/[scripts]/trunk/mitm-ssl.pl
This is repository of my old source code which isn't updated any more. Go to git.rot13.org for current projects!
ViewVC logotype

Annotation of /trunk/mitm-ssl.pl

Parent Directory Parent Directory | Revision Log Revision Log


Revision 132 - (hide annotations)
Wed Jan 6 23:54:02 2010 UTC (14 years, 2 months ago) by dpavlin
File MIME type: text/plain
File size: 4882 byte(s)
cleanup vars

1 dpavlin 126 #!/usr/bin/perl
2     # SSL Man-In-The-Middle v0.1. Copyright (C) Vlatko Kosturjak, Kost
3     # Distributed under GPL v2+.
4    
5     use strict;
6     use POSIX;
7 dpavlin 131 use IO::Socket::SSL qw(debug3);
8     $Net::SSLeay::trace = 4;
9 dpavlin 126 use Getopt::Long;
10 dpavlin 131 use Time::HiRes qw(time);
11 dpavlin 126
12 dpavlin 132 my $laddr = "127.0.0.1";
13     my $lport = 8080;
14     my $raddr = "127.0.0.1";
15     my $rport = 80;
16     my $logdir = "$laddr:$lport-$raddr:$rport";
17 dpavlin 131
18 dpavlin 126 my $help;
19     my $daemon;
20 dpavlin 129 my $buffersize = 2048;
21 dpavlin 126 my $logtype;
22     my $daemon;
23 dpavlin 131 my $serverkey = "$logdir/ssl.key";
24     my $servercert = "$logdir/ssl.cert";
25 dpavlin 129 my $serverdh;
26 dpavlin 126
27     $| = 1;
28    
29 dpavlin 129 my $goresult = GetOptions(
30 dpavlin 132 "lport=i" => \$lport,
31     "laddr=s" => \$laddr,
32     "rport=i" => \$rport,
33     "raddr=s" => \$raddr,
34 dpavlin 129 "logtype=i" => \$logtype,
35     "logdir=s" => \$logdir,
36     "daemon" => \$daemon,
37     "serverkey=s" => \$serverkey,
38     "servercert=s" => \$servercert,
39     "serverdh=s" => \$serverdh,
40     "help" => \$help
41     );
42 dpavlin 126
43     if ($help) {
44 dpavlin 129 print <<"END";
45 dpavlin 126 SSL Man-In-The-Middle v0.1. Copyright (C) Vlatko Kosturjak, Kost
46     Distributed under GPL v2+.
47    
48     Usage: $0 [OPTIONS]
49    
50     --lport <port> Listening port (default 80)
51     --laddr <address> Listening address (default localhost)
52     --rport <port> Remote port to connect to (default 8080)
53     --raddr <address> Remote address to connect to (default localhost)
54     --serverkey <file> Certificate key file for local SSL server
55     --servercert <file> Certificate file for local SSL server
56     --serverdh <file> Diffie-Helman file for key exchange
57     --log <type> Type of log where 0 is no log (default 0)
58     --logdir Directory to log to (default .)
59     --daemon Daemonize (work in background)
60     --help Display this help message
61     END
62 dpavlin 129 exit;
63 dpavlin 126 }
64    
65 dpavlin 130 mkdir $logdir;
66    
67 dpavlin 131 system "openssl req -new -x509 -days 365 -nodes -out $servercert -keyout $serverkey"
68     if ! -e $serverkey && ! -e $servercert;
69    
70    
71 dpavlin 126 if ($daemon) {
72 dpavlin 129 my $pid = fork;
73     exit if $pid;
74     die "$!" unless defined($pid);
75     POSIX::setsid() or die "$!";
76 dpavlin 126 }
77    
78     my $ah = IO::Socket::SSL->new(
79 dpavlin 132 'LocalPort' => $lport,
80     'LocalAddr' => $laddr,
81 dpavlin 129 'Reuse' => 1,
82     'Proto' => 'tcp',
83     'SSL_verify_mode' => '0',
84     'SSLdhfile' => $serverdh,
85     'SSL_cert_file' => $servercert,
86     'SSL_key_file' => $serverkey,
87 dpavlin 131 'Listen' => 10,
88     # 'SSL_version' => 'SSLv3', # SSLv3, SSLv2, TLSv1
89     # 'SSL_cipher_list' => 'RC4-MD5',
90 dpavlin 126 ) || die "$!";
91    
92     $SIG{'CHLD'} = 'IGNORE';
93     my $num = 0;
94    
95     while (1) {
96 dpavlin 129 my $ch = $ah->accept();
97     if ( !$ch ) {
98     print STDERR "cannot accept: $! ", IO::Socket::SSL::errstr(),
99     "\n";
100     next;
101     }
102     if ( !$ch ) { print STDERR "cannot accept: $!\n"; next; }
103     ++$num;
104     my $pid = fork();
105     if ( !defined($pid) ) { print STDERR "cannot fork while(1) $!\n"; }
106     elsif ( $pid == 0 ) {
107     $ah->close( SSL_no_shutdown => 1 );
108 dpavlin 132 Run( $ch, $num );
109 dpavlin 129 } else {
110     $ch->close( SSL_no_shutdown => 1 );
111     }
112 dpavlin 126 }
113    
114     sub Run {
115 dpavlin 132 my ( $ch, $num ) = @_;
116 dpavlin 129 my $th = IO::Socket::SSL->new(
117 dpavlin 132 'PeerAddr' => $raddr,
118     'PeerPort' => $rport,
119 dpavlin 131 # 'SSL_use_cert' => '0',
120     # 'SSL_verify_mode' => '0',
121 dpavlin 126
122 dpavlin 129 'SSL_version' => 'SSLv3', # SSLv3, SSLv2, TLSv1
123 dpavlin 131 'SSL_cipher_list' => 'RC4-MD5',
124 dpavlin 129 'Proto' => 'tcp'
125     );
126 dpavlin 132 if ( !$th ) { print "cannot connect $raddr:$rport th: $!"; exit 0; }
127     else { print "connected to $raddr:$rport\n"; }
128 dpavlin 129 my $fh;
129 dpavlin 132 if ( -d $logdir ) {
130 dpavlin 129 $fh = Symbol::gensym();
131 dpavlin 132 my $path = $logdir . Time::HiRes::time();
132 dpavlin 131 open( $fh, '>', $path ) or die "$!";
133 dpavlin 129 }
134     $ch->autoflush();
135     $th->autoflush();
136     my $httpheader = "";
137     my $httpbuf = "";
138     while ( $ch || $th ) {
139     my $rin = "";
140     vec( $rin, fileno($ch), 1 ) = 1 if $ch;
141     vec( $rin, fileno($th), 1 ) = 1 if $th;
142     my ( $rout, $eout );
143     select( $rout = $rin, undef, $eout = $rin, 120 );
144     if ( !$rout && !$eout ) { }
145     my $cbuffer = "";
146     my $tbuffer = "";
147    
148     if ($ch
149     && ( vec( $eout, fileno($ch), 1 )
150     || vec( $rout, fileno($ch), 1 ) )
151     )
152     {
153     my $result = sysread( $ch, $tbuffer, $buffersize );
154     if ( !defined($result) ) {
155     print STDERR "$!\n";
156     exit 0;
157     }
158     if ( $result == 0 ) { exit 0; }
159     }
160     if ($th
161     && ( vec( $eout, fileno($th), 1 )
162     || vec( $rout, fileno($th), 1 ) )
163     )
164     {
165     my $result = sysread( $th, $cbuffer, $buffersize );
166     if ( !defined($result) ) { print STDERR "$!\n"; exit 0; }
167     if ( $result == 0 ) { exit 0; }
168     }
169     if ( $fh && $tbuffer ) {
170     ( print $fh "[c]" . $tbuffer . "[/c]" );
171     }
172     while ( my $len = length($tbuffer) ) {
173     my $res = syswrite( $th, $tbuffer, $len );
174     if ( $res > 0 ) { $tbuffer = substr( $tbuffer, $res ); }
175     else { print STDERR "$!\n"; }
176     }
177     if ( $fh && $cbuffer ) {
178     ( print $fh "[s]" . $cbuffer . "[/s]" );
179     }
180     while ( my $len = length($cbuffer) ) {
181     my $res = syswrite( $ch, $cbuffer, $len );
182     if ( $res > 0 ) { $cbuffer = substr( $cbuffer, $res ); }
183     else { print STDERR "$!\n"; }
184     }
185     }
186 dpavlin 126 }
187    

Properties

Name Value
svn:executable *

  ViewVC Help
Powered by ViewVC 1.1.26