scripts/trunk/mitm-ssl.pl

#!/usr/bin/perl
# SSL Man-In-The-Middle v0.1. Copyright (C) Vlatko Kosturjak, Kost
# Distributed under GPL v2+.

use strict;
use POSIX;
use IO::Socket::SSL qw(debug3);
use Getopt::Long;
use Time::HiRes qw(time);

my $debug = 0;

my $laddr = "127.0.0.1";
my $lport = 8080;
my $raddr      = "127.0.0.1";
my $rport      = 80;

my $logdir;

my $help;
my $daemon;
my $buffersize = 2048;
my $logtype;
my $daemon;
my $serverkey;
my $servercert;
my $serverdh;

$| = 1;

my $goresult = GetOptions(
        "lport=i"      => \$lport,
        "laddr=s"      => \$laddr,
        "rport=i"      => \$rport,
        "raddr=s"      => \$raddr,
        "logtype=i"    => \$logtype,
        "logdir=s"     => \$logdir,
        "daemon"       => \$daemon,
        "serverkey=s"  => \$serverkey,
        "servercert=s" => \$servercert,
        "serverdh=s"   => \$serverdh,
        "help"         => \$help,
        'debug!'        => \$debug,
);

if ($help) {
        print <<"END";
SSL Man-In-The-Middle v0.1. Copyright (C) Vlatko Kosturjak, Kost
Distributed under GPL v2+. 

Usage: $0 [OPTIONS]

        --lport <port>          Listening port (default 80)
        --laddr <address>       Listening address (default localhost)
        --rport <port>          Remote port to connect to (default 8080)
        --raddr <address>       Remote address to connect to (default localhost)
        --serverkey <file>      Certificate key file for local SSL server
        --servercert <file>     Certificate file for local SSL server
        --serverdh <file>       Diffie-Helman file for key exchange
        --log <type>            Type of log where 0 is no log (default 0)
        --logdir                Directory to log to (default .)
        --daemon                Daemonize (work in background)
        --help                  Display this help message
END
        exit;
}

$Net::SSLeay::trace = 4 if $debug;

$logdir  ||= "$laddr:$lport-$raddr:$rport";
$serverkey ||= "$logdir/ssl.key";
$servercert ||= "$logdir/ssl.cert";

mkdir $logdir;

system "openssl req -new -x509 -days 365 -nodes -out $servercert -keyout $serverkey"
        if ! -e $serverkey && ! -e $servercert;


if ($daemon) {
        my $pid = fork;
        exit if $pid;
        die "$!" unless defined($pid);
        POSIX::setsid() or die "$!";
}

my $ah = IO::Socket::SSL->new(
        'LocalPort'       => $lport,
        'LocalAddr'       => $laddr,
        'Reuse'           => 1,
        'Proto'           => 'tcp',
        'SSL_verify_mode' => '0',
        'SSLdhfile'       => $serverdh,
        'SSL_cert_file'   => $servercert,
        'SSL_key_file'    => $serverkey,
        'Listen'          => 10,
#       'SSL_version' => 'SSLv3',    # SSLv3, SSLv2, TLSv1
#       'SSL_cipher_list' => 'RC4-MD5',
) || die "$!";

$SIG{'CHLD'} = 'IGNORE';
my $num = 0;

while (1) {
        my $ch = $ah->accept();
        if ( !$ch ) {
                print STDERR "cannot accept: $! ", IO::Socket::SSL::errstr(),
                        "\n";
                next;
        }
        if ( !$ch ) { print STDERR "cannot accept: $!\n"; next; }
        ++$num;
        my $pid = fork();
        if ( !defined($pid) ) { print STDERR "cannot fork while(1) $!\n"; }
        elsif ( $pid == 0 ) {
                $ah->close( SSL_no_shutdown => 1 );
                Run( $ch, $num );
        } else {
                $ch->close( SSL_no_shutdown => 1 );
        }
}

sub hexdump {
        my $bytes = shift;
        my $hex = unpack('H*', $bytes);
        $hex =~ s/(.{8})/$1 /g;
        return $hex;
}

sub Run {
        my ( $ch, $num ) = @_;
        my $th = IO::Socket::SSL->new(
                'PeerAddr'        => $raddr,
                'PeerPort'        => $rport,
#               'SSL_use_cert'    => '0',
#               'SSL_verify_mode' => '0',

                'SSL_version' => 'SSLv3',    # SSLv3, SSLv2, TLSv1
                'SSL_cipher_list' => 'RC4-MD5',
                'Proto'       => 'tcp'
        );
        if ( !$th ) { print "cannot connect $raddr:$rport th: $!"; exit 0; }
        else        { print "connected to $raddr:$rport\n"; }
        my $fh;
        if ( -d $logdir ) {
                $fh = Symbol::gensym();
                my $path = sprintf("%s/%15.5f", $logdir, Time::HiRes::time() );
                open( $fh, '>', $path ) or die "$!";
        }
        $ch->autoflush();
        $th->autoflush();
        my $httpheader = "";
        my $httpbuf    = "";
        while ( $ch || $th ) {
                my $rin = "";
                vec( $rin, fileno($ch), 1 ) = 1 if $ch;
                vec( $rin, fileno($th), 1 ) = 1 if $th;
                my ( $rout, $eout );
                select( $rout = $rin, undef, $eout = $rin, 120 );
                if ( !$rout && !$eout ) { }
                my $cbuffer = "";
                my $tbuffer = "";

                if ($ch
                        && (   vec( $eout, fileno($ch), 1 )
                                || vec( $rout, fileno($ch), 1 ) )
                        )
                {
                        my $result = sysread( $ch, $tbuffer, $buffersize );
                        if ( !defined($result) ) {
                                print STDERR "$!\n";
                                exit 0;
                        }
                        if ( $result == 0 ) { exit 0; }
                }
                if ($th
                        && (   vec( $eout, fileno($th), 1 )
                                || vec( $rout, fileno($th), 1 ) )
                        )
                {
                        my $result = sysread( $th, $cbuffer, $buffersize );
                        if ( !defined($result) ) { print STDERR "$!\n"; exit 0; }
                        if ( $result == 0 ) { exit 0; }
                }
                if ( $fh && $tbuffer ) {
                        print $fh "\n# <<< client\n$tbuffer";
                        warn "C>S ", hexdump($tbuffer), "\n";
                }
                while ( my $len = length($tbuffer) ) {
                        my $res = syswrite( $th, $tbuffer, $len );
                        if ( $res > 0 ) { $tbuffer = substr( $tbuffer, $res ); }
                        else            { print STDERR "$!\n"; }
                }
                if ( $fh && $cbuffer ) {
                        print $fh "\n# >>> server\n$cbuffer";
                        warn "S>C ", hexdump($cbuffer), "\n";
                }
                while ( my $len = length($cbuffer) ) {
                        my $res = syswrite( $ch, $cbuffer, $len );
                        if ( $res > 0 ) { $cbuffer = substr( $cbuffer, $res ); }
                        else            { print STDERR "$!\n"; }
                }
        }
}

1	dpavlin	126	#!/usr/bin/perl
2			# SSL Man-In-The-Middle v0.1. Copyright (C) Vlatko Kosturjak, Kost
3			# Distributed under GPL v2+.
4
5			use strict;
6			use POSIX;
7	dpavlin	131	use IO::Socket::SSL qw(debug3);
8	dpavlin	126	use Getopt::Long;
9	dpavlin	131	use Time::HiRes qw(time);
10	dpavlin	126
11	dpavlin	133	my $debug = 0;
12
13	dpavlin	132	my $laddr = "127.0.0.1";
14			my $lport = 8080;
15			my $raddr = "127.0.0.1";
16			my $rport = 80;
17	dpavlin	131
18	dpavlin	133	my $logdir;
19
20	dpavlin	126	my $help;
21			my $daemon;
22	dpavlin	129	my $buffersize = 2048;
23	dpavlin	126	my $logtype;
24			my $daemon;
25	dpavlin	133	my $serverkey;
26			my $servercert;
27	dpavlin	129	my $serverdh;
28	dpavlin	126
29			$\| = 1;
30
31	dpavlin	129	my $goresult = GetOptions(
32	dpavlin	132	"lport=i" => \$lport,
33			"laddr=s" => \$laddr,
34			"rport=i" => \$rport,
35			"raddr=s" => \$raddr,
36	dpavlin	129	"logtype=i" => \$logtype,
37			"logdir=s" => \$logdir,
38			"daemon" => \$daemon,
39			"serverkey=s" => \$serverkey,
40			"servercert=s" => \$servercert,
41			"serverdh=s" => \$serverdh,
42	dpavlin	133	"help" => \$help,
43			'debug!' => \$debug,
44	dpavlin	129	);
45	dpavlin	126
46			if ($help) {
47	dpavlin	129	print <<"END";
48	dpavlin	126	SSL Man-In-The-Middle v0.1. Copyright (C) Vlatko Kosturjak, Kost
49			Distributed under GPL v2+.
50
51			Usage: $0 [OPTIONS]
52
53			--lport <port> Listening port (default 80)
54			--laddr <address> Listening address (default localhost)
55			--rport <port> Remote port to connect to (default 8080)
56			--raddr <address> Remote address to connect to (default localhost)
57			--serverkey <file> Certificate key file for local SSL server
58			--servercert <file> Certificate file for local SSL server
59			--serverdh <file> Diffie-Helman file for key exchange
60			--log <type> Type of log where 0 is no log (default 0)
61			--logdir Directory to log to (default .)
62			--daemon Daemonize (work in background)
63			--help Display this help message
64			END
65	dpavlin	129	exit;
66	dpavlin	126	}
67
68	dpavlin	133	$Net::SSLeay::trace = 4 if $debug;
69
70			$logdir \|\|= "$laddr:$lport-$raddr:$rport";
71			$serverkey \|\|= "$logdir/ssl.key";
72			$servercert \|\|= "$logdir/ssl.cert";
73
74	dpavlin	130	mkdir $logdir;
75
76	dpavlin	131	system "openssl req -new -x509 -days 365 -nodes -out $servercert -keyout $serverkey"
77			if ! -e $serverkey && ! -e $servercert;
78
79
80	dpavlin	126	if ($daemon) {
81	dpavlin	129	my $pid = fork;
82			exit if $pid;
83			die "$!" unless defined($pid);
84			POSIX::setsid() or die "$!";
85	dpavlin	126	}
86
87			my $ah = IO::Socket::SSL->new(
88	dpavlin	132	'LocalPort' => $lport,
89			'LocalAddr' => $laddr,
90	dpavlin	129	'Reuse' => 1,
91			'Proto' => 'tcp',
92			'SSL_verify_mode' => '0',
93			'SSLdhfile' => $serverdh,
94			'SSL_cert_file' => $servercert,
95			'SSL_key_file' => $serverkey,
96	dpavlin	131	'Listen' => 10,
97			# 'SSL_version' => 'SSLv3', # SSLv3, SSLv2, TLSv1
98			# 'SSL_cipher_list' => 'RC4-MD5',
99	dpavlin	126	) \|\| die "$!";
100
101			$SIG{'CHLD'} = 'IGNORE';
102			my $num = 0;
103
104			while (1) {
105	dpavlin	129	my $ch = $ah->accept();
106			if ( !$ch ) {
107			print STDERR "cannot accept: $! ", IO::Socket::SSL::errstr(),
108			"\n";
109			next;
110			}
111			if ( !$ch ) { print STDERR "cannot accept: $!\n"; next; }
112			++$num;
113			my $pid = fork();
114			if ( !defined($pid) ) { print STDERR "cannot fork while(1) $!\n"; }
115			elsif ( $pid == 0 ) {
116			$ah->close( SSL_no_shutdown => 1 );
117	dpavlin	132	Run( $ch, $num );
118	dpavlin	129	} else {
119			$ch->close( SSL_no_shutdown => 1 );
120			}
121	dpavlin	126	}
122
123	dpavlin	133	sub hexdump {
124			my $bytes = shift;
125			my $hex = unpack('H*', $bytes);
126			$hex =~ s/(.{8})/$1 /g;
127			return $hex;
128			}
129
130	dpavlin	126	sub Run {
131	dpavlin	132	my ( $ch, $num ) = @_;
132	dpavlin	129	my $th = IO::Socket::SSL->new(
133	dpavlin	132	'PeerAddr' => $raddr,
134			'PeerPort' => $rport,
135	dpavlin	131	# 'SSL_use_cert' => '0',
136			# 'SSL_verify_mode' => '0',
137	dpavlin	126
138	dpavlin	129	'SSL_version' => 'SSLv3', # SSLv3, SSLv2, TLSv1
139	dpavlin	131	'SSL_cipher_list' => 'RC4-MD5',
140	dpavlin	129	'Proto' => 'tcp'
141			);
142	dpavlin	132	if ( !$th ) { print "cannot connect $raddr:$rport th: $!"; exit 0; }
143			else { print "connected to $raddr:$rport\n"; }
144	dpavlin	129	my $fh;
145	dpavlin	132	if ( -d $logdir ) {
146	dpavlin	129	$fh = Symbol::gensym();
147	dpavlin	133	my $path = sprintf("%s/%15.5f", $logdir, Time::HiRes::time() );
148	dpavlin	131	open( $fh, '>', $path ) or die "$!";
149	dpavlin	129	}
150			$ch->autoflush();
151			$th->autoflush();
152			my $httpheader = "";
153			my $httpbuf = "";
154			while ( $ch \|\| $th ) {
155			my $rin = "";
156			vec( $rin, fileno($ch), 1 ) = 1 if $ch;
157			vec( $rin, fileno($th), 1 ) = 1 if $th;
158			my ( $rout, $eout );
159			select( $rout = $rin, undef, $eout = $rin, 120 );
160			if ( !$rout && !$eout ) { }
161			my $cbuffer = "";
162			my $tbuffer = "";
163
164			if ($ch
165			&& ( vec( $eout, fileno($ch), 1 )
166			\|\| vec( $rout, fileno($ch), 1 ) )
167			)
168			{
169			my $result = sysread( $ch, $tbuffer, $buffersize );
170			if ( !defined($result) ) {
171			print STDERR "$!\n";
172			exit 0;
173			}
174			if ( $result == 0 ) { exit 0; }
175			}
176			if ($th
177			&& ( vec( $eout, fileno($th), 1 )
178			\|\| vec( $rout, fileno($th), 1 ) )
179			)
180			{
181			my $result = sysread( $th, $cbuffer, $buffersize );
182			if ( !defined($result) ) { print STDERR "$!\n"; exit 0; }
183			if ( $result == 0 ) { exit 0; }
184			}
185			if ( $fh && $tbuffer ) {
186	dpavlin	133	print $fh "\n# <<< client\n$tbuffer";
187			warn "C>S ", hexdump($tbuffer), "\n";
188	dpavlin	129	}
189			while ( my $len = length($tbuffer) ) {
190			my $res = syswrite( $th, $tbuffer, $len );
191			if ( $res > 0 ) { $tbuffer = substr( $tbuffer, $res ); }
192			else { print STDERR "$!\n"; }
193			}
194			if ( $fh && $cbuffer ) {
195	dpavlin	133	print $fh "\n# >>> server\n$cbuffer";
196			warn "S>C ", hexdump($cbuffer), "\n";
197	dpavlin	129	}
198			while ( my $len = length($cbuffer) ) {
199			my $res = syswrite( $ch, $cbuffer, $len );
200			if ( $res > 0 ) { $cbuffer = substr( $cbuffer, $res ); }
201			else { print STDERR "$!\n"; }
202			}
203			}
204	dpavlin	126	}
205