liulishuo.com:443
2019/01/23 00:58:48 [024] INFO: Assuming CONNECT is TLS, mitm proxying it
2019/01/23 00:58:48 [024] INFO: signing for www.liulishuo.com
2019/01/23 00:58:49 [025] INFO: req www.liulishuo.com:443
2019/01/23 00:58:49 [025] INFO: Sending request GET https://www.liulishuo.com:443/
2019/01/23 00:58:49 [025] INFO: resp 200 OK
2019/01/23 00:58:49 [024] INFO: Exiting on EOF
moooofly commented 5 years ago

命令使用整理

常规套路

如下两个 curl 命令的效果完全相同:基于 basic auth 进行访问

curl -Lv --proxy-user foo:bar --proxy http://localhost:8080 https://apineo.llsapp.com -k

curl -Lv --proxy http://foo:bar@localhost:8080 https://apineo.llsapp.com -k

对应日志

> CONNECT apineo.llsapp.com:443 HTTP/1.1
> Host: apineo.llsapp.com:443
> Proxy-Authorization: Basic Zm9vOmJhcg==                    // 这里
> User-Agent: curl/7.47.0
> Proxy-Connection: Keep-Alive
>
< HTTP/1.0 200 OK
<
...
> GET / HTTP/1.1
> Host: apineo.llsapp.com
> User-Agent: curl/7.47.0
> Accept: */*
>
< HTTP/1.1 301 Moved Permanently
< Cache-Control: no-cache
< Connection: close
< Content-Language: en
< Content-Type: text/html
< Location: https://www.liulishuo.com
< Transfer-Encoding: chunked
< Vary: Origin
< X-Kong-Proxy-Latency: 0
< X-Kong-Upstream-Latency: 10
< X-Login: 0
< X-Request-Id: 11a8ec98-50e6-4236-a5b4-afabc4bbf933
< X-Runtime: 0.008096
<
...
> CONNECT www.liulishuo.com:443 HTTP/1.1
> Host: www.liulishuo.com:443
> Proxy-Authorization: Basic Zm9vOmJhcg==                    // 这里
> User-Agent: curl/7.47.0
> Proxy-Connection: Keep-Alive
>
< HTTP/1.0 200 OK
<
...
> GET / HTTP/1.1
> Host: www.liulishuo.com
> User-Agent: curl/7.47.0
> Accept: */*
>

< HTTP/1.1 200 OK
< Accept-Ranges: bytes
< Connection: close
< Content-Type: text/html; charset=utf-8
< Date: Thu, 24 Jan 2019 07:44:02 GMT
< Faas-Match: try-file
< Faas-Version: v0.3.0-1-45e6981e
< Last-Modified: Tue, 22 Jan 2019 06:37:56 GMT
< Transfer-Encoding: chunked
< Vary: Accept-Encoding
< X-Kong-Proxy-Latency: 0
< X-Kong-Upstream-Latency: 2
<
<!DOCTYPE html>
<html lang="zh-CN">
...

变态套路

通过 -H 添加的 header 会带到所有请求中(Zm9vOmJhcg== 其实就是针对 foo:bar 得到的,所有下面第二种形式中的 foo:bar 是多余的)

curl -Lv -H "Proxy-Authorization: Basic Zm9vOmJhcg==" --proxy http://localhost:8080 https://apineo.llsapp.com -k

curl -Lv -H "Proxy-Authorization: Basic Zm9vOmJhcg==" --proxy http://foo:bar@localhost:8080 https://apineo.llsapp.com -k