diff --git a/caplets/http-req-dump.cap b/caplets/http-req-dump.cap index b8cde8fd..e2d21e71 100644 --- a/caplets/http-req-dump.cap +++ b/caplets/http-req-dump.cap @@ -14,8 +14,10 @@ set net.sniff.local true set net.sniff.filter tcp port 443 net.sniff on +set https.proxy.script caplets/http-req-dump.js set http.proxy.script caplets/http-req-dump.js clear http.proxy on +https.proxy on arp.spoof on diff --git a/main.go b/main.go index 69fb411d..e83e2f3c 100644 --- a/main.go +++ b/main.go @@ -31,7 +31,7 @@ func main() { sess.Register(modules.NewSniffer(sess)) sess.Register(modules.NewHttpServer(sess)) sess.Register(modules.NewHttpProxy(sess)) - // sess.Register(modules.NewHttpsProxy(sess)) + sess.Register(modules.NewHttpsProxy(sess)) sess.Register(modules.NewRestAPI(sess)) if err = sess.Start(); err != nil { diff --git a/modules/api_rest.go b/modules/api_rest.go index 4c377c09..6640809f 100644 --- a/modules/api_rest.go +++ b/modules/api_rest.go @@ -127,13 +127,13 @@ func (api *RestAPI) Configure() error { } if core.Exists(api.certFile) == false || core.Exists(api.keyFile) == false { - log.Info("Generating RSA key to %s", api.keyFile) + log.Info("Generating TLS key to %s", api.keyFile) log.Info("Generating TLS certificate to %s", api.certFile) if err := tls.Generate(api.certFile, api.keyFile); err != nil { return err } } else { - log.Info("Loading RSA key from %s", api.keyFile) + log.Info("Loading TLS key from %s", api.keyFile) log.Info("Loading TLS certificate from %s", api.certFile) } diff --git a/modules/http_proxy_base.go b/modules/http_proxy_base.go index b3b5903c..0b386733 100644 --- a/modules/http_proxy_base.go +++ b/modules/http_proxy_base.go @@ -20,19 +20,22 @@ type HTTPProxy struct { Redirection *firewall.Redirection Proxy *goproxy.ProxyHttpServer Script *ProxyScript + CertFile string + KeyFile string - s *session.Session + isTLS bool + sess *session.Session } func NewHTTPProxy(s *session.Session) *HTTPProxy { p := &HTTPProxy{ Proxy: goproxy.NewProxyHttpServer(), - s: s, + sess: s, + isTLS: false, } p.Proxy.NonproxyHandler = http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) { if p.doProxy(req) == true { - req.URL.Scheme = "http" req.URL.Host = req.Host p.Proxy.ServeHTTP(w, req) } @@ -65,7 +68,7 @@ func NewHTTPProxy(s *session.Session) *HTTPProxy { } func (p *HTTPProxy) logAction(req *http.Request, jsres *JSResponse) { - p.s.Events.Add("http.proxy.spoofed-response", struct { + p.sess.Events.Add("http.proxy.spoofed-response", struct { To string Method string Host string @@ -107,7 +110,7 @@ func (p *HTTPProxy) Configure(address string, proxyPort int, httpPort int, scrip p.Address = address if scriptPath != "" { - if err, p.Script = LoadProxyScript(scriptPath, p.s); err != nil { + if err, p.Script = LoadProxyScript(scriptPath, p.sess); err != nil { return err } else { log.Debug("Proxy script %s loaded.", scriptPath) @@ -119,18 +122,18 @@ func (p *HTTPProxy) Configure(address string, proxyPort int, httpPort int, scrip Handler: p.Proxy, } - if p.s.Firewall.IsForwardingEnabled() == false { + if p.sess.Firewall.IsForwardingEnabled() == false { log.Info("Enabling forwarding.") - p.s.Firewall.EnableForwarding(true) + p.sess.Firewall.EnableForwarding(true) } - p.Redirection = firewall.NewRedirection(p.s.Interface.Name(), + p.Redirection = firewall.NewRedirection(p.sess.Interface.Name(), "TCP", httpPort, p.Address, proxyPort) - if err := p.s.Firewall.EnableRedirection(p.Redirection, true); err != nil { + if err := p.sess.Firewall.EnableRedirection(p.Redirection, true); err != nil { return err } @@ -139,9 +142,30 @@ func (p *HTTPProxy) Configure(address string, proxyPort int, httpPort int, scrip return nil } +func (p *HTTPProxy) ConfigureTLS(address string, proxyPort int, httpPort int, scriptPath string, certFile string, keyFile string) error { + err := p.Configure(address, proxyPort, httpPort, scriptPath) + if err != nil { + return err + } + + p.isTLS = true + p.CertFile = certFile + p.KeyFile = keyFile + + return nil +} + func (p *HTTPProxy) Start() { go func() { - if err := p.Server.ListenAndServe(); err != nil { + var err error + + if p.isTLS == true { + err = p.Server.ListenAndServeTLS(p.CertFile, p.KeyFile) + } else { + err = p.Server.ListenAndServe() + } + + if err != nil { log.Warning("%s", err) } }() @@ -150,7 +174,7 @@ func (p *HTTPProxy) Start() { func (p *HTTPProxy) Stop() error { if p.Redirection != nil { log.Debug("Disabling redirection %s", p.Redirection.String()) - if err := p.s.Firewall.EnableRedirection(p.Redirection, false); err != nil { + if err := p.sess.Firewall.EnableRedirection(p.Redirection, false); err != nil { return err } p.Redirection = nil diff --git a/modules/https_proxy.go b/modules/https_proxy.go new file mode 100644 index 00000000..1133a368 --- /dev/null +++ b/modules/https_proxy.go @@ -0,0 +1,147 @@ +package modules + +import ( + "github.com/evilsocket/bettercap-ng/core" + "github.com/evilsocket/bettercap-ng/log" + "github.com/evilsocket/bettercap-ng/session" + "github.com/evilsocket/bettercap-ng/tls" +) + +type HttpsProxy struct { + session.SessionModule + proxy *HTTPProxy +} + +func NewHttpsProxy(s *session.Session) *HttpsProxy { + p := &HttpsProxy{ + SessionModule: session.NewSessionModule("https.proxy", s), + proxy: NewHTTPProxy(s), + } + + p.AddParam(session.NewIntParameter("https.port", + "443", + "HTTPS port to redirect when the proxy is activated.")) + + p.AddParam(session.NewStringParameter("https.proxy.address", + session.ParamIfaceAddress, + session.IPv4Validator, + "Address to bind the HTTPS proxy to.")) + + p.AddParam(session.NewIntParameter("https.proxy.port", + "8083", + "Port to bind the HTTPS proxy to.")) + + p.AddParam(session.NewStringParameter("https.proxy.certificate", + "~/.bcap-https.proxy.certificate.pem", + "", + "HTTPS proxy TLS certificate.")) + + p.AddParam(session.NewStringParameter("https.proxy.key", + "~/.bcap-https.proxy.key.pem", + "", + "HTTPS proxy TLS key")) + + p.AddParam(session.NewStringParameter("https.proxy.script", + "", + "", + "Path of a proxy JS script.")) + + p.AddHandler(session.NewModuleHandler("https.proxy on", "", + "Start HTTPS proxy.", + func(args []string) error { + return p.Start() + })) + + p.AddHandler(session.NewModuleHandler("https.proxy off", "", + "Stop HTTPS proxy.", + func(args []string) error { + return p.Stop() + })) + + return p +} + +func (p *HttpsProxy) Name() string { + return "https.proxy" +} + +func (p *HttpsProxy) Description() string { + return "A full featured HTTPS proxy that can be used to inject malicious contents into webpages, all HTTPS traffic will be redirected to it." +} + +func (p *HttpsProxy) Author() string { + return "Simone Margaritelli " +} + +func (p *HttpsProxy) Configure() error { + var err error + var address string + var proxyPort int + var httpPort int + var scriptPath string + var certFile string + var keyFile string + + if err, address = p.StringParam("https.proxy.address"); err != nil { + return err + } + + if err, proxyPort = p.IntParam("https.proxy.port"); err != nil { + return err + } + + if err, httpPort = p.IntParam("https.port"); err != nil { + return err + } + + if err, certFile = p.StringParam("https.proxy.certificate"); err != nil { + return err + } else if certFile, err = core.ExpandPath(certFile); err != nil { + return err + } + + if err, keyFile = p.StringParam("https.proxy.key"); err != nil { + return err + } else if keyFile, err = core.ExpandPath(keyFile); err != nil { + return err + } + + if err, scriptPath = p.StringParam("https.proxy.script"); err != nil { + return err + } + + if core.Exists(certFile) == false || core.Exists(keyFile) == false { + log.Info("Generating proxy TLS key to %s", keyFile) + log.Info("Generating proxy TLS certificate to %s", certFile) + if err := tls.Generate(certFile, keyFile); err != nil { + return err + } + } else { + log.Info("Loading proxy TLS key from %s", keyFile) + log.Info("Loading proxy TLS certificate from %s", certFile) + } + + return p.proxy.ConfigureTLS(address, proxyPort, httpPort, scriptPath, certFile, keyFile) +} + +func (p *HttpsProxy) Start() error { + if p.Running() == true { + return session.ErrAlreadyStarted + } else if err := p.Configure(); err != nil { + return err + } + + p.SetRunning(true) + p.proxy.Start() + + return nil +} + +func (p *HttpsProxy) Stop() error { + if p.Running() == false { + return session.ErrAlreadyStopped + } + p.SetRunning(false) + + return p.proxy.Stop() +}