mirror of
https://github.com/bettercap/bettercap
synced 2025-07-16 10:03:39 -07:00
Remove proxy-side TLD spoofing.
This commit is contained in:
buffermet
parent
69715137da
commit
3a2db2918a
4 changed files with 14 additions and 55 deletions
|
|
@ -54,10 +54,6 @@ func NewHttpProxy(s *session.Session) *HttpProxy {
|
||||||
"false",
|
"false",
|
||||||
"Enable or disable SSL stripping."))
|
"Enable or disable SSL stripping."))
|
||||||
|
|
||||||
mod.AddParam(session.NewBoolParameter("http.proxy.sslstrip.useIDN",
|
|
||||||
"false",
|
|
||||||
"Use an Internationalized Domain Name to bypass HSTS. Otherwise, double the last TLD's character"))
|
|
||||||
|
|
||||||
mod.AddHandler(session.NewModuleHandler("http.proxy on", "",
|
mod.AddHandler(session.NewModuleHandler("http.proxy on", "",
|
||||||
"Start HTTP proxy.",
|
"Start HTTP proxy.",
|
||||||
func(args []string) error {
|
func(args []string) error {
|
||||||
|
|
@ -95,7 +91,6 @@ func (mod *HttpProxy) Configure() error {
|
||||||
var doRedirect bool
|
var doRedirect bool
|
||||||
var scriptPath string
|
var scriptPath string
|
||||||
var stripSSL bool
|
var stripSSL bool
|
||||||
var useIDN bool
|
|
||||||
var jsToInject string
|
var jsToInject string
|
||||||
var blacklist string
|
var blacklist string
|
||||||
var whitelist string
|
var whitelist string
|
||||||
|
|
@ -114,8 +109,6 @@ func (mod *HttpProxy) Configure() error {
|
||||||
return err
|
return err
|
||||||
} else if err, stripSSL = mod.BoolParam("http.proxy.sslstrip"); err != nil {
|
} else if err, stripSSL = mod.BoolParam("http.proxy.sslstrip"); err != nil {
|
||||||
return err
|
return err
|
||||||
} else if err, useIDN = mod.BoolParam("http.proxy.sslstrip.useIDN"); err != nil {
|
|
||||||
return err
|
|
||||||
} else if err, jsToInject = mod.StringParam("http.proxy.injectjs"); err != nil {
|
} else if err, jsToInject = mod.StringParam("http.proxy.injectjs"); err != nil {
|
||||||
return err
|
return err
|
||||||
} else if err, blacklist = mod.StringParam("http.proxy.blacklist"); err != nil {
|
} else if err, blacklist = mod.StringParam("http.proxy.blacklist"); err != nil {
|
||||||
|
|
@ -127,7 +120,7 @@ func (mod *HttpProxy) Configure() error {
|
||||||
mod.proxy.Blacklist = str.Comma(blacklist)
|
mod.proxy.Blacklist = str.Comma(blacklist)
|
||||||
mod.proxy.Whitelist = str.Comma(whitelist)
|
mod.proxy.Whitelist = str.Comma(whitelist)
|
||||||
|
|
||||||
error := mod.proxy.Configure(address, proxyPort, httpPort, doRedirect, scriptPath, jsToInject, stripSSL, useIDN)
|
error := mod.proxy.Configure(address, proxyPort, httpPort, doRedirect, scriptPath, jsToInject, stripSSL)
|
||||||
|
|
||||||
// save stripper to share it with other http(s) proxies
|
// save stripper to share it with other http(s) proxies
|
||||||
mod.State.Store("stripper", mod.proxy.Stripper)
|
mod.State.Store("stripper", mod.proxy.Stripper)
|
||||||
|
|
|
||||||
|
|
@ -77,7 +77,7 @@ func NewHTTPProxy(s *session.Session, tag string) *HTTPProxy {
|
||||||
Name: "http.proxy",
|
Name: "http.proxy",
|
||||||
Proxy: goproxy.NewProxyHttpServer(),
|
Proxy: goproxy.NewProxyHttpServer(),
|
||||||
Sess: s,
|
Sess: s,
|
||||||
Stripper: NewSSLStripper(s, false, false),
|
Stripper: NewSSLStripper(s, false),
|
||||||
isTLS: false,
|
isTLS: false,
|
||||||
doRedirect: true,
|
doRedirect: true,
|
||||||
Server: nil,
|
Server: nil,
|
||||||
|
|
@ -170,7 +170,7 @@ func (p *HTTPProxy) shouldProxy(req *http.Request) bool {
|
||||||
}
|
}
|
||||||
|
|
||||||
func (p *HTTPProxy) Configure(address string, proxyPort int, httpPort int, doRedirect bool, scriptPath string,
|
func (p *HTTPProxy) Configure(address string, proxyPort int, httpPort int, doRedirect bool, scriptPath string,
|
||||||
jsToInject string, stripSSL bool, useIDN bool) error {
|
jsToInject string, stripSSL bool) error {
|
||||||
var err error
|
var err error
|
||||||
|
|
||||||
// check if another http(s) proxy is using sslstrip and merge strippers
|
// check if another http(s) proxy is using sslstrip and merge strippers
|
||||||
|
|
@ -192,7 +192,7 @@ func (p *HTTPProxy) Configure(address string, proxyPort int, httpPort int, doRed
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
p.Stripper.Enable(stripSSL, useIDN)
|
p.Stripper.Enable(stripSSL)
|
||||||
p.Address = address
|
p.Address = address
|
||||||
p.doRedirect = doRedirect
|
p.doRedirect = doRedirect
|
||||||
p.jsHook = ""
|
p.jsHook = ""
|
||||||
|
|
@ -297,8 +297,8 @@ func (p *HTTPProxy) TLSConfigFromCA(ca *tls.Certificate) func(host string, ctx *
|
||||||
|
|
||||||
func (p *HTTPProxy) ConfigureTLS(address string, proxyPort int, httpPort int, doRedirect bool, scriptPath string,
|
func (p *HTTPProxy) ConfigureTLS(address string, proxyPort int, httpPort int, doRedirect bool, scriptPath string,
|
||||||
certFile string,
|
certFile string,
|
||||||
keyFile string, jsToInject string, stripSSL bool, useIDN bool) (err error) {
|
keyFile string, jsToInject string, stripSSL bool) (err error) {
|
||||||
if err = p.Configure(address, proxyPort, httpPort, doRedirect, scriptPath, jsToInject, stripSSL, useIDN); err != nil {
|
if err = p.Configure(address, proxyPort, httpPort, doRedirect, scriptPath, jsToInject, stripSSL); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -30,7 +30,6 @@ var (
|
||||||
|
|
||||||
type SSLStripper struct {
|
type SSLStripper struct {
|
||||||
enabled bool
|
enabled bool
|
||||||
useIDN bool
|
|
||||||
session *session.Session
|
session *session.Session
|
||||||
cookies *CookieTracker
|
cookies *CookieTracker
|
||||||
hosts *HostTracker
|
hosts *HostTracker
|
||||||
|
|
@ -38,16 +37,15 @@ type SSLStripper struct {
|
||||||
pktSourceChan chan gopacket.Packet
|
pktSourceChan chan gopacket.Packet
|
||||||
}
|
}
|
||||||
|
|
||||||
func NewSSLStripper(s *session.Session, enabled bool, useIDN bool) *SSLStripper {
|
func NewSSLStripper(s *session.Session, enabled bool) *SSLStripper {
|
||||||
strip := &SSLStripper{
|
strip := &SSLStripper{
|
||||||
enabled: false,
|
enabled: false,
|
||||||
useIDN: false,
|
|
||||||
cookies: NewCookieTracker(),
|
cookies: NewCookieTracker(),
|
||||||
hosts: NewHostTracker(),
|
hosts: NewHostTracker(),
|
||||||
session: s,
|
session: s,
|
||||||
handle: nil,
|
handle: nil,
|
||||||
}
|
}
|
||||||
strip.Enable(enabled, useIDN)
|
strip.Enable(enabled)
|
||||||
return strip
|
return strip
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -79,9 +77,8 @@ func (s *SSLStripper) onPacket(pkt gopacket.Packet) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *SSLStripper) Enable(enabled bool, useIDN bool) {
|
func (s *SSLStripper) Enable(enabled bool) {
|
||||||
s.enabled = enabled
|
s.enabled = enabled
|
||||||
s.useIDN = useIDN
|
|
||||||
|
|
||||||
if enabled && s.handle == nil {
|
if enabled && s.handle == nil {
|
||||||
var err error
|
var err error
|
||||||
|
|
@ -127,32 +124,8 @@ func (s *SSLStripper) isContentStrippable(res *http.Response) bool {
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *SSLStripper) processURL(url string) string {
|
func (s *SSLStripper) stripURL(url string) string {
|
||||||
// first we remove the https schema
|
return strings.Replace(url, "https://", "http://", 1)
|
||||||
url = url[8:]
|
|
||||||
|
|
||||||
// search the first instance of "/"
|
|
||||||
iEndHost := strings.Index(url, "/")
|
|
||||||
if iEndHost == -1 {
|
|
||||||
iEndHost = len(url)
|
|
||||||
}
|
|
||||||
// search if port is specified
|
|
||||||
iPort := strings.Index(url[:iEndHost], ":")
|
|
||||||
if iPort == -1 {
|
|
||||||
iPort = iEndHost
|
|
||||||
}
|
|
||||||
if s.useIDN {
|
|
||||||
// add an international character to the domain name & strip HTTPS port (if any)
|
|
||||||
url = url[:iPort] + "ノ" + url[iEndHost:]
|
|
||||||
} else {
|
|
||||||
// double the last TLD's character & strip HTTPS port (if any)
|
|
||||||
url = url[:iPort] + string(url[iPort-1]) + url[iEndHost:]
|
|
||||||
}
|
|
||||||
|
|
||||||
// finally we add the http schema
|
|
||||||
url = "http://" + url
|
|
||||||
|
|
||||||
return url
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// sslstrip preprocessing, takes care of:
|
// sslstrip preprocessing, takes care of:
|
||||||
|
|
@ -253,7 +226,7 @@ func (s *SSLStripper) Process(res *http.Response, ctx *goproxy.ProxyCtx) {
|
||||||
log.Info("[%s] Got redirection from HTTP to HTTPS: %s -> %s", tui.Green("sslstrip"), tui.Yellow("http://"+origHost), tui.Bold("https://"+newHost))
|
log.Info("[%s] Got redirection from HTTP to HTTPS: %s -> %s", tui.Green("sslstrip"), tui.Yellow("http://"+origHost), tui.Bold("https://"+newHost))
|
||||||
|
|
||||||
// strip the URL down to an alternative HTTP version and save it to an ASCII Internationalized Domain Name
|
// strip the URL down to an alternative HTTP version and save it to an ASCII Internationalized Domain Name
|
||||||
strippedURL := s.processURL(newURL)
|
strippedURL := s.stripURL(newURL)
|
||||||
parsed, _ := url.Parse(strippedURL)
|
parsed, _ := url.Parse(strippedURL)
|
||||||
hostStripped := parsed.Hostname()
|
hostStripped := parsed.Hostname()
|
||||||
hostStripped, _ = idna.ToASCII(hostStripped)
|
hostStripped, _ = idna.ToASCII(hostStripped)
|
||||||
|
|
@ -280,7 +253,7 @@ func (s *SSLStripper) Process(res *http.Response, ctx *goproxy.ProxyCtx) {
|
||||||
// make sure we only strip valid URLs
|
// make sure we only strip valid URLs
|
||||||
if parsed, _ := url.Parse(u); parsed != nil {
|
if parsed, _ := url.Parse(u); parsed != nil {
|
||||||
// strip the URL down to an alternative HTTP version
|
// strip the URL down to an alternative HTTP version
|
||||||
urls[u] = s.processURL(u)
|
urls[u] = s.stripURL(u)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -41,10 +41,6 @@ func NewHttpsProxy(s *session.Session) *HttpsProxy {
|
||||||
"false",
|
"false",
|
||||||
"Enable or disable SSL stripping."))
|
"Enable or disable SSL stripping."))
|
||||||
|
|
||||||
mod.AddParam(session.NewBoolParameter("https.proxy.sslstrip.useIDN",
|
|
||||||
"false",
|
|
||||||
"Use an Internationalized Domain Name to bypass HSTS. Otherwise, double the last TLD's character"))
|
|
||||||
|
|
||||||
mod.AddParam(session.NewStringParameter("https.proxy.injectjs",
|
mod.AddParam(session.NewStringParameter("https.proxy.injectjs",
|
||||||
"",
|
"",
|
||||||
"",
|
"",
|
||||||
|
|
@ -112,7 +108,6 @@ func (mod *HttpsProxy) Configure() error {
|
||||||
var certFile string
|
var certFile string
|
||||||
var keyFile string
|
var keyFile string
|
||||||
var stripSSL bool
|
var stripSSL bool
|
||||||
var useIDN bool
|
|
||||||
var jsToInject string
|
var jsToInject string
|
||||||
var whitelist string
|
var whitelist string
|
||||||
var blacklist string
|
var blacklist string
|
||||||
|
|
@ -129,8 +124,6 @@ func (mod *HttpsProxy) Configure() error {
|
||||||
return err
|
return err
|
||||||
} else if err, stripSSL = mod.BoolParam("https.proxy.sslstrip"); err != nil {
|
} else if err, stripSSL = mod.BoolParam("https.proxy.sslstrip"); err != nil {
|
||||||
return err
|
return err
|
||||||
} else if err, useIDN = mod.BoolParam("https.proxy.sslstrip.useIDN"); err != nil {
|
|
||||||
return err
|
|
||||||
} else if err, certFile = mod.StringParam("https.proxy.certificate"); err != nil {
|
} else if err, certFile = mod.StringParam("https.proxy.certificate"); err != nil {
|
||||||
return err
|
return err
|
||||||
} else if certFile, err = fs.Expand(certFile); err != nil {
|
} else if certFile, err = fs.Expand(certFile); err != nil {
|
||||||
|
|
@ -170,7 +163,7 @@ func (mod *HttpsProxy) Configure() error {
|
||||||
}
|
}
|
||||||
|
|
||||||
error := mod.proxy.ConfigureTLS(address, proxyPort, httpPort, doRedirect, scriptPath, certFile, keyFile, jsToInject,
|
error := mod.proxy.ConfigureTLS(address, proxyPort, httpPort, doRedirect, scriptPath, certFile, keyFile, jsToInject,
|
||||||
stripSSL, useIDN)
|
stripSSL)
|
||||||
|
|
||||||
// save stripper to share it with other http(s) proxies
|
// save stripper to share it with other http(s) proxies
|
||||||
mod.State.Store("stripper", mod.proxy.Stripper)
|
mod.State.Store("stripper", mod.proxy.Stripper)
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue