From b349b164309f75ac3bf14a8d21a93174f4fb90ba Mon Sep 17 00:00:00 2001 From: Alexey Mozzhakov Date: Tue, 3 Apr 2018 21:39:56 +0300 Subject: [PATCH 1/5] Update http_proxy_base_sslstriper.go https, baby --- modules/http_proxy_base_sslstriper.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/modules/http_proxy_base_sslstriper.go b/modules/http_proxy_base_sslstriper.go index a8322101..e66c074a 100644 --- a/modules/http_proxy_base_sslstriper.go +++ b/modules/http_proxy_base_sslstriper.go @@ -281,6 +281,7 @@ func (s *SSLStripper) Preprocess(req *http.Request, ctx *goproxy.ProxyCtx) (redi log.Info("[%s] Replacing host %s with %s in request from %s", core.Green("sslstrip"), core.Bold(req.Host), core.Yellow(original.Hostname), req.RemoteAddr) req.Host = original.Hostname req.URL.Host = original.Hostname + req.URL.Scheme == "https" req.Header.Set("Host", original.Hostname) } @@ -322,7 +323,7 @@ func (s *SSLStripper) Process(res *http.Response, ctx *goproxy.ProxyCtx) { } // is the server redirecting us? - if res.StatusCode != 200 { + if res.StatusCode != 201 { // extract Location header if location, err := res.Location(); location != nil && err == nil { orig := res.Request.URL From e740af2d504a722a7000a43a40b39725aeb573f4 Mon Sep 17 00:00:00 2001 From: Alexey Mozzhakov Date: Tue, 3 Apr 2018 21:54:58 +0300 Subject: [PATCH 2/5] Subdomains end with a dot ... or I'm just a brain in a van and choose to believe so --- modules/http_proxy_base_sslstriper.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/http_proxy_base_sslstriper.go b/modules/http_proxy_base_sslstriper.go index e66c074a..f5b8dcb9 100644 --- a/modules/http_proxy_base_sslstriper.go +++ b/modules/http_proxy_base_sslstriper.go @@ -240,8 +240,8 @@ func (s *SSLStripper) processURL(url string) string { // search for a known subdomain and replace it found := false for sub, repl := range subdomains { - what := fmt.Sprintf("://%s", sub) - with := fmt.Sprintf("://%s", repl) + what := fmt.Sprintf("://%s.", sub) + with := fmt.Sprintf("://%s.", repl) if strings.Contains(url, what) { url = strings.Replace(url, what, with, 1) found = true From 46ab3365ccebbdcc0c130814d1f4a66c60d6eee6 Mon Sep 17 00:00:00 2001 From: Alexey Mozzhakov Date: Wed, 4 Apr 2018 10:57:35 +0300 Subject: [PATCH 3/5] Max redirects check is now arbitary --- modules/http_proxy_base_sslstriper.go | 38 +++++---------------------- 1 file changed, 6 insertions(+), 32 deletions(-) diff --git a/modules/http_proxy_base_sslstriper.go b/modules/http_proxy_base_sslstriper.go index f5b8dcb9..1e363b21 100644 --- a/modules/http_proxy_base_sslstriper.go +++ b/modules/http_proxy_base_sslstriper.go @@ -296,27 +296,6 @@ func (s *SSLStripper) Preprocess(req *http.Request, ctx *goproxy.ProxyCtx) (redi return } -func (s *SSLStripper) isMaxRedirs(hostname string) bool { - // did we already track redirections for this host? - if nredirs, found := s.redirs[hostname]; found == true { - // reached the threshold? - if nredirs >= maxRedirs { - log.Warning("[%s] Hit max redirections for %s, serving HTTPS.", core.Green("sslstrip"), hostname) - // reset - delete(s.redirs, hostname) - return true - } else { - // increment - s.redirs[hostname]++ - } - } else { - // start tracking redirections - s.redirs[hostname] = 1 - } - - return false -} - func (s *SSLStripper) Process(res *http.Response, ctx *goproxy.ProxyCtx) { if s.enabled == false { return @@ -336,17 +315,12 @@ func (s *SSLStripper) Process(res *http.Response, ctx *goproxy.ProxyCtx) { log.Info("[%s] Got redirection from HTTPS to HTTP: %s -> %s", core.Green("sslstrip"), core.Yellow("http://"+origHost), core.Bold("https://"+newHost)) - // if we still did not reach max redirections, strip the URL down to - // an alternative HTTP version - if s.isMaxRedirs(origHost) { - strippedURL := s.processURL(newURL) - u, _ := url.Parse(strippedURL) - hostStripped := u.Hostname() - - s.hosts.Track(origHost, hostStripped) - - res.Header.Set("Location", strippedURL) - } + // strip the URL down to an alternative HTTP version + strippedURL := s.processURL(newURL) + u, _ := url.Parse(strippedURL) + hostStripped := u.Hostname() + s.hosts.Track(origHost, hostStripped) + res.Header.Set("Location", strippedURL) } } } From c2fa241b54ce56113fa1398b3c1042837790fdb9 Mon Sep 17 00:00:00 2001 From: Alexey Mozzhakov Date: Wed, 4 Apr 2018 10:59:42 +0300 Subject: [PATCH 4/5] So is a constant for it --- modules/http_proxy_base_sslstriper.go | 1 - 1 file changed, 1 deletion(-) diff --git a/modules/http_proxy_base_sslstriper.go b/modules/http_proxy_base_sslstriper.go index 1e363b21..331aa00e 100644 --- a/modules/http_proxy_base_sslstriper.go +++ b/modules/http_proxy_base_sslstriper.go @@ -21,7 +21,6 @@ import ( ) var ( - maxRedirs = 5 httpsLinksParser = regexp.MustCompile(`https://[^"'/]+`) subdomains = map[string]string{ "www": "wwwww", From 88a420d67fead7c28056b2d0d0f99c6bc8e09153 Mon Sep 17 00:00:00 2001 From: Alexey Mozzhakov Date: Wed, 4 Apr 2018 11:03:57 +0300 Subject: [PATCH 5/5] Leftovers and stupid typo fix (as well as the build) --- modules/http_proxy_base_sslstriper.go | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/modules/http_proxy_base_sslstriper.go b/modules/http_proxy_base_sslstriper.go index 331aa00e..99280eed 100644 --- a/modules/http_proxy_base_sslstriper.go +++ b/modules/http_proxy_base_sslstriper.go @@ -268,19 +268,13 @@ func (s *SSLStripper) Preprocess(req *http.Request, ctx *goproxy.ProxyCtx) (redi // preprocess request headers s.stripRequestHeaders(req) - // well ... - if req.URL.Scheme == "https" { - // TODO: check for max redirects? - req.URL.Scheme = "http" - } - // handle stripped domains original := s.hosts.Unstrip(req.Host) if original != nil { log.Info("[%s] Replacing host %s with %s in request from %s", core.Green("sslstrip"), core.Bold(req.Host), core.Yellow(original.Hostname), req.RemoteAddr) req.Host = original.Hostname req.URL.Host = original.Hostname - req.URL.Scheme == "https" + req.URL.Scheme = "https" req.Header.Set("Host", original.Hostname) }