Is there a way to use mitmproxy to build up a transparent http proxy and then upstream to a socks5 server? Thanks.
Not yet. I believe the simplest way to accomplish that is using redsocks/proxychains nehind mitmproxy. Does this satisfy your needs?
I tried proxychains with squid, which doesn't work. I guess the reason is that proxychains also need to proxy the inbound (to squid) request to socks proxy, which is not expected.
Getting these things right is tricky, sorry. :confused:
We do not plan to add a mode that does transparent interception + redirect to an upstream proxy for now. Your best bet is doing that with proxychains/redsocks, at which point the mitmproxy in front of that is optional and should not really matter for the configuration.
Since this ranks high on Google I'll leave this info here for posterity:
mitmproxy actually works without any problem with proxychains on Linux. Simply:
proxychains mitmproxy -T --host
You might want to edit /etc/proxychains.conf and set quiet_mode to true so it doesn't interfere with mitmproxy's output.
That being said, on macOS it fails because of segfault 11. Could be related to SIP, but not sure, didn't investigate.
@valentinradu indeed it works with proxychains, here is the new syntax for mitmproxy:
proxychains mitmproxy -m transparent
But in order to make it work with the HTTP proxy I used, I had to comment proxy_dns and use the IP address instead of the domain name of the proxy (it looks like domain names are not supported by proxychains configuration file).
Note that there is a bug when using proxychains with a squid proxy server using the default configuration, unencrypted HTTP requests will fail: https://github.com/rofl0r/proxychains-ng/issues/263
Most helpful comment
Since this ranks high on Google I'll leave this info here for posterity:
mitmproxyactually works without any problem withproxychainson Linux. Simply:proxychains mitmproxy -T --hostYou might want to edit
/etc/proxychains.confand setquiet_modeto true so it doesn't interfere withmitmproxy's output.That being said, on macOS it fails because of segfault 11. Could be related to SIP, but not sure, didn't investigate.