package https_proxy import ( "github.com/bettercap/bettercap/modules/http_proxy" "github.com/bettercap/bettercap/session" "github.com/bettercap/bettercap/tls" "github.com/evilsocket/islazy/fs" ) type HttpsProxy struct { session.SessionModule proxy *http_proxy.HTTPProxy } func NewHttpsProxy(s *session.Session) *HttpsProxy { mod := &HttpsProxy{ SessionModule: session.NewSessionModule("https.proxy", s), proxy: http_proxy.NewHTTPProxy(s), } mod.AddParam(session.NewIntParameter("https.port", "443", "HTTPS port to redirect when the proxy is activated.")) mod.AddParam(session.NewStringParameter("https.proxy.address", session.ParamIfaceAddress, session.IPv4Validator, "Address to bind the HTTPS proxy to.")) mod.AddParam(session.NewIntParameter("https.proxy.port", "8083", "Port to bind the HTTPS proxy to.")) mod.AddParam(session.NewBoolParameter("https.proxy.sslstrip", "false", "Enable or disable SSL stripping.")) mod.AddParam(session.NewStringParameter("https.proxy.injectjs", "", "", "URL, path or javascript code to inject into every HTML page.")) mod.AddParam(session.NewStringParameter("https.proxy.certificate", "~/.bettercap-ca.cert.pem", "", "HTTPS proxy certification authority TLS certificate file.")) mod.AddParam(session.NewStringParameter("https.proxy.key", "~/.bettercap-ca.key.pem", "", "HTTPS proxy certification authority TLS key file.")) tls.CertConfigToModule("https.proxy", &mod.SessionModule, tls.DefaultSpoofConfig) mod.AddParam(session.NewStringParameter("https.proxy.script", "", "", "Path of a proxy JS script.")) mod.AddHandler(session.NewModuleHandler("https.proxy on", "", "Start HTTPS proxy.", func(args []string) error { return mod.Start() })) mod.AddHandler(session.NewModuleHandler("https.proxy off", "", "Stop HTTPS proxy.", func(args []string) error { return mod.Stop() })) return mod } func (mod *HttpsProxy) Name() string { return "https.proxy" } func (mod *HttpsProxy) Description() string { return "A full featured HTTPS proxy that can be used to inject malicious contents into webpages, all HTTPS traffic will be redirected to it." } func (mod *HttpsProxy) Author() string { return "Simone Margaritelli " } func (mod *HttpsProxy) Configure() error { var err error var address string var proxyPort int var httpPort int var scriptPath string var certFile string var keyFile string var stripSSL bool var jsToInject string if mod.Running() { return session.ErrAlreadyStarted } else if err, address = mod.StringParam("https.proxy.address"); err != nil { return err } else if err, proxyPort = mod.IntParam("https.proxy.port"); err != nil { return err } else if err, httpPort = mod.IntParam("https.port"); err != nil { return err } else if err, stripSSL = mod.BoolParam("https.proxy.sslstrip"); err != nil { return err } else if err, certFile = mod.StringParam("https.proxy.certificate"); err != nil { return err } else if certFile, err = fs.Expand(certFile); err != nil { return err } else if err, keyFile = mod.StringParam("https.proxy.key"); err != nil { return err } else if keyFile, err = fs.Expand(keyFile); err != nil { return err } else if err, scriptPath = mod.StringParam("https.proxy.script"); err != nil { return err } else if err, jsToInject = mod.StringParam("https.proxy.injectjs"); err != nil { return err } if !fs.Exists(certFile) || !fs.Exists(keyFile) { err, cfg := tls.CertConfigFromModule("https.proxy", mod.SessionModule) if err != nil { return err } mod.Debug("%+v", cfg) mod.Info("generating proxy certification authority TLS key to %s", keyFile) mod.Info("generating proxy certification authority TLS certificate to %s", certFile) if err := tls.Generate(cfg, certFile, keyFile); err != nil { return err } } else { mod.Info("loading proxy certification authority TLS key from %s", keyFile) mod.Info("loading proxy certification authority TLS certificate from %s", certFile) } return mod.proxy.ConfigureTLS(address, proxyPort, httpPort, scriptPath, certFile, keyFile, jsToInject, stripSSL) } func (mod *HttpsProxy) Start() error { if err := mod.Configure(); err != nil { return err } return mod.SetRunning(true, func() { mod.proxy.Start() }) } func (mod *HttpsProxy) Stop() error { return mod.SetRunning(false, func() { mod.proxy.Stop() }) }