Python requests 中使用https代理

不知道各位师傅是否遇到这以下情况

• requests中的https就不走代理或者bp中就找不到https流量

• 好不容易有了https流量，于是有Warning

  D:\******\lib\site-packages\urllib3\connection.py:394: SubjectAltNameWarning: Certificate for www.baidu.com has no `subjectAltName`, falling back to check for a `commonName` for now. This feature is being removed by major browsers and deprecated by RFC 2818. (See https://github.com/urllib3/urllib3/issues/497 for details.)
    SubjectAltNameWarning,

• 加了个verify=False 还是有Warning

  D:\******\lib\site-packages\urllib3\connectionpool.py:986: InsecureRequestWarning: Unverified HTTPS request is being made to host '127.0.0.1'. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
    InsecureRequestWarning,

第一个问题

其实好解决，就是proxies字典中没有https而已

import requests

session = requests.session()
proxies = {
    "http": "http://127.0.0.1:8084",
    "https": "http://127.0.0.1:8084"
}

url = "https://www.baidu.com"
r = session.request('post', url, proxies=proxies)

后两个问题

其实就是没有配置证书，浏览器中要配证书，python中也要配个证书就行了

从bp中导出证书

将证书转为base64形式

有很多方法

• python手动转

import base64

with open(r'ca_certificate','rb') as f:
    print(base64.b64encode(f.read()))

• cyberchef yyds

• 在线网站
• linux下的工具等等

找到cacert.pem在哪里

import certifi

print(certifi.where())

找到它打开它

按照格式写进去

最好写个注释吧，直接贴在最后面就行，为了保险起见可以先备份文件

#burpsuite
-----BEGIN CERTIFICATE-----
****
-----END CERTIFICATE-----

然后就可以愉快的使用了