github/bettercap
1
0
Fork 0
mirror of https://github.com/bettercap/bettercap synced 2025-08-22 06:23:18 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Removed default behavior for domain stripping

Browse source
This commit is contained in:
Petitoto 2020-09-26 22:36:42 +02:00
commit 8357b266a3
3 changed files with 6 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

2
modules/http_proxy/http_proxy.go
View file

@ -56,7 +56,7 @@ func NewHttpProxy(s *session.Session) *HttpProxy {
mod.AddParam(session.NewStringParameter("http.proxy.sslstrip.replacements", mod.AddParam(session.NewStringParameter("http.proxy.sslstrip.replacements",
"*.com:*.corn *.net:*.nel *.org:*.orq", "(.*:.*\\s*$)+", "*.com:*.corn *.net:*.nel *.org:*.orq", "(.*:.*\\s*$)+",
"Space separated list of '<original_domain>:<stripped_domain>', and ordered by priority. Use '*' for any characters. Internationalized Domain Names are allowed. If the domain to strip isn't found in this parameter, the last char of the top-level domain will be duplicated.")) "Space separated list of '<original_domain>:<stripped_domain>', and ordered by priority. Use '*' for any characters. Internationalized Domain Names are allowed."))
mod.AddHandler(session.NewModuleHandler("http.proxy on", "", mod.AddHandler(session.NewModuleHandler("http.proxy on", "",
"Start HTTP proxy.", "Start HTTP proxy.",

12
modules/http_proxy/http_proxy_base_sslstriper.go
View file

@ -142,7 +142,7 @@ func (s *SSLStripper) processURL(url string) string {
iPort = iEndHost iPort = iEndHost
} }
// search for domain's part to replace according to the settings // search for domain's part to replace according to the settings
replaceto := "" replaceto := url[:iPort]
for _, r := range strings.Fields(s.replacements) { for _, r := range strings.Fields(s.replacements) {
rep := strings.Split(r, ":") rep := strings.Split(r, ":")
replacer := regexp.MustCompile("(?i)^" + strings.ReplaceAll(regexp.QuoteMeta(rep[0]), "\\*", "(.+)") + "$") //allow using * to designate any existing character + case insensitive replacer := regexp.MustCompile("(?i)^" + strings.ReplaceAll(regexp.QuoteMeta(rep[0]), "\\*", "(.+)") + "$") //allow using * to designate any existing character + case insensitive
@ -159,13 +159,9 @@ func (s *SSLStripper) processURL(url string) string {
break break
} }
} }
if len(replaceto) != 0 {
// replace domain according to the settings & strip HTTPS port (if any) // replace domain according to the settings & strip HTTPS port (if any)
url = replaceto + url[iEndHost:] url = replaceto + url[iEndHost:]
} else {
// double the last TLD's character & strip HTTPS port (if any)
url = url[:iPort] + string(url[iPort-1]) + url[iEndHost:]
}
// finally we add the http schema // finally we add the http schema
url = "http://" + url url = "http://" + url

2
modules/https_proxy/https_proxy.go
View file

@ -43,7 +43,7 @@ func NewHttpsProxy(s *session.Session) *HttpsProxy {
mod.AddParam(session.NewStringParameter("https.proxy.sslstrip.replacements", mod.AddParam(session.NewStringParameter("https.proxy.sslstrip.replacements",
"*.com:*.corn *.net:*.nel *.org:*.orq", "(.*:.*\\s*$)+", "*.com:*.corn *.net:*.nel *.org:*.orq", "(.*:.*\\s*$)+",
"Space separated list of '<original_domain>:<stripped_domain>', and ordered by priority. Use '*' for any characters. You can use Internationalized Domain Names. If the domain to strip isn't found in this parameter, the last char of the top-level domain will be duplicated.")) "Space separated list of '<original_domain>:<stripped_domain>', and ordered by priority. Use '*' for any characters. You can use Internationalized Domain Names."))
mod.AddParam(session.NewStringParameter("https.proxy.injectjs", mod.AddParam(session.NewStringParameter("https.proxy.injectjs",
"", "",