3

I'd like to write a program that modifies all outgoing (request) HTTP requests to change one of the outgoing headers on-the-fly on my Mac OS X Lion system. Is there any system APIs that would allow me to rewrite port 80 traffic like this?

For reference, I just need to replace a header in-place without actually changing the header length. I have also already tried using a standard HTTP proxy, however it is not easy to set up and only filters traffic on programs that I have configured the proxy on, and respect that setting. I would also like to know if it is easy to turn on and off, as I only need it at a certain network location and not at home.

P.S. I did find information on doing this in linux at Modify http headers on system level (Linux), however I'm pretty sure that Mac OS X lion doesn't support iptables, and although it does support ipfw, it is deprecated in favour of PF.

Community
  • 1
  • 1
Adam M-W
  • 3,509
  • 9
  • 49
  • 69
  • What header do you wish to rewrite? – Trott Jun 25 '12 at 04:29
  • Does it matter? It's a standard one if it helps, but I'd rather not discuss it in detail. – Adam M-W Jun 25 '12 at 04:30
  • Actually, it's not even really rewriting that much - I just need to make an existing header lowercase because of a transparent proxy (technically DPI) I'm forced to use. System-wide would allow all programs to work without having to modify every one. – Adam M-W Jun 25 '12 at 07:55

1 Answers1

0

Are you really sure, you need it "system wide" won't a browser plugin like live-http-headers or modify-headers suffice?

If you are sure you need it, maybe this attack tool can help: middler

or: fiddler

But be warned usage and in some countries even possession of such tools might be illegal. Also please respect the privacy of others.

snies
  • 3,461
  • 1
  • 22
  • 19
  • also the underlying [scapy](http://www.secdev.org/projects/scapy/) might be interesting for you, [here](http://stackoverflow.com/questions/4750793/python-scapy-or-the-like-how-can-i-create-an-http-get-request-at-the-packet-leve) is a link showing how to build a http handshake with scapy (GET REQUEST). – snies Jun 25 '12 at 05:07
  • I've used Fiddler before, but it is essentially a modifying HTTP proxy and as such requires that each software be set to use it as a proxy and the software to even support HTTP proxies. Also, I'm on Mac OS X so Fiddler becomes very difficult, but I am using a similar stop-gap solution via a custom Node.js proxy. However, I'm looking for something system wide to be a better replacement. Also, scapy looks like it might work, but it looks like it can only sniff, send and receive packets, not really modify them. – Adam M-W Jun 25 '12 at 08:05