github/bettercap
1
0
Fork 0
mirror of https://github.com/bettercap/bettercap synced 2025-08-20 05:23:19 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

still working on #154

Browse source
This commit is contained in:
evilsocket 2018-03-08 18:13:45 +01:00
commit 2d53890501
No known key found for this signature in database
GPG key ID: 1564D7F30393A456
3 changed files with 70 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

13
modules/http_proxy_base.go
View file

@ -42,7 +42,7 @@ type HTTPProxy struct {
isTLS bool isTLS bool
isRunning bool isRunning bool
stripSSL bool stripper *SSLStripper
sniListener net.Listener sniListener net.Listener
sess *session.Session sess *session.Session
} }
@ -60,8 +60,8 @@ func NewHTTPProxy(s *session.Session) *HTTPProxy {
Name: "http.proxy", Name: "http.proxy",
Proxy: goproxy.NewProxyHttpServer(), Proxy: goproxy.NewProxyHttpServer(),
sess: s, sess: s,
stripper: NewSSLStripper(false),
isTLS: false, isTLS: false,
stripSSL: true,
Server: nil, Server: nil,
} }
@ -109,7 +109,7 @@ func (p *HTTPProxy) doProxy(req *http.Request) bool {
func (p *HTTPProxy) Configure(address string, proxyPort int, httpPort int, scriptPath string, stripSSL bool) error { func (p *HTTPProxy) Configure(address string, proxyPort int, httpPort int, scriptPath string, stripSSL bool) error {
var err error var err error
p.stripSSL = stripSSL p.stripper.Enabled = stripSSL
p.Address = address p.Address = address
if scriptPath != "" { if scriptPath != "" {
@ -295,6 +295,13 @@ func (p *HTTPProxy) Start() {
go func() { go func() {
var err error var err error
strip := core.Yellow("enabled")
if p.stripper.Enabled == false {
strip = core.Dim("disabled")
}
log.Info("%s started on %s (sslstrip %s)", core.Green(p.Name), p.Server.Addr, strip)
if p.isTLS == true { if p.isTLS == true {
err = p.httpsWorker() err = p.httpsWorker()
} else { } else {

12
modules/http_proxy_base_filters.go
View file

@ -18,6 +18,18 @@ func (p *HTTPProxy) onRequestFilter(req *http.Request, ctx *goproxy.ProxyCtx) (*
return req, nil return req, nil
} }
// sslstrip preprocessing, takes care of:
//
// - patching / removing security related headers
// - making unknown session cookies expire
// - handling stripped domains
redir := p.stripper.Preprocess(req, ctx)
if redir != nil {
// we need to redirect the user in order to make
// some session cookie expire
return req, redir
}
// run the module OnRequest callback if defined // run the module OnRequest callback if defined
jsreq, jsres := p.Script.OnRequest(req) jsreq, jsres := p.Script.OnRequest(req)
if jsreq != nil { if jsreq != nil {

48
modules/http_proxy_base_sslstriper.go Normal file
View file

@ -0,0 +1,48 @@
package modules
import (
"net/http"
"sync"
// "strings"
// "github.com/bettercap/bettercap/core"
// "github.com/bettercap/bettercap/log"
"github.com/elazarl/goproxy"
)
type cookieTracker struct {
sync.RWMutex
set map[string]string
}
func NewCookieTracker() *cookieTracker {
return &cookieTracker{
set: make(map[string]string),
}
}
type SSLStripper struct {
Enabled bool
cookies *cookieTracker
}
func NewSSLStripper(enabled bool) *SSLStripper {
return &SSLStripper{
Enabled: enabled,
cookies: NewCookieTracker(),
}
}
// sslstrip preprocessing, takes care of:
//
// - patching / removing security related headers
// - making unknown session cookies expire
// - handling stripped domains
func (s *SSLStripper) Preprocess(req *http.Request, ctx *goproxy.ProxyCtx) (redir *http.Response) {
if s.Enabled == false {
return
}
return
}