.\" Automatically generated by Pandoc 1.19.2.4 .\" .TH "pathod" "1" "November 2016" "" "" .hy .SH NAME .PP pathod \- a pathological HTTP/S daemon .SH SYNOPSIS .PP pathod [\-h] [\-\-version] [\-p \f[I]PORT\f[]] [\-l \f[I]ADDRESS\f[]] [\-a \f[I]ANCHOR\f[]] .PD 0 .P .PD \ \ \ \ \ \ \ [\-c \f[I]CRAFTANCHOR\f[]] [\-\-confdir \f[I]CONFDIR\f[]] [\-d \f[I]STATICDIR\f[]] [\-D] .PD 0 .P .PD \ \ \ \ \ \ \ [\-t \f[I]TIMEOUT\f[]] [\-\-limit\-size \f[I]SIZELIMIT\f[]] [\-\-nohang] [\-\-nocraft] .PD 0 .P .PD \ \ \ \ \ \ \ [\-\-webdebug] [\-s] [\-\-cn \f[I]CN\f[]] [\-C] [\-\-cert \f[I]SPEC\f[]] .PD 0 .P .PD \ \ \ \ \ \ \ [\-\-ciphers \f[I]CIPHERS\f[]] [\-\-san \f[I]SAN\f[]] .PD 0 .P .PD \ \ \ \ \ \ \ [\-\-ssl\-version {\f[C]all\f[]|\f[C]TLSv1_2\f[]|\f[C]secure\f[]|\f[C]TLSv1_1\f[]|\f[C]TLSv1\f[]|\f[C]SSLv3\f[]|\f[C]SSLv2\f[]}] .PD 0 .P .PD \ \ \ \ \ \ \ [\-e] [\-f \f[I]LOGFILE\f[]] [\-q] [\-r] [\-x] [\-\-http2\-framedump] .SH DESCRIPTION .PP \f[C]pathod\f[] is a pathological HTTP daemon designed to let you craft almost any conceivable HTTP response, including ones that creatively violate the standards. HTTP responses are specified using a small, terse language which \f[C]pathod\f[] shares with its evil twin, \f[C]pathoc\f[]. To start playing with pathod, fire up the daemon: .IP .nf \f[C] $\ pathod \f[] .fi .PP By default, the service listens on port \f[C]9999\f[] of \f[C]localhost\f[], and the default crafting anchor point is the path \f[C]/p/\f[]. Anything after this URL prefix is treated as a response specifier. So, hitting the following URL will generate an HTTP 200 response with 100 bytes of random data: .IP .nf \f[C] http://localhost:9999/p/200:b\@100 \f[] .fi .PP See the language documentation (http://docs.mitmproxy.org/en/latest/pathod/language.html#language) to get (much) fancier. .SH OPTIONS .SS Optional Arguments: .TP .B \-h, \-\-help Show this help message and exit. .RS .RE .TP .B \-\-version Show program\[aq]s version number and exit. .RS .RE .TP .B \-p \f[I]PORT\f[] Port. Specify \f[C]0\f[] to pick an arbitrary empty port. (Default: \f[C]9999\f[]) .RS .RE .TP .B \-l \f[I]ADDRESS\f[] Listening address. (Default: \f[C]127.0.0.1\f[]) .RS .RE .TP .B \-a \f[I]ANCHOR\f[] Add an anchor. Specified as a string with the form \f[C]pattern=spec\f[] or \f[C]pattern=filepath\f[], where pattern is a regular expression. .RS .RE .TP .B \-c \f[I]CRAFTANCHOR\f[] URL path specifying prefix for URL crafting commands. (Default: \f[C]/p/\f[]) .RS .RE .TP .B \-\-confdir \f[I]CONFDIR\f[] Configuration directory. (Default: \f[C]~/.mitmproxy\f[]) .RS .RE .TP .B \-d \f[I]STATICDIR\f[] Directory for static files. .RS .RE .TP .B \-D Daemonize. .RS .RE .TP .B \-t \f[I]TIMEOUT\f[] Connection timeout. .RS .RE .TP .B \-\-limit\-size \f[I]SIZELIMIT\f[] Size limit of served responses. Understands size suffixes, e.g. 100k. .RS .RE .TP .B \-\-nohang Disable pauses during crafted response generation. .RS .RE .TP .B \-\-nocraft Disable response crafting. If anchors are specified, they still work. .RS .RE .TP .B \-\-webdebug Debugging mode for the web app (dev only). .RS .RE .SS SSL: .TP .B \-s Run in HTTPS mode. .RS .RE .TP .B \-\-cn \f[I]CN\f[] CN for generated SSL certs. (Default: \f[C]pathod.net\f[]) .RS .RE .TP .B \-C Don\[aq]t expect SSL after a CONNECT request. .RS .RE .TP .B \-\-cert \f[I]SPEC\f[] Add an SSL certificate. SPEC is of the form \f[C]"[domain=]path"\f[]. The domain may include a wildcard, and is equal to \f[C]"*"\f[] if not specified. The file at path is a certificate in PEM format. If a private key is included in the PEM, it is used, otherwise the default key in the conf dir is used. Can be passed multiple times. .RS .RE .TP .B \-\-ciphers \f[I]CIPHERS\f[] SSL cipher specification. .RS .RE .TP .B \-\-san \f[I]SAN\f[] Subject Altnernate Name to add to the server certificate. May be passed multiple times. .RS .RE .TP .B \-\-ssl\-version {\f[C]all\f[]|\f[C]TLSv1_2\f[]|\f[C]secure\f[]|\f[C]TLSv1_1\f[]|\f[C]TLSv1\f[]|\f[C]SSLv3\f[]|\f[C]SSLv2\f[]} Set supported SSL/TLS versions. \f[C]SSLv2\f[], \f[C]SSLv3\f[] and \f[C]all\f[] are INSECURE. Defaults to \f[C]secure\f[], which is TLS1.0+. .RS .RE .SS Controlling Logging: .PP Some of these options expand generated values for logging. If you\[aq]re generating large data, use them with caution. .TP .B \-e Explain responses. .RS .RE .TP .B \-f \f[I]LOGFILE\f[] Log to file. .RS .RE .TP .B \-q Log full request. .RS .RE .TP .B \-r Log full response. .RS .RE .TP .B \-x Log request/response in hexdump format. .RS .RE .TP .B \-\-http2\-framedump Output all received & sent HTTP/2 frames. .RS .RE .SH AUTHORS .PP \f[C]pathod\f[] was written by Aldo Cortesi. .PP This manual page was written for the Debian GNU/Linux system, but its use elsewhere is encouraged. .SH SEE ALSO .PP \f[C]pathod\f[] documentation and examples are available online at .