This Gist is created in 2014, and it's highliy outdated now, according to one of mitmproxy's manjor contributor (check his comment below). Thanks for letting us know, @mhils!
Modern applications usually make use of back-end API servers to provide their services. With a non-transparent HTTPs proxy, which intercepts the communication between clients and servers (aka the man-in-the-middle scheme), you can easily manipulate both API requests and responses.
Many mobile apps have back-end API servers. They usually rely on the API replies to determine whether certain information is supposed to be shown. If the API responses could be manipulated on the fly, we may easily fool an unmodified app to expose some private data.
This manual guides you to set up nginx as non-transparent SSL proxy, which just subsitutes strings in the server responses (i.e. man-in-the-middle attack ourself). For both server-side (their API servers) and client-side (your device), the whole process is almost transparent.
| // ==UserScript== | |
| // @name Facebook Sponsored Posts Cleaner | |
| // @description Automatically Hides Sponsored Posts (Ads) in Facebook Stream | |
| // @namespace http://facebook.example.org | |
| // @author Shao-Chung Chen | |
| // @license MIT (http://opensource.org/licenses/MIT) | |
| // @version 1.3 | |
| // @include http://*.facebook.com/* | |
| // @include https://*.facebook.com/* | |
| // |
| module MethodDecorators | |
| class Decorator | |
| @@current_decorators = [] | |
| def self.current_decorators | |
| decs = @@current_decorators | |
| @@current_decorators = [] | |
| decs | |
| end |
| # customized sendfile() implementation utilizing Nginx's X-Accel-* header options | |
| # needed ecause Rails' built-in sendfile() generates chunked response without Content-Length, | |
| # and Safari rufuses to player videos coming in chunks...... | |
| def nginx_sendfile (file_path, options={}) | |
| response.headers["Cache-Control"] = options[:cache_control] || "max-age=86400, public" | |
| response.headers["Content-Disposition"] = options[:disposition] || "inline" | |
| response.headers["X-Accel-Limit-Rate"] = options[:limit_rate] || "307200" # byte | |
| response.headers["X-Accel-Buffering"] = options[:buffering] || "yes" | |
| response.headers["X-Accel-Redirect"] = file_path | |
| render :nothing => true |
| function sprintf() { | |
| var i = 0, a, f = arguments[i++], o = [], m, p, c, x, s = ''; | |
| while (f) { | |
| if (m = /^[^\x25]+/.exec(f)) { | |
| o.push(m[0]); | |
| } | |
| else if (m = /^\x25{2}/.exec(f)) { | |
| o.push('%'); | |
| } | |
| else if (m = /^\x25(?:(\d+)\$)?(\+)?(0|'[^$])?(-)?(\d+)?(?:\.(\d+))?([b-fosuxX])/.exec(f)) { |
| /* www-proxy.c Copyright Imperial Business Systems 1995 | |
| Proxy http server. | |
| Written by Steve Shipway ([email protected],[email protected]) | |
| in the space of 2 hours. It took a further 1 hour to remove the last | |
| bug. And 2 hours to persuade myself to stop playing with Netscape after it | |
| was working. | |
| Command line args: | |
| -d : debug mode. Use port 8000 instead, dont background, status msgs | |
| -l logfile : logfile to use |
| .item | |
| width: 190px | |
| position: absolute | |
| .item:before | |
| content: '' | |
| width: 15px | |
| height: 15px | |
| @include border-radius(15px) | |
| background: darken(white, 10%) | |
| position: absolute |
| #!/usr/bin/env ruby | |
| require 'RMagick' | |
| include Magick | |
| def tpow (t, pow_a, pow_b) | |
| (t ** pow_a) * ((1 - t) ** pow_b) | |
| end | |
| # Bezier curve parameters |
| " toggle between working mode and presentation mode | |
| function! PresentationModeOn() | |
| set background=light | |
| colorscheme github | |
| set guifont=Monaco\ for\ Powerline:h28.00 | |
| endfunction | |
| function! PresentationModeOff() | |
| set background=dark |
