Don't use it if you plan to auto accept terminal commands, without a sandbox, while on a public wifi in a cafe, next to a hacker who decides to bet on you running a very niche configuration.
All you need is to manipulate DNS, inject a record with a long TTL and the rest is not required.
It scales very well and I guarantee this is not the only instance of misconfigured host verification. In other words, this is not as niche as you might think.
If you're able to manipulate DNS, can't you just issue your own certificate for the domain? Even if it would be revoked moments later, mitmproxy doesnt check it even when ssl_insecure=false:
catlifeonmars|1 month ago
It scales very well and I guarantee this is not the only instance of misconfigured host verification. In other words, this is not as niche as you might think.
arowthway|1 month ago
https://github.com/mitmproxy/mitmproxy/issues/2235
EDIT: Maybe I incorrectly assumed you meant authoritative DNS.