mirror of
https://github.com/byt3bl33d3r/MITMf.git
synced 2025-08-14 10:47:05 -07:00
- Logging is now seperate for each module
- added DNSChef submodule - Code style improvements - modified config file name , and options - Changed requirements and README
This commit is contained in:
byt3bl33d3r
parent
eb7e797ded
commit
d4c6b7d5b6
28 changed files with 317 additions and 242 deletions
|
|
@ -34,7 +34,8 @@ from URLMonitor import URLMonitor
|
|||
from CookieCleaner import CookieCleaner
|
||||
from DnsCache import DnsCache
|
||||
from core.sergioproxy.ProxyPlugins import ProxyPlugins
|
||||
from configobj import ConfigObj
|
||||
|
||||
mitmf_logger = logging.getLogger('mitmf')
|
||||
|
||||
class ClientRequest(Request):
|
||||
|
||||
|
|
@ -58,7 +59,7 @@ class ClientRequest(Request):
|
|||
headers = self.getAllHeaders().copy()
|
||||
|
||||
#for k,v in headers.iteritems():
|
||||
# logging.debug("[ClientRequest] Receiving headers: (%s => %s)" % (k, v))
|
||||
# mitmf_logger.debug("[ClientRequest] Receiving headers: (%s => %s)" % (k, v))
|
||||
|
||||
if self.hsts:
|
||||
|
||||
|
|
@ -73,13 +74,13 @@ class ClientRequest(Request):
|
|||
|
||||
if 'host' in headers:
|
||||
host = self.urlMonitor.URLgetRealHost(str(headers['host']))
|
||||
logging.debug("[ClientRequest][HSTS] Modifing HOST header: %s -> %s" % (headers['host'], host))
|
||||
mitmf_logger.debug("[ClientRequest][HSTS] Modifing HOST header: %s -> %s" % (headers['host'], host))
|
||||
headers['host'] = host
|
||||
self.setHeader('Host', host)
|
||||
|
||||
if 'accept-encoding' in headers:
|
||||
del headers['accept-encoding']
|
||||
logging.debug("Zapped encoding")
|
||||
mitmf_logger.debug("Zapped encoding")
|
||||
|
||||
if 'if-modified-since' in headers:
|
||||
del headers['if-modified-since']
|
||||
|
|
@ -110,7 +111,7 @@ class ClientRequest(Request):
|
|||
return "lock.ico"
|
||||
|
||||
def handleHostResolvedSuccess(self, address):
|
||||
logging.debug("[ClientRequest] Resolved host successfully: %s -> %s" % (self.getHeader('host'), address))
|
||||
mitmf_logger.debug("[ClientRequest] Resolved host successfully: %s -> %s" % (self.getHeader('host'), address))
|
||||
host = self.getHeader("host")
|
||||
headers = self.cleanHeaders()
|
||||
client = self.getClientIP()
|
||||
|
|
@ -148,22 +149,22 @@ class ClientRequest(Request):
|
|||
self.dnsCache.cacheResolution(hostparts[0], address)
|
||||
|
||||
if (not self.cookieCleaner.isClean(self.method, client, host, headers)):
|
||||
logging.debug("Sending expired cookies...")
|
||||
mitmf_logger.debug("Sending expired cookies...")
|
||||
self.sendExpiredCookies(host, path, self.cookieCleaner.getExpireHeaders(self.method, client, host, headers, path))
|
||||
|
||||
elif (self.urlMonitor.isSecureFavicon(client, path)):
|
||||
logging.debug("Sending spoofed favicon response...")
|
||||
mitmf_logger.debug("Sending spoofed favicon response...")
|
||||
self.sendSpoofedFaviconResponse()
|
||||
|
||||
elif (self.urlMonitor.isSecureLink(client, url) or ('securelink' in headers)):
|
||||
if 'securelink' in headers:
|
||||
del headers['securelink']
|
||||
|
||||
logging.debug("Sending request via SSL...(%s %s)" % (client,url))
|
||||
mitmf_logger.debug("Sending request via SSL...(%s %s)" % (client,url))
|
||||
self.proxyViaSSL(address, self.method, path, postData, headers, self.urlMonitor.getSecurePort(client, url))
|
||||
|
||||
else:
|
||||
logging.debug("Sending request via HTTP...")
|
||||
mitmf_logger.debug("Sending request via HTTP...")
|
||||
#self.proxyViaHTTP(address, self.method, path, postData, headers)
|
||||
port = 80
|
||||
if len(hostparts) > 1:
|
||||
|
|
@ -182,14 +183,14 @@ class ClientRequest(Request):
|
|||
address = self.dnsCache.getCachedAddress(host)
|
||||
|
||||
if address != None:
|
||||
logging.debug("[ClientRequest] Host cached: %s %s" % (host, str(address)))
|
||||
mitmf_logger.debug("[ClientRequest] Host cached: %s %s" % (host, str(address)))
|
||||
return defer.succeed(address)
|
||||
else:
|
||||
logging.debug("[ClientRequest] Host not cached.")
|
||||
mitmf_logger.debug("[ClientRequest] Host not cached.")
|
||||
return reactor.resolve(host)
|
||||
|
||||
def process(self):
|
||||
logging.debug("[ClientRequest] Resolving host: %s" % (self.getHeader('host')))
|
||||
mitmf_logger.debug("[ClientRequest] Resolving host: %s" % (self.getHeader('host')))
|
||||
host = self.getHeader('host').split(":")[0]
|
||||
|
||||
if self.hsts:
|
||||
|
|
|
|||
|
|
@ -18,6 +18,8 @@
|
|||
|
||||
import logging
|
||||
|
||||
mitmf_logger = logging.getLogger('mitmf')
|
||||
|
||||
class DnsCache:
|
||||
|
||||
'''
|
||||
|
|
@ -49,7 +51,7 @@ class DnsCache:
|
|||
def setCustomRes(self, host, ip_address=None):
|
||||
if ip_address is not None:
|
||||
self.cache[host] = ip_address
|
||||
logging.debug("DNS entry set: %s -> %s" %(host, ip_address))
|
||||
mitmf_logger.debug("DNS entry set: %s -> %s" %(host, ip_address))
|
||||
else:
|
||||
if self.customAddress is not None:
|
||||
self.cache[host] = self.customAddress
|
||||
|
|
|
|||
|
|
@ -21,6 +21,8 @@ import logging, re, string
|
|||
from ServerConnection import ServerConnection
|
||||
from URLMonitor import URLMonitor
|
||||
|
||||
mitmf_logger = logging.getLogger('mitmf')
|
||||
|
||||
class SSLServerConnection(ServerConnection):
|
||||
|
||||
'''
|
||||
|
|
@ -55,11 +57,11 @@ class SSLServerConnection(ServerConnection):
|
|||
for v in values:
|
||||
if v[:7].lower()==' domain':
|
||||
dominio=v.split("=")[1]
|
||||
logging.debug("[SSLServerConnection][HSTS] Parsing cookie domain parameter: %s"%v)
|
||||
mitmf_logger.debug("[SSLServerConnection][HSTS] Parsing cookie domain parameter: %s"%v)
|
||||
real = self.urlMonitor.sustitucion
|
||||
if dominio in real:
|
||||
v=" Domain=%s"%real[dominio]
|
||||
logging.debug("[SSLServerConnection][HSTS] New cookie domain parameter: %s"%v)
|
||||
mitmf_logger.debug("[SSLServerConnection][HSTS] New cookie domain parameter: %s"%v)
|
||||
newvalues.append(v)
|
||||
value = ';'.join(newvalues)
|
||||
|
||||
|
|
@ -83,13 +85,13 @@ class SSLServerConnection(ServerConnection):
|
|||
if ((not link.startswith('http')) and (not link.startswith('/'))):
|
||||
absoluteLink = "http://"+self.headers['host']+self.stripFileFromPath(self.uri)+'/'+link
|
||||
|
||||
logging.debug("Found path-relative link in secure transmission: " + link)
|
||||
logging.debug("New Absolute path-relative link: " + absoluteLink)
|
||||
mitmf_logger.debug("Found path-relative link in secure transmission: " + link)
|
||||
mitmf_logger.debug("New Absolute path-relative link: " + absoluteLink)
|
||||
elif not link.startswith('http'):
|
||||
absoluteLink = "http://"+self.headers['host']+link
|
||||
|
||||
logging.debug("Found relative link in secure transmission: " + link)
|
||||
logging.debug("New Absolute link: " + absoluteLink)
|
||||
mitmf_logger.debug("Found relative link in secure transmission: " + link)
|
||||
mitmf_logger.debug("New Absolute link: " + absoluteLink)
|
||||
|
||||
if not absoluteLink == "":
|
||||
absoluteLink = absoluteLink.replace('&', '&')
|
||||
|
|
|
|||
|
|
@ -28,6 +28,8 @@ from twisted.web.http import HTTPClient
|
|||
from URLMonitor import URLMonitor
|
||||
from core.sergioproxy.ProxyPlugins import ProxyPlugins
|
||||
|
||||
mitmf_logger = logging.getLogger('mitmf')
|
||||
|
||||
class ServerConnection(HTTPClient):
|
||||
|
||||
''' The server connection is where we do the bulk of the stripping. Everything that
|
||||
|
|
@ -72,14 +74,14 @@ class ServerConnection(HTTPClient):
|
|||
except:
|
||||
self.clientInfo = "%s " % self.client.getClientIP()
|
||||
|
||||
logging.info(self.clientInfo + "Sending Request: %s" % self.headers['host'])
|
||||
mitmf_logger.info(self.clientInfo + "Sending Request: %s" % self.headers['host'])
|
||||
|
||||
self.plugins.hook()
|
||||
self.sendCommand(self.command, self.uri)
|
||||
|
||||
def sendHeaders(self):
|
||||
for header, value in self.headers.iteritems():
|
||||
logging.debug("Sending header: (%s => %s)" % (header, value))
|
||||
mitmf_logger.debug("Sending header: (%s => %s)" % (header, value))
|
||||
self.sendHeader(header, value)
|
||||
|
||||
self.endHeaders()
|
||||
|
|
@ -94,7 +96,7 @@ class ServerConnection(HTTPClient):
|
|||
self.transport.write(self.postData)
|
||||
|
||||
def connectionMade(self):
|
||||
logging.debug("HTTP connection made.")
|
||||
mitmf_logger.debug("HTTP connection made.")
|
||||
self.plugins.hook()
|
||||
self.sendRequest()
|
||||
self.sendHeaders()
|
||||
|
|
@ -103,11 +105,11 @@ class ServerConnection(HTTPClient):
|
|||
self.sendPostData()
|
||||
|
||||
def handleStatus(self, version, code, message):
|
||||
logging.debug("Got server response: %s %s %s" % (version, code, message))
|
||||
mitmf_logger.debug("Got server response: %s %s %s" % (version, code, message))
|
||||
self.client.setResponseCode(int(code), message)
|
||||
|
||||
def handleHeader(self, key, value):
|
||||
logging.debug("[ServerConnection] Receiving header: (%s => %s)" % (key, value))
|
||||
mitmf_logger.debug("[ServerConnection] Receiving header: (%s => %s)" % (key, value))
|
||||
|
||||
if (key.lower() == 'location'):
|
||||
value = self.replaceSecureLinks(value)
|
||||
|
|
@ -117,15 +119,15 @@ class ServerConnection(HTTPClient):
|
|||
if (key.lower() == 'content-type'):
|
||||
if (value.find('image') != -1):
|
||||
self.isImageRequest = True
|
||||
logging.debug("Response is image content, not scanning...")
|
||||
mitmf_logger.debug("Response is image content, not scanning...")
|
||||
|
||||
if (key.lower() == 'content-encoding'):
|
||||
if (value.find('gzip') != -1):
|
||||
logging.debug("Response is compressed...")
|
||||
mitmf_logger.debug("Response is compressed...")
|
||||
self.isCompressed = True
|
||||
|
||||
elif (key.lower()== 'strict-transport-security'):
|
||||
logging.info("%s Zapped a strict-trasport-security header" % self.client.getClientIP())
|
||||
mitmf_logger.info("%s Zapped a strict-trasport-security header" % self.client.getClientIP())
|
||||
|
||||
elif (key.lower() == 'content-length'):
|
||||
self.contentLength = value
|
||||
|
|
@ -162,10 +164,10 @@ class ServerConnection(HTTPClient):
|
|||
|
||||
def handleResponse(self, data):
|
||||
if (self.isCompressed):
|
||||
logging.debug("Decompressing content...")
|
||||
mitmf_logger.debug("Decompressing content...")
|
||||
data = gzip.GzipFile('', 'rb', 9, StringIO.StringIO(data)).read()
|
||||
|
||||
#logging.debug("Read from server:\n" + data)
|
||||
#mitmf_logger.debug("Read from server:\n" + data)
|
||||
|
||||
data = self.replaceSecureLinks(data)
|
||||
res = self.plugins.hook()
|
||||
|
|
@ -182,7 +184,7 @@ class ServerConnection(HTTPClient):
|
|||
try:
|
||||
self.shutdown()
|
||||
except:
|
||||
logging.info("Client connection dropped before request finished.")
|
||||
mitmf_logger.info("Client connection dropped before request finished.")
|
||||
|
||||
def replaceSecureLinks(self, data):
|
||||
if self.hsts:
|
||||
|
|
@ -198,9 +200,9 @@ class ServerConnection(HTTPClient):
|
|||
for match in iterator:
|
||||
url = match.group()
|
||||
|
||||
logging.debug("[ServerConnection] Found secure reference: " + url)
|
||||
mitmf_logger.debug("[ServerConnection] Found secure reference: " + url)
|
||||
nuevaurl=self.urlMonitor.addSecureLink(self.client.getClientIP(), url)
|
||||
logging.debug("[ServerConnection][HSTS] Replacing %s => %s"%(url,nuevaurl))
|
||||
mitmf_logger.debug("[ServerConnection][HSTS] Replacing %s => %s"%(url,nuevaurl))
|
||||
sustitucion[url] = nuevaurl
|
||||
#data.replace(url,nuevaurl)
|
||||
|
||||
|
|
@ -209,11 +211,11 @@ class ServerConnection(HTTPClient):
|
|||
dregex = re.compile("(%s)" % "|".join(map(re.escape, sustitucion.keys())))
|
||||
data = dregex.sub(lambda x: str(sustitucion[x.string[x.start() :x.end()]]), data)
|
||||
|
||||
#logging.debug("HSTS DEBUG received data:\n"+data)
|
||||
#mitmf_logger.debug("HSTS DEBUG received data:\n"+data)
|
||||
#data = re.sub(ServerConnection.urlExplicitPort, r'https://\1/', data)
|
||||
#data = re.sub(ServerConnection.urlTypewww, 'http://w', data)
|
||||
#if data.find("http://w.face")!=-1:
|
||||
# logging.debug("HSTS DEBUG Found error in modifications")
|
||||
# mitmf_logger.debug("HSTS DEBUG Found error in modifications")
|
||||
# raw_input("Press Enter to continue")
|
||||
#return re.sub(ServerConnection.urlType, 'http://web.', data)
|
||||
return data
|
||||
|
|
@ -225,7 +227,7 @@ class ServerConnection(HTTPClient):
|
|||
for match in iterator:
|
||||
url = match.group()
|
||||
|
||||
logging.debug("Found secure reference: " + url)
|
||||
mitmf_logger.debug("Found secure reference: " + url)
|
||||
|
||||
url = url.replace('https://', 'http://', 1)
|
||||
url = url.replace('&', '&')
|
||||
|
|
|
|||
|
|
@ -19,6 +19,8 @@
|
|||
import logging
|
||||
from twisted.internet.protocol import ClientFactory
|
||||
|
||||
mitmf_logger = logging.getLogger('mimtf')
|
||||
|
||||
class ServerConnectionFactory(ClientFactory):
|
||||
|
||||
def __init__(self, command, uri, postData, headers, client):
|
||||
|
|
@ -32,12 +34,12 @@ class ServerConnectionFactory(ClientFactory):
|
|||
return self.protocol(self.command, self.uri, self.postData, self.headers, self.client)
|
||||
|
||||
def clientConnectionFailed(self, connector, reason):
|
||||
logging.debug("Server connection failed.")
|
||||
mitmf_logger.debug("Server connection failed.")
|
||||
|
||||
destination = connector.getDestination()
|
||||
|
||||
if (destination.port != 443):
|
||||
logging.debug("Retrying via SSL")
|
||||
mitmf_logger.debug("Retrying via SSL")
|
||||
self.client.proxyViaSSL(self.headers['host'], self.command, self.uri, self.postData, self.headers, 443)
|
||||
else:
|
||||
try:
|
||||
|
|
|
|||
|
|
@ -19,6 +19,8 @@
|
|||
import re, os
|
||||
import logging
|
||||
|
||||
mitmf_logger = logging.getLogger('mimtf')
|
||||
|
||||
class URLMonitor:
|
||||
|
||||
'''
|
||||
|
|
@ -72,7 +74,7 @@ class URLMonitor:
|
|||
s.add(to_url)
|
||||
return
|
||||
url_set = set([from_url, to_url])
|
||||
logging.debug("[URLMonitor][AppCachePoison] Set redirection: %s" % url_set)
|
||||
mitmf_logger.debug("[URLMonitor][AppCachePoison] Set redirection: %s" % url_set)
|
||||
self.redirects.append(url_set)
|
||||
|
||||
def getRedirectionSet(self, url):
|
||||
|
|
@ -111,10 +113,10 @@ class URLMonitor:
|
|||
else:
|
||||
self.sustitucion[host] = "web"+host
|
||||
self.real["web"+host] = host
|
||||
logging.debug("[URLMonitor][HSTS] SSL host (%s) tokenized (%s)" % (host,self.sustitucion[host]) )
|
||||
mitmf_logger.debug("[URLMonitor][HSTS] SSL host (%s) tokenized (%s)" % (host,self.sustitucion[host]) )
|
||||
|
||||
url = 'http://' + host + path
|
||||
#logging.debug("HSTS stripped URL: %s %s"%(client, url))
|
||||
#mitmf_logger.debug("HSTS stripped URL: %s %s"%(client, url))
|
||||
|
||||
self.strippedURLs.add((client, url))
|
||||
self.strippedURLPorts[(client, url)] = int(port)
|
||||
|
|
@ -161,10 +163,10 @@ class URLMonitor:
|
|||
return ((self.faviconSpoofing == True) and (url.find("favicon-x-favicon-x.ico") != -1))
|
||||
|
||||
def URLgetRealHost(self, host):
|
||||
logging.debug("[URLMonitor][HSTS] Parsing host: %s"% host)
|
||||
mitmf_logger.debug("[URLMonitor][HSTS] Parsing host: %s"% host)
|
||||
if self.real.has_key(host):
|
||||
logging.debug("[URLMonitor][HSTS] Found host in list: %s"% self.real[host])
|
||||
mitmf_logger.debug("[URLMonitor][HSTS] Found host in list: %s"% self.real[host])
|
||||
return self.real[host]
|
||||
else:
|
||||
logging.debug("[URLMonitor][HSTS] Host not in list: %s"% host)
|
||||
mitmf_logger.debug("[URLMonitor][HSTS] Host not in list: %s"% host)
|
||||
return host
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue