/[scripts]/trunk/mitm-ssl.pl
This is repository of my old source code which isn't updated any more. Go to git.rot13.org for current projects!
ViewVC logotype

Contents of /trunk/mitm-ssl.pl

Parent Directory Parent Directory | Revision Log Revision Log


Revision 131 - (show annotations)
Wed Jan 6 23:47:52 2010 UTC (14 years, 2 months ago) by dpavlin
File MIME type: text/plain
File size: 5012 byte(s)
create nice dump directories and files and certificates if missing

laddr:lport-raddr:rport/timestamp.ms

1 #!/usr/bin/perl
2 # SSL Man-In-The-Middle v0.1. Copyright (C) Vlatko Kosturjak, Kost
3 # Distributed under GPL v2+.
4
5 use strict;
6 use POSIX;
7 use IO::Socket::SSL qw(debug3);
8 $Net::SSLeay::trace = 4;
9 use Getopt::Long;
10 use Time::HiRes qw(time);
11
12 my $localport = 8080;
13 my $localaddr = "127.0.0.1";
14 my $port = 80;
15 my $host = "127.0.0.1";
16 my $logdir = "$localaddr:$localport-$host:$port";
17
18 my $help;
19 my $daemon;
20 my $buffersize = 2048;
21 my $logtype;
22 my $daemon;
23 my $serverkey = "$logdir/ssl.key";
24 my $servercert = "$logdir/ssl.cert";
25 my $serverdh;
26
27 $| = 1;
28
29 my $goresult = GetOptions(
30 "lport=i" => \$localport,
31 "laddr=s" => \$localaddr,
32 "rport=i" => \$port,
33 "raddr=s" => \$host,
34 "logtype=i" => \$logtype,
35 "logdir=s" => \$logdir,
36 "daemon" => \$daemon,
37 "serverkey=s" => \$serverkey,
38 "servercert=s" => \$servercert,
39 "serverdh=s" => \$serverdh,
40 "help" => \$help
41 );
42
43 if ($help) {
44 print <<"END";
45 SSL Man-In-The-Middle v0.1. Copyright (C) Vlatko Kosturjak, Kost
46 Distributed under GPL v2+.
47
48 Usage: $0 [OPTIONS]
49
50 --lport <port> Listening port (default 80)
51 --laddr <address> Listening address (default localhost)
52 --rport <port> Remote port to connect to (default 8080)
53 --raddr <address> Remote address to connect to (default localhost)
54 --serverkey <file> Certificate key file for local SSL server
55 --servercert <file> Certificate file for local SSL server
56 --serverdh <file> Diffie-Helman file for key exchange
57 --log <type> Type of log where 0 is no log (default 0)
58 --logdir Directory to log to (default .)
59 --daemon Daemonize (work in background)
60 --help Display this help message
61 END
62 exit;
63 }
64
65 mkdir $logdir;
66
67 system "openssl req -new -x509 -days 365 -nodes -out $servercert -keyout $serverkey"
68 if ! -e $serverkey && ! -e $servercert;
69
70
71 my %o = (
72 'dir' => $logdir,
73 'port' => $localport,
74 'toport' => $port,
75 'tohost' => $host
76 );
77
78 if ($daemon) {
79 my $pid = fork;
80 exit if $pid;
81 die "$!" unless defined($pid);
82 POSIX::setsid() or die "$!";
83 }
84
85 my $ah = IO::Socket::SSL->new(
86 'LocalPort' => $localport,
87 'LocalAddr' => $localaddr,
88 'Reuse' => 1,
89 'Proto' => 'tcp',
90 'SSL_verify_mode' => '0',
91 'SSLdhfile' => $serverdh,
92 'SSL_cert_file' => $servercert,
93 'SSL_key_file' => $serverkey,
94 'Listen' => 10,
95 # 'SSL_version' => 'SSLv3', # SSLv3, SSLv2, TLSv1
96 # 'SSL_cipher_list' => 'RC4-MD5',
97 ) || die "$!";
98
99 $SIG{'CHLD'} = 'IGNORE';
100 my $num = 0;
101
102 while (1) {
103 my $ch = $ah->accept();
104 if ( !$ch ) {
105 print STDERR "cannot accept: $! ", IO::Socket::SSL::errstr(),
106 "\n";
107 next;
108 }
109 if ( !$ch ) { print STDERR "cannot accept: $!\n"; next; }
110 ++$num;
111 my $pid = fork();
112 if ( !defined($pid) ) { print STDERR "cannot fork while(1) $!\n"; }
113 elsif ( $pid == 0 ) {
114 $ah->close( SSL_no_shutdown => 1 );
115 Run( \%o, $ch, $num );
116 } else {
117 $ch->close( SSL_no_shutdown => 1 );
118 }
119 }
120
121 sub Run {
122 my ( $o, $ch, $num ) = @_;
123 my $th = IO::Socket::SSL->new(
124 'PeerAddr' => $o->{'tohost'},
125 'PeerPort' => $o->{'toport'},
126 # 'SSL_use_cert' => '0',
127 # 'SSL_verify_mode' => '0',
128
129 'SSL_version' => 'SSLv3', # SSLv3, SSLv2, TLSv1
130 'SSL_cipher_list' => 'RC4-MD5',
131 'Proto' => 'tcp'
132 );
133 if ( !$th ) { print "cannot connect th: $!"; exit 0; }
134 else { print "connected!"; }
135 my $fh;
136 if ( $o->{'dir'} ) {
137 $fh = Symbol::gensym();
138 my $path = $o->{'dir'} . '/' . Time::HiRes::time();
139 open( $fh, '>', $path ) or die "$!";
140 }
141 $ch->autoflush();
142 $th->autoflush();
143 my $httpheader = "";
144 my $httpbuf = "";
145 while ( $ch || $th ) {
146 my $rin = "";
147 vec( $rin, fileno($ch), 1 ) = 1 if $ch;
148 vec( $rin, fileno($th), 1 ) = 1 if $th;
149 my ( $rout, $eout );
150 select( $rout = $rin, undef, $eout = $rin, 120 );
151 if ( !$rout && !$eout ) { }
152 my $cbuffer = "";
153 my $tbuffer = "";
154
155 if ($ch
156 && ( vec( $eout, fileno($ch), 1 )
157 || vec( $rout, fileno($ch), 1 ) )
158 )
159 {
160 my $result = sysread( $ch, $tbuffer, $buffersize );
161 if ( !defined($result) ) {
162 print STDERR "$!\n";
163 exit 0;
164 }
165 if ( $result == 0 ) { exit 0; }
166 }
167 if ($th
168 && ( vec( $eout, fileno($th), 1 )
169 || vec( $rout, fileno($th), 1 ) )
170 )
171 {
172 my $result = sysread( $th, $cbuffer, $buffersize );
173 if ( !defined($result) ) { print STDERR "$!\n"; exit 0; }
174 if ( $result == 0 ) { exit 0; }
175 }
176 if ( $fh && $tbuffer ) {
177 ( print $fh "[c]" . $tbuffer . "[/c]" );
178 }
179 while ( my $len = length($tbuffer) ) {
180 my $res = syswrite( $th, $tbuffer, $len );
181 if ( $res > 0 ) { $tbuffer = substr( $tbuffer, $res ); }
182 else { print STDERR "$!\n"; }
183 }
184 if ( $fh && $cbuffer ) {
185 ( print $fh "[s]" . $cbuffer . "[/s]" );
186 }
187 while ( my $len = length($cbuffer) ) {
188 my $res = syswrite( $ch, $cbuffer, $len );
189 if ( $res > 0 ) { $cbuffer = substr( $cbuffer, $res ); }
190 else { print STDERR "$!\n"; }
191 }
192 }
193 }
194

Properties

Name Value
svn:executable *

  ViewVC Help
Powered by ViewVC 1.1.26