session hijack plugin 50% done

2025-07-08 05:51:48 -07:00 · 2014-11-28 23:37:11 +01:00 · 2014-11-28 23:37:11 +01:00 · fcbc2254bd
commit fcbc2254bd
parent e4cf519356
6 changed files with 68 additions and 21 deletions
--- a/sslstrip/ServerConnection.py
+++ b/sslstrip/ServerConnection.py
@ -54,7 +54,11 @@ class ServerConnection(HTTPClient):

    def sendRequest(self):
        if self.command == 'GET':
-            logging.info("%s Sending Request: %s %s %s"  % (self.client.getClientIP(), self.command, self.headers['host'], self.headers['user-agent']))
+            message = "%s Sending Request: %s"  % (self.client.getClientIP(), self.headers['host'])
+            if self.urlMonitor.isClientLogging() is True:
+                self.urlMonitor.writeClientLog(self.client, self.headers, message)
+            else:
+                logging.info(message)
        self.plugins.hook()
        self.sendCommand(self.command, self.uri)

@ -71,7 +75,11 @@ class ServerConnection(HTTPClient):
        elif 'keylog' in self.uri:
            self.plugins.hook()
        else:
-            logging.warning("%s %s Data (%s):\n%s" % (self.client.getClientIP(),self.getPostPrefix(),self.headers['host'],self.postData))
+            message = "%s %s Data (%s):\n%s" % (self.client.getClientIP(),self.getPostPrefix(),self.headers['host'],self.postData)
+            if self.urlMonitor.isClientLogging() is True:
+                self.urlMonitor.writeClientLog(self.client, self.headers, message)
+            else:
+                logging.warning(message)
            self.transport.write(self.postData)

    def connectionMade(self):
@ -88,6 +96,8 @@ class ServerConnection(HTTPClient):
        self.client.setResponseCode(int(code), message)

    def handleHeader(self, key, value):
+        self.plugins.hook()
+
        if (key.lower() == 'location'):
            value = self.replaceSecureLinks(value)

@ -100,6 +110,7 @@ class ServerConnection(HTTPClient):
            if (value.find('gzip') != -1):
                logging.debug("Response is compressed...")
                self.isCompressed = True
+        
        #if (key.lower() == 'strict-transport-security'):
        #    value = 'max-age=0'

@ -110,8 +121,6 @@ class ServerConnection(HTTPClient):
        else:
            self.client.setHeader(key, value)

-        self.plugins.hook()
-
    def handleEndHeaders(self):
       if (self.isImageRequest and self.contentLength != None):
           self.client.setHeader("Content-Length", self.contentLength)