Hudsucker is a MITM HTTP/S proxy written in Rust.

Overview

hudsucker

crates.io docs.rs Build

Hudsucker is a MITM HTTP/S proxy written in Rust.

Features

  • Modify HTTP/S requests
  • Modify HTTP/S responses
  • Modify websocket messages

Usage

For usage, refer to the provided examples.

Comments
  • CertificateUnknown error occured when running the log.rs

    CertificateUnknown error occured when running the log.rs

    Hi man, thank you for your project first.

    But I'm stucked when running the log.rs in your examples directory.

    I just copy src/example/log.rs to src/main.rs and src/example/ca to src/ca and add env_logger = "0.9" to [denpendencies] and then cargo run.

    After install the hudsucker.pem to my computer ( Trusted Root Certification Authorities ) and setting my web proxy to 127.0.0.1:3000 , I got the error log:

    thread 'tokio-runtime-worker' panicked at 'Failed to establish TLS connection with client: Custom { kind: InvalidData, error: AlertReceived(CertificateUnknown) }', C:\Users\forti\IdeaProjects\hudsucker\src\proxy.rs:137:30 [2021-11-03T05:46:55Z ERROR rustls::session] TLS alert received: Message { typ: Alert, version: TLSv1_3, payload: Alert( AlertMessagePayload { level: Fatal, description: CertificateUnknown, }, ), }

    Waiting for your response, thank you.

    opened by WaylonTian 10
  • How to modify response body?

    How to modify response body?

    Could you please tell me how to modify the response?

    I tried to get the specific content of the body in the closure and convert it to a string, but now I can't await it in the closure.

    opened by zu1k 10
  • Is there way to parse basic auth?

    Is there way to parse basic auth?

    Hello, your crate is amazing! Love it! I am providing user pass for the proxy i.e http://user:pass@localhost:3000/some/random/path Is it possible to parse URI of the proxy /some/random/path and basic auth user:pass ? Stuck here, need some help to figure this out...

    opened by 0xFar5eer 8
  • fix: randomise serial number for OpenSSL generated certificates

    fix: randomise serial number for OpenSSL generated certificates

    Firefox seems to block certificates if they use an already seen serial number.

    This generates a random serial number for each certificate generated by OpenSSL.

    opened by glossiness 6
  • [Feature Request] Add context for Proxy

    [Feature Request] Add context for Proxy

    Sometimes we need to determine the request and then modify the response.

    In this case, there is a need to have a context to synchronize some data that is obtained from the request and then use them when modifying response.

    I think we can add a context struct to struct Proxy, and pass its borrow to both requestHandler and responseHandler closures along with the req or res.

    opened by zu1k 5
  • MITMing HTTPS requests

    MITMing HTTPS requests

    Is there an example for MITMing HTTPS requests without ever hitting the original web server? If I just create a new response in the handle_request I get a generic "connection closed" error. I did a bit of digging through your code and I tried returning an empty response for CONNECT requests but that also didn't help. I'm assuming I'm missing something simple.

    Thanks!

    opened by scd31 4
  • Im totally planning on using this!

    Im totally planning on using this!

    Hey there @omjadas, thank you for this! I'm totally planning on using this in a project of mine and will report back. Perhaps this is just useless noise, but IDK I often like to know if stuff I'm making out of the goodness of my heart is being used...so now you know! Just a hobby project mind you, but still. Super cool that you built/are building something like this!

    opened by alexkolson 3
  • Offer to update readme with refering to other project

    Offer to update readme with refering to other project

    Hello, @omjadas ! I maintain my own open source project, you can find it here. My project relies on your library, so, first of all, I want to express my gratitude to you for this cool library. I would like to offer you to refer my project in readme of yours (or in any other way) as example of software that uses your library. You also can find that I have already referred your project in readme of mine. I believe that this can help me to find some contributors and keep improving the project. I would appreciate any feedback.

    opened by sinKettu 2
  • [Bug] Lack of appropriate CN in site's certificates signed with RCgen CA

    [Bug] Lack of appropriate CN in site's certificates signed with RCgen CA

    Hello! The issue is pretty simple. If certificate for a site created with OpensslAuthority, this authority sets CN to DNS name of site: https://github.com/omjadas/hudsucker/blob/main/src/certificate_authority/openssl_authority.rs#L74

    But RcgenAuthority does not do that, it places DNS name only in Alt Names: https://github.com/omjadas/hudsucker/blob/main/src/certificate_authority/rcgen_authority.rs#L85

    This issue leads to browsers reject certificates signed with RcgenAuthority, because there is no appropriate CN.

    I would like to request a fix for this, please. Probably, I could do a pull-request, but I have not enough free time :(

    opened by sinKettu 2
  • [feature request] Use anonymous function as handler parameter

    [feature request] Use anonymous function as handler parameter

    Thanks for your crate

    My use case is that when I usewith_http_handler/with_incoming_message_handler/with_outgoing_message_handler, I want to store the request & response. In the current case, it looks like the only way to store it is to create global mutables using something like lazy_static. Switching to anonymous functions we can easily create Arc<Mutex<>> in any context to store the data. what do you think about this?

    opened by axxop 2
  • chore(deps): update hyper-tungstenite requirement from 0.5.0 to 0.6.0

    chore(deps): update hyper-tungstenite requirement from 0.5.0 to 0.6.0

    ⚠️ Dependabot is rebasing this PR ⚠️

    Rebasing might not happen immediately, so don't worry if this takes some time.

    Note: if you make any changes to this PR yourself, they will take precedence over the rebase.


    Updates the requirements on hyper-tungstenite to permit the latest version.

    Changelog

    Sourced from hyper-tungstenite's changelog.

    v0.6.0 - 2022-02-20

    • Update to tungstenite 0.17.

    v0.5.0 - 2021-11-19

    • Update to tungstenite 0.16.

    v0.4.2 - 2021-11-19

    • Fix link in documentation for re-exported tungstenite crate.

    v0.4.1 - 2021-10-17

    • Update the example to a full server application.

    v0.4.0 - 2021-08-28

    • Upgrade to tokio-tungstenite 0.15.

    v0.3.3 - 2021-06-11

    • Remove sha-1 and base64 dependency by using upstream derive_accept_key.

    v0.3.2 - 2021-04-11

    • Derive Debug for HyperWebsocket to facilitate debugging.

    v0.3.1 - 2021-04-03

    • Replace unsafe code with pin-project and tokio::pin!().

    v0.3.0 - 2021-03-02

    • Publicly re-export the hyper crate.
    • Upgrade to tokio-tungstenite 0.14 and tungstenite 0.13.

    v0.2.1 - 2021-02-12

    • Inspect all Connection and Upgrade headers in is_upgrade_request().
    • Inspect all comma separated values in Connection headers in is_upgrade_request() (this was already done for Upgrade headers).

    v0.2.0 - 2021-02-06

    • Rename upgrade_requested to is_upgrade_request.

    v0.1.1 - 2021-02-06

    • Fix category slug in Cargo manifest.

    v0.1.0 - 2021-02-06

    • Initial release.
    Commits

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 2
  • How to do something after streaming body?

    How to do something after streaming body?

    This is a noob question, not really an issue. I'm trying to stream a response and then do stuff after that finishes. Specifically (for now) I'm computing a sha256 of the response body, and need to call finalize(). Here's one attempt to do that: https://github.com/nlevitt/warcprox-rs/blob/master/src/main.rs You can run this with cargo run and in another terminal execute for example curl -k -gvsS --proxy http://127.0.0.1:8000 https://example.com/. The problem is that the None case in poll_next() is never called.

    It would be even nicer to be be able to chain some sort of finally to the end of the body stream, but I'm not sure if that's possible. https://github.com/nlevitt/warcprox-rs/blob/stream-combinators/src/main.rs#L63

    opened by nlevitt 1
  • v0.18.0 not found on crates.io

    v0.18.0 not found on crates.io

    hi, i'm sorry but i'm very noob with rust so i think that this is a stupid question

    i'm trying to use hudsucker; i put hudsucker = "0.18.0" on my Cargo.toml, but running cargo build i get

    Updating crates.io index
    error: failed to select a version for the requirement `hudsucker = "^0.18.0"`
    candidate versions found which didn't match: 0.16.1, 0.16.0, 0.15.0, ...
    location searched: crates.io index
    

    it works using 0.16.1

    what am i doing wrong?

    thanks in advance

    opened by KrullBorg 7
Releases(v0.19.0)
Lightweight proxy that allows redirect HTTP(S) traffic through a proxy.

Proxyswarm Proxyswarm is a lightweight proxy that allows redirect HTTP(S) traffic through a proxy. WARNING: This app isn't recomended for download lar

Jorge Alejandro Jimenez Luna 4 Apr 16, 2022
A TCP proxy using HTTP - Reach SSH behind a Nginx reverse proxy

?? TCP over HTTP ?? The Questions ?? What does it do? You can proxy TCP traffic over HTTP. A basic setup would be: [Your TCP target] <--TCP-- [Exit No

Julian 185 Dec 15, 2022
A proxy implement with http / socks5 in-bound and vmess out-bound, written in Rust and tokio.rs

tokio-vmess an Asynchronous proxy implement with http / socks5 in-bound and vmess out-bound, written in Rust and tokio Run example first, Fill out the

irumeria 7 Oct 3, 2022
♻ A simple and efficient Gemini-to-HTTP proxy written in Rust.

September A simple and efficient Gemini-to-HTTP proxy written in Rust. Usage Docker $ docker run -d [ -e ROOT="gemini://fuwn.me" ] [ -e PORT="8080"] [

GemRest 10 Jul 2, 2022
Reverse proxy for HTTP microservices and STDIO. Openfass watchdog which can run webassembly with wasmer-gpu written in rust.

The of-watchdog implements an HTTP server listening on port 8080, and acts as a reverse proxy for running functions and microservices. It can be used independently, or as the entrypoint for a container with OpenFaaS.

yanghaku 7 Sep 15, 2022
Proxy sentry request to a sentry server using a tunnel/proxy endpoint

Sentry Tunnel This is a proxy that forwards tunneled sentry requests to the real sentry server. The implementation is based on the explanation provide

Paul FLORENCE 14 Dec 20, 2022
UDP proxy with Proxy Protocol and mmproxy support

udppp UDP proxy with Proxy Protocol and mmproxy support. Features Async Support Proxy Protocol V2 SOCKET preserve client IP addresses in L7 proxies(mm

b23r0 10 Dec 18, 2022
Web3-proxy: a fast caching and load balancing proxy for web3 (Ethereum or similar) JsonRPC servers.

web3-proxy Web3-proxy is a fast caching and load balancing proxy for web3 (Ethereum or similar) JsonRPC servers. Signed transactions (eth_sendRawTrans

null 55 Jan 8, 2023
Implementation of the Docker Registry HTTP API V2 in Rust, that can act as a proxy to other registries

Docker registry server and proxy (I'm bad at creating catchy names, but this one is good enough.) This project aims to implement a Docker Registry HTT

l4p1n (Mathias B.) 2 Dec 30, 2022
A remote shell, TCP tunnel and HTTP proxy for Replit.

Autobahn A remote shell, TCP tunnel and HTTP proxy for Replit. Hybrid SSH/HTTP server for Replit. Based on leon332157/replish. Autobahn runs a WebSock

Patrick Winters 12 Sep 24, 2022
📡Proxy HTTP/1.1 requests over a sensitive point-to-point link

ptproxy Motivation What's this? Why do I need this? What's a sensitive network link? What's wrong with a VPN? What's wrong with HTTP[S]? What's wrong

Alba Mendez 5 Jul 26, 2023
A fast and stable reverse proxy for NAT traversal, written in Rust

rathole A fast and stable reverse proxy for NAT traversal, written in Rust rathole, like frp, can help to expose the service on the device behind the

Yujia Qiao 4.6k Dec 30, 2022
RCProxy - a lightweight, fast but powerful Redis Cluster Proxy written in Rust

RCProxy - a lightweight, fast but powerful Redis Cluster Proxy written in Rust

Cris Liao 16 Dec 4, 2022
server security proxy write by Rust

server-security-proxy server security proxy write by Rust how to use config toml file

baoyachi. Aka Rust Hairy crabs 3 May 24, 2021
Simple and fast layer 4 proxy in Rust

Fourth 这一波在第四层。 English Fourth是一个Rust实现的Layer 4代理,用于监听指定端口TCP流量,并根据规则转发到指定目标。 功能 监听指定端口代理到本地或远端指定端口 监听指定端口,通过TLS ClientHello消息中的SNI进行分流 安装方法 为了确保获得您架构

Rui Li 17 Nov 8, 2022
A high performence Socks5 proxy server with bind/reverse support implementation by Rust.

rsocx A high performence Socks5 proxy server with bind/reverse support implementation by Rust Features Async-std No unsafe code Single executable Linu

b23r0 259 Jan 6, 2023
A lightweight Rust reverse proxy.

Brachyura A reverse proxy, which I am primarily using as a Rust / Hyper learning project. I utilize Nginx as part of my home lab providing reverse pro

William Howard 8 Jan 8, 2023
A minimal ngrok liked reverse proxy implemented in Rust.

rok A minimal ngrok implementation in Rust, for educational purpose. This work is largely based on rathole, especially the very first commit. Other ho

Kai 3 Jun 21, 2022
Rust implementation of TCP + UDP Proxy Protocol (aka. MMProxy)

mmproxy-rs A Rust implementation of MMProxy! ?? Rationale Many previous implementations only support PROXY Protocol for either TCP or UDP, whereas thi

Saikō Technology 3 Dec 29, 2022