13 |
my $host; |
my $host; |
14 |
my $port; |
my $port; |
15 |
my $daemon; |
my $daemon; |
16 |
my $buffersize= 2048; |
my $buffersize = 2048; |
17 |
my $logtype; |
my $logtype; |
18 |
my $logdir; |
my $logdir; |
19 |
my $daemon; |
my $daemon; |
20 |
my $serverkey; my $servercert; my $serverdh; |
my $serverkey; |
21 |
|
my $servercert; |
22 |
|
my $serverdh; |
23 |
|
|
24 |
$| = 1; |
$| = 1; |
25 |
|
|
26 |
my $goresult = GetOptions ( "lport=i" => \$localport, |
my $goresult = GetOptions( |
27 |
"laddr=s" => \$localaddr, |
"lport=i" => \$localport, |
28 |
"rport=i" => \$port, |
"laddr=s" => \$localaddr, |
29 |
"raddr=s" => \$host, |
"rport=i" => \$port, |
30 |
"logtype=i" => \$logtype, |
"raddr=s" => \$host, |
31 |
"logdir=s" => \$logdir, |
"logtype=i" => \$logtype, |
32 |
"daemon" => \$daemon, |
"logdir=s" => \$logdir, |
33 |
"serverkey=s" => \$serverkey, |
"daemon" => \$daemon, |
34 |
"servercert=s" => \$servercert, |
"serverkey=s" => \$serverkey, |
35 |
"serverdh=s" => \$serverdh, |
"servercert=s" => \$servercert, |
36 |
"help" => \$help |
"serverdh=s" => \$serverdh, |
37 |
); |
"help" => \$help |
38 |
|
); |
39 |
|
|
40 |
if ($help) { |
if ($help) { |
41 |
print <<"END"; |
print <<"END"; |
42 |
SSL Man-In-The-Middle v0.1. Copyright (C) Vlatko Kosturjak, Kost |
SSL Man-In-The-Middle v0.1. Copyright (C) Vlatko Kosturjak, Kost |
43 |
Distributed under GPL v2+. |
Distributed under GPL v2+. |
44 |
|
|
56 |
--daemon Daemonize (work in background) |
--daemon Daemonize (work in background) |
57 |
--help Display this help message |
--help Display this help message |
58 |
END |
END |
59 |
exit; |
exit; |
60 |
} |
} |
61 |
|
|
62 |
# set default values |
# set default values |
63 |
$localport=8080 unless ($localport); |
$localport = 8080 unless ($localport); |
64 |
$localaddr="127.0.0.1" unless ($localaddr); |
$localaddr = "127.0.0.1" unless ($localaddr); |
65 |
$port=80 unless ($port); |
$port = 80 unless ($port); |
66 |
$host="127.0.0.1" unless ($host); |
$host = "127.0.0.1" unless ($host); |
67 |
$logdir="." unless ($logdir); |
$logdir = "." unless ($logdir); |
68 |
|
|
69 |
my %o = ( 'dir' => $logdir, 'port' => $localport, 'toport' => $port, 'tohost' => $host ); |
my %o = ( |
70 |
|
'dir' => $logdir, |
71 |
|
'port' => $localport, |
72 |
|
'toport' => $port, |
73 |
|
'tohost' => $host |
74 |
|
); |
75 |
|
|
76 |
if ($daemon) { |
if ($daemon) { |
77 |
my $pid = fork; |
my $pid = fork; |
78 |
exit if $pid; |
exit if $pid; |
79 |
die "$!" unless defined($pid); |
die "$!" unless defined($pid); |
80 |
POSIX::setsid() or die "$!"; |
POSIX::setsid() or die "$!"; |
81 |
} |
} |
82 |
|
|
83 |
my $ah = IO::Socket::SSL->new( |
my $ah = IO::Socket::SSL->new( |
84 |
'LocalPort' => $localport, |
'LocalPort' => $localport, |
85 |
'LocalAddr' => $localaddr, |
'LocalAddr' => $localaddr, |
86 |
'Reuse' => 1, |
'Reuse' => 1, |
87 |
'Proto' => 'tcp', |
'Proto' => 'tcp', |
88 |
'SSL_verify_mode' => '0', |
'SSL_verify_mode' => '0', |
89 |
'SSLdhfile' => $serverdh, |
'SSLdhfile' => $serverdh, |
90 |
'SSL_cert_file' => $servercert, |
'SSL_cert_file' => $servercert, |
91 |
'SSL_key_file' => $serverkey, |
'SSL_key_file' => $serverkey, |
92 |
'Listen' => 10 |
'Listen' => 10 |
93 |
) || die "$!"; |
) || die "$!"; |
94 |
|
|
95 |
$SIG{'CHLD'} = 'IGNORE'; |
$SIG{'CHLD'} = 'IGNORE'; |
96 |
my $num = 0; |
my $num = 0; |
97 |
|
|
98 |
while (1) { |
while (1) { |
99 |
my $ch = $ah->accept(); |
my $ch = $ah->accept(); |
100 |
if ( !$ch ) { print STDERR "cannot accept: $! ", IO::Socket::SSL::errstr(), "\n" ; next; } |
if ( !$ch ) { |
101 |
if ( !$ch ) { print STDERR "cannot accept: $!\n"; next; } |
print STDERR "cannot accept: $! ", IO::Socket::SSL::errstr(), |
102 |
++$num; |
"\n"; |
103 |
my $pid = fork(); |
next; |
104 |
if ( !defined($pid) ) { print STDERR "cannot fork while(1) $!\n"; } |
} |
105 |
elsif ( $pid == 0 ) { $ah->close(SSL_no_shutdown => 1); Run( \%o, $ch, $num ); } |
if ( !$ch ) { print STDERR "cannot accept: $!\n"; next; } |
106 |
else { $ch->close(SSL_no_shutdown => 1); } |
++$num; |
107 |
|
my $pid = fork(); |
108 |
|
if ( !defined($pid) ) { print STDERR "cannot fork while(1) $!\n"; } |
109 |
|
elsif ( $pid == 0 ) { |
110 |
|
$ah->close( SSL_no_shutdown => 1 ); |
111 |
|
Run( \%o, $ch, $num ); |
112 |
|
} else { |
113 |
|
$ch->close( SSL_no_shutdown => 1 ); |
114 |
|
} |
115 |
} |
} |
116 |
|
|
117 |
sub Run { |
sub Run { |
118 |
my ( $o, $ch, $num ) = @_; |
my ( $o, $ch, $num ) = @_; |
119 |
my $th = IO::Socket::SSL->new( |
my $th = IO::Socket::SSL->new( |
120 |
'PeerAddr' => $o->{'tohost'}, |
'PeerAddr' => $o->{'tohost'}, |
121 |
'PeerPort' => $o->{'toport'}, |
'PeerPort' => $o->{'toport'}, |
122 |
'SSL_use_cert' => '0', |
'SSL_use_cert' => '0', |
123 |
'SSL_verify_mode' => '0', |
'SSL_verify_mode' => '0', |
124 |
# 'SSL_cipher_list' => 'NUL:LOW:EXP:ADH', |
|
125 |
'SSL_version' => 'SSLv3', # SSLv3, SSLv2, TLSv1 |
# 'SSL_cipher_list' => 'NUL:LOW:EXP:ADH', |
126 |
'Proto' => 'tcp' |
'SSL_version' => 'SSLv3', # SSLv3, SSLv2, TLSv1 |
127 |
); |
'Proto' => 'tcp' |
128 |
if ( !$th ) { print "cannot connect th: $!"; exit 0; } |
); |
129 |
else { print "connected!"; } |
if ( !$th ) { print "cannot connect th: $!"; exit 0; } |
130 |
my $fh; |
else { print "connected!"; } |
131 |
if ( $o->{'dir'} ) { |
my $fh; |
132 |
$fh = Symbol::gensym(); |
if ( $o->{'dir'} ) { |
133 |
open( $fh, ">$o->{'dir'}/tunnel$num.log" ) or die "$!"; |
$fh = Symbol::gensym(); |
134 |
} |
open( $fh, ">$o->{'dir'}/tunnel$num.log" ) or die "$!"; |
135 |
$ch->autoflush(); |
} |
136 |
$th->autoflush(); |
$ch->autoflush(); |
137 |
my $httpheader=""; |
$th->autoflush(); |
138 |
my $httpbuf=""; |
my $httpheader = ""; |
139 |
while ( $ch || $th ) { |
my $httpbuf = ""; |
140 |
my $rin = ""; |
while ( $ch || $th ) { |
141 |
vec( $rin, fileno($ch), 1 ) = 1 if $ch; |
my $rin = ""; |
142 |
vec( $rin, fileno($th), 1 ) = 1 if $th; |
vec( $rin, fileno($ch), 1 ) = 1 if $ch; |
143 |
my ( $rout, $eout ); |
vec( $rin, fileno($th), 1 ) = 1 if $th; |
144 |
select( $rout = $rin, undef, $eout = $rin, 120 ); |
my ( $rout, $eout ); |
145 |
if ( !$rout && !$eout ) { } |
select( $rout = $rin, undef, $eout = $rin, 120 ); |
146 |
my $cbuffer = ""; |
if ( !$rout && !$eout ) { } |
147 |
my $tbuffer = ""; |
my $cbuffer = ""; |
148 |
|
my $tbuffer = ""; |
149 |
if ( $ch |
|
150 |
&& ( vec( $eout, fileno($ch), 1 ) || vec( $rout, fileno($ch), 1 ) ) |
if ($ch |
151 |
) |
&& ( vec( $eout, fileno($ch), 1 ) |
152 |
{ |
|| vec( $rout, fileno($ch), 1 ) ) |
153 |
my $result = sysread( $ch, $tbuffer, $buffersize ); |
) |
154 |
if ( !defined($result) ) { |
{ |
155 |
print STDERR "$!\n"; |
my $result = sysread( $ch, $tbuffer, $buffersize ); |
156 |
exit 0; |
if ( !defined($result) ) { |
157 |
} |
print STDERR "$!\n"; |
158 |
if ( $result == 0 ) { exit 0; } |
exit 0; |
159 |
} |
} |
160 |
if ( $th |
if ( $result == 0 ) { exit 0; } |
161 |
&& ( vec( $eout, fileno($th), 1 ) || vec( $rout, fileno($th), 1 ) ) |
} |
162 |
) |
if ($th |
163 |
{ |
&& ( vec( $eout, fileno($th), 1 ) |
164 |
my $result = sysread( $th, $cbuffer, $buffersize ); |
|| vec( $rout, fileno($th), 1 ) ) |
165 |
if ( !defined($result) ) { print STDERR "$!\n"; exit 0; } |
) |
166 |
if ( $result == 0 ) { exit 0; } |
{ |
167 |
} |
my $result = sysread( $th, $cbuffer, $buffersize ); |
168 |
if ( $fh && $tbuffer ) { ( print $fh "[c]".$tbuffer."[/c]" ); } |
if ( !defined($result) ) { print STDERR "$!\n"; exit 0; } |
169 |
while ( my $len = length($tbuffer) ) { |
if ( $result == 0 ) { exit 0; } |
170 |
my $res = syswrite( $th, $tbuffer, $len ); |
} |
171 |
if ( $res > 0 ) { $tbuffer = substr( $tbuffer, $res ); } |
if ( $fh && $tbuffer ) { |
172 |
else { print STDERR "$!\n"; } |
( print $fh "[c]" . $tbuffer . "[/c]" ); |
173 |
} |
} |
174 |
if ( $fh && $cbuffer ) { ( print $fh "[s]".$cbuffer."[/s]"); } |
while ( my $len = length($tbuffer) ) { |
175 |
while ( my $len = length($cbuffer) ) { |
my $res = syswrite( $th, $tbuffer, $len ); |
176 |
my $res = syswrite( $ch, $cbuffer, $len ); |
if ( $res > 0 ) { $tbuffer = substr( $tbuffer, $res ); } |
177 |
if ( $res > 0 ) { $cbuffer = substr( $cbuffer, $res ); } |
else { print STDERR "$!\n"; } |
178 |
else { print STDERR "$!\n"; } |
} |
179 |
} |
if ( $fh && $cbuffer ) { |
180 |
} |
( print $fh "[s]" . $cbuffer . "[/s]" ); |
181 |
|
} |
182 |
|
while ( my $len = length($cbuffer) ) { |
183 |
|
my $res = syswrite( $ch, $cbuffer, $len ); |
184 |
|
if ( $res > 0 ) { $cbuffer = substr( $cbuffer, $res ); } |
185 |
|
else { print STDERR "$!\n"; } |
186 |
|
} |
187 |
|
} |
188 |
} |
} |
189 |
|
|