def main():
app = wx.App(False)
if len(sys.argv) >= 2 and sys.argv[1] == '-test':
config = wx.Config("padherder_proxy_test")
print "In test mode"
else:
config = wx.Config("padherder_proxy")
wx.ConfigBase.Set(config)
frame = MainWindow(None, "Padherder Proxy v%s" % PH_PROXY_VERSION)
host = config.Read("host") or socket.gethostbyname(socket.gethostname())
logger = dnsproxy.MyDNSLogger(frame.dns_tab)
thread.start_new_thread(dnsproxy.serveDNS, (logger, frame.main_tab, frame))
try:
app_config = proxy.ProxyConfig(port=8080, host=host)
app_server = ProxyServer(app_config)
app_master = dump.DumpMaster(
app_server, dump.Options(app_host='mitm.it', app_port=80,
app=True))
frame.app_master = app_master
thread.start_new_thread(app_master.run, ())
except:
evt = custom_events.wxStatusEvent(
message='Error initalizing mitm proxy:\n' +
traceback.format_exc() +
'\n\nYou probably put in an incorrect IP address in Settings')
wx.PostEvent(frame.main_tab, evt)
app.MainLoop()
def start_filter_proxy(options): print "Press Ctrl+C to stop the proxy" port = int(options.port) config = proxy.ProxyConfig(port=port) server = ProxyServer(config) m = HeaderFilterProxy(server) m.run()
def __init__(self, config):
s = ProxyServer(config, 0)
state = flow.State()
flow.FlowMaster.__init__(self, s, state)
self.apps.add(testapp, "testapp", 80)
self.apps.add(errapp, "errapp", 80)
self.clear_log()
def init_proxy(db_socket_address, crawl_id):
"""
# deploys an (optional) instance of mitmproxy used to log crawl data
<db_socket_address> is the connection address of the DataAggregator
<crawl_id> is the id set by the TaskManager
"""
proxy_site_queue = Queue.Queue(
) # queue for crawler to communicate with proxy
# gets local port from one of the free ports
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.bind(('', 0))
proxy_port = sock.getsockname()[1]
sock.close()
config = proxy.ProxyConfig(cadir=os.path.join(os.path.dirname(__file__),
'cert'),
port=proxy_port)
server = ProxyServer(config)
print 'Intercepting Proxy listening on ' + str(proxy_port)
m = MITMProxy.InterceptingMaster(server, crawl_id, proxy_site_queue,
db_socket_address)
thread = threading.Thread(target=m.run, args=())
thread.daemon = True
thread.start()
return proxy_port, proxy_site_queue
def init_proxy(browser_params, manager_params, status_queue):
"""
Uses mitmproxy used to log HTTP Requests and Responses
<browser params> configuration parameters of host browser
<manager_params> configuration parameters of the TaskManager
<status_queue> a Queue to report proxy status back to TaskManager
"""
logger = loggingclient(*manager_params['logger_address'])
proxy_site_queue = Queue.Queue(
) # queue for crawler to communicate with proxy
# gets local port from one of the free ports
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.bind(('', 0))
proxy_port = sock.getsockname()[1]
sock.close()
config = proxy.ProxyConfig(cadir=os.path.join(os.path.dirname(__file__),
'cert'),
port=proxy_port)
server = ProxyServer(config)
logger.info('BROWSER %i: Intercepting Proxy listening on %i' %
(browser_params['crawl_id'], proxy_port))
m = MITMProxy.InterceptingMaster(server, proxy_site_queue, browser_params,
manager_params, status_queue)
thread = threading.Thread(target=m.run, args=())
thread.daemon = True
thread.start()
return proxy_port, proxy_site_queue
def onDNSEvent(self, event):
if self.proxy_master is not None:
self.proxy_master.shutdown()
if event.message.startswith('api-na'):
region = 'NA'
else:
region = 'JP'
config = wx.ConfigBase.Get()
host = config.Read("host") or socket.gethostbyname(
socket.gethostname())
httpsport = config.Read("httpsport") or "443"
try:
proxy_config = proxy.ProxyConfig(
port=int(httpsport),
host=host,
mode='reverse',
upstream_server=cmdline.parse_server_spec('https://%s:443/' %
event.message))
proxy_server = ProxyServer(proxy_config)
except Exception as e:
evt = custom_events.wxStatusEvent(
message='Error starting HTTPS proxy: %s' % e)
wx.PostEvent(self.main_tab, evt)
return
self.proxy_master = PadMaster(proxy_server, self, region)
thread.start_new_thread(self.proxy_master.run, ())
def __init__(self, ip, port, uri_opener, handler_klass=ProxyHandler,
ca_certs=CA_CERT_DIR, name='ProxyThread'):
"""
:param ip: IP address to bind
:param port: Port to bind
:param uri_opener: The uri_opener that will be used to open
the requests that arrive from the browser
:param handler_klass: A class that will know how to handle
requests from the browser
"""
Process.__init__(self)
self.daemon = True
self.name = name
# Internal vars
self._server = None
self._running = False
self._uri_opener = uri_opener
self._ca_certs = ca_certs
# Stats
self.total_handled_requests = 0
# User configured parameters
try:
self._config = ProxyConfig(cadir=self._ca_certs,
ssl_version_client='SSLv23',
ssl_version_server='SSLv23',
host=ip,
port=port)
except AttributeError as ae:
if str(ae) == "'module' object has no attribute '_lib'":
# This is a rare issue with the OpenSSL setup that some users
# (mostly in mac os) find. Not related with w3af/mitmproxy but
# with some broken stuff they have
#
# https://github.com/mitmproxy/mitmproxy/issues/281
# https://github.com/andresriancho/w3af/issues/10716
#
# AttributeError: 'module' object has no attribute '_lib'
raise ProxyException(self.INCORRECT_SETUP % ae)
else:
# Something unexpected, raise
raise
# Setting these options together with ssl_version_client and
# ssl_version_server set to SSLv23 means that the proxy will allow all
# types (including insecure) of SSL connections
self._config.openssl_options_client = None
self._config.openssl_options_server = None
# Start the proxy server
try:
self._server = ProxyServer(self._config)
except socket.error, se:
raise ProxyException('Socket error while starting proxy: "%s"'
% se.strerror)
def run_all():
config = proxy.ProxyConfig(port=8080)
server = ProxyServer(config)
m = StickyMaster(server)
m.run()
# if __name__ == '__main__':
# run_all()
def start_proxy_server(port, referer):
"""
Start proxy server and return an instance.
:param port: int
:param referer: string
:return: RefererMaster
"""
config = proxy.ProxyConfig(port=port)
server = ProxyServer(config)
m = RefererMaster(server, referer)
m.run()
def start_proxy(app_url, app_name="test", port_no=2820, generate=True):
config = proxy.ProxyConfig(
port=port_no,
# use ~/.mitmproxy/mitmproxy-ca.pem as default CA file.
cadir=os.path.dirname(os.path.realpath(__file__)))
state = flow.State()
server = ProxyServer(config)
flowMaster = ProxyFlowMaster(server, state, app_url, app_name, generate)
print "Proxy Started on port " + str(port_no)
flowMaster.run()
def __init__(self, filter_id, package_name, description):
self.report = {}
self.filter_id = filter_id
self.package_name = package_name
self.description = description
config = proxy.ProxyConfig(port=8080,mode="transparent")
server = ProxyServer(config)
controller.Master.__init__(self, server)
flow_dump_file = open(self.get_package_name()+"_network_traffic", "wb")
self.network_flow = FlowWriter(flow_dump_file)
self.should_exit = None
self.extra_analyzers = [InsecureTransmissionAnalyzer(self),ZIPPathTraversalAnalyzer(self)]
logging.debug("Init analyzer")
def start(self, url):
log.info("before proxy")
config = proxy.ProxyConfig(port=8888)
server = ProxyServer(config)
self.m = InjectionProxy.InjectionProxy(server)
log.info("before thread")
thread.start_new_thread(self.m.run, ())
#self.working_path = os.path.dirname(os.path.realpath(__file__))
#self.working_path = os.path.join(self.working_path, "..", "..", "lib", "jsh")
#subprocess.Popen("python " + os.path.join(self.working_path, "InjectionProxy.py"))
time.sleep(2) # waits for proxy to go up
iexplore = self.get_path("Internet Explorer")
log.info("after thread, before execute")
return self.execute(iexplore, args="%s" % url)
def start_proxy_server(port, inout_path, res_path, http_proxy):
mapping_handler = MappingItemsManager(inout_path, res_path)
proxy_mapper = ProxyMapper(mapping_handler, http_proxy)
config = proxy.ProxyConfig(port=port, cadir="~/.mitmproxy/")
server = ProxyServer(config)
state = flow.State()
m = MITMProxy(server, state, proxy_mapper)
def signal_handler(signal, frame):
info("\nShutting down proxy server")
m.shutdown()
success("Proxy server stopped")
sys.exit(0)
signal.signal(signal.SIGINT, signal_handler)
m.run()
def main(argv):
# read config from ini file, check it and write it back
config_file = "config.ini"
config = ConfigParser.ConfigParser()
config.read(config_file)
# Check config and set defaault params
check_config(config)
# write config to file
with open(config_file, "wb") as cf:
config.write(cf)
# Configure proxy server
proxy_config = proxy.ProxyConfig(
port=int(config.get("proxy", "port")),
cadir=config.get("proxy", "cadir"),
mode=config.get("proxy", "mode")
)
# Create Server
server = ProxyServer(proxy_config)
# Creater Interceptor
imaster = InterceptingMaster(server, config)
imaster.run()
print "Intercepting Proxy listening on " + str(proxy_config.port) + " in " + str(proxy_config.mode) + " mode "
# Wait till keyboard interrupt
while True:
try:
time.sleep(1)
except KeyboardInterrupt:
print 'KeyboardInterrupt received. Shutting down'
imaster.shutdown()
sys.exit(0)
except Exception as e:
print e
print 'Exception catched.'
sys.exit(0)
def start_creator_proxy(options):
global collection
port = int(options.port)
name = options.name
path = options.path
host = options.host
if options.restricted_headers == 'false':
restricted_headers = False
else:
restricted_headers = True
methods = options.methods
status_codes = ""
print "Proxy running at %d" % (port)
print "Press Ctrl+C to stop the proxy"
rules = {
'host': host,
'methods': methods,
'restricted_headers': restricted_headers
}
collection = Collection(name, path)
config = proxy.ProxyConfig(port=port)
server = ProxyServer(config)
if options.tcp_connection == 'false':
tcp_connection = False
else:
tcp_connection = True
m = CollectionCreatorProxy(server, collection, rules, tcp_connection=tcp_connection, tcp_host=options.tcp_host, tcp_port=options.tcp_port,filter_url=options.filter_url)
m.run()
signal.signal(signal.SIGINT, signal_handler)
print 'Press Ctrl+C again to save the collection'
signal.pause()
def __init__(self,
ip,
port,
uri_opener,
handler_klass=ProxyHandler,
ca_certs=CA_CERT_DIR,
name='ProxyThread'):
"""
:param ip: IP address to bind
:param port: Port to bind
:param uri_opener: The uri_opener that will be used to open
the requests that arrive from the browser
:param handler_klass: A class that will know how to handle
requests from the browser
"""
Process.__init__(self)
self.daemon = True
self.name = name
# Internal vars
self._server = None
self._running = False
self._uri_opener = uri_opener
self._ca_certs = ca_certs
# Stats
self.total_handled_requests = 0
# User configured parameters
self._config = ProxyConfig(cadir=self._ca_certs,
ssl_version_client='all',
ssl_version_server='all',
host=ip,
port=port)
# Start the proxy server
try:
self._server = ProxyServer(self._config)
except socket.error, se:
raise ProxyException('Socket error while starting proxy: "%s"' %
se.strerror)
def main():
parser = argparse.ArgumentParser(
prog='PROG', formatter_class=argparse.ArgumentDefaultsHelpFormatter)
parser.add_argument('--port', type=int, default=8080, help='Proxy port')
parser.add_argument('--block-traffics', default=False, action='store_true')
args = parser.parse_args(sys.argv[1:])
port = args.port
show_intro()
show_network_info(port)
if not args.block_traffics:
log("Blocking non-related traffic is DISABLED.")
else:
log("Blocking non-related traffic is ENABLED.")
config = proxy.ProxyConfig(port=port)
server = ProxyServer(config)
m = VitaUpdateBlockerMaster(server, block_traffics=args.block_traffics)
m.run()
# Initial config file reading
user_cfg = ConfigObj(CONFIGFILE)
config = proxy.ProxyConfig(
clientcerts=os.path.expanduser(user_cfg['Overall']['certLocation']),
body_size_limit=user_cfg['Overall'].as_int('MaxSizeFileRequested'),
port=user_cfg['Overall'].as_int('proxyPort'),
mode=user_cfg['Overall']['proxyMode'],
)
if user_cfg['Overall']['proxyMode'] != "None":
config.proxy_mode = {
'sslports': user_cfg['Overall']['sslports'],
'resolver': platform.resolver()
}
server = ProxyServer(config)
numericLogLevel = getattr(logging, user_cfg['Overall']['loglevel'].upper(),
None)
if numericLogLevel is None:
EnhancedOutput.print_error(
"INFO, DEBUG, WARNING, ERROR, CRITICAL for loglevel in conifg")
sys.exit(1)
logging.basicConfig(filename=user_cfg['Overall']['logname'],
level=numericLogLevel,
format='%(asctime)s|%(message)s')
EnhancedOutput.print_warning("Configuring network forwarding.")
try:
if sys.platform == "darwin":
def run(port):
config = proxy.ProxyConfig(port=port, cadir=".")
server = ProxyServer(config)
m = StickyMaster(server)
m.run()
def start(self, path):
log.info("before proxy")
config = proxy.ProxyConfig(port=8888)
proxy_server = ProxyServer(config)
self.m = InjectionProxy.InjectionProxy(proxy_server)
log.info("before thread")
thread.start_new_thread(self.m.run, ())
self.tshark_proc = None
self.tshark_filename = "tshark.pcap"
log.debug("In pcap analysis package")
log.debug("path is " + path)
# set default options
args = {}
#args["server_off"] = self.options["server_off"] if self.options["server_off"] else False
args[
"port"] = 80 #self.options["port"] if self.options["port"] else 80
args[
"short_url"] = True #self.options["short_url"] if self.options["short_url"] else True
args[
"ungzip"] = True #self.options["ungzip"] if self.options["ungzip"] else True
#args.report = self.options["report"] if self.options["report"] else
CTCore.pcap_file = path
log.info("[A] Analyzing PCAP: " + CTCore.pcap_file)
#start_ws = args["server_off"] # Boolean to start web server
CTCore.PORT = args["port"] # Web server port
CTCore.b_use_short_uri = args["short_url"] # Display short URI paths
CTCore.b_auto_ungzip = args["ungzip"]
#if(args.report is not None):
# CTCore.b_auto_ungzip = True
parse_pcap.run(CTCore.pcap_file)
if not CTCore.conversations:
log.info("No HTTP conversations were found in PCAP file")
return
log.info(CTCore.newLine + "[+] Traffic Activity Time: "),
try:
log.info(CTCore.activity_date_time)
except:
log.error("Couldn't retrieve time")
#Update hosts file with all hosts found in pcap
#add each ip directly accessed in pcap to loopback network card
ip_pattern = "^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$"
host_domains = CTCore.hosts.keys()
if host_domains:
#self.PATHS = Pcap.HOSTS_PATHS
with open(self.hosts_path, "a+") as hosts_file:
for host, ip in host_domains:
ip = ip.split(":")[0] #remove the port from the ip address
netsh_cmd = "netsh interface ip add address \"Local Area Connection 2\" {0} 255.255.255.255".format(
ip)
proc = Popen(shlex.split(netsh_cmd),
stdout=PIPE,
stderr=STDOUT)
output, err = proc.communicate()
if err:
log.error(err)
host = host.split(":")[
0] #remove port from host if it exists
host_is_ip = re.match(ip_pattern, host, re.M)
if not host_is_ip:
hosts_file.write("\n\n127.0.0.1 {0}".format(host))
try:
CTCore.web_server = server()
CTCore.web_server.start()
time.sleep(0.1) # Fixes graphic issues
CTCore.web_server_turned_on = True
id = 0
request = CTCore.conversations[id].uri
host = CTCore.conversations[id].host
open_url = 'http://127.0.0.1:' + str(
CTCore.PORT) + "/" + host + request
#open_url = 'http://' + CTCore.HOST + ":" + str(CTCore.PORT) + request
#start recording tshark tcp dump from loopback NIC
#Pcap.PATHS = Pcap.TSHARK_PATHS
#tshark_cmd = "tshark -i 2 -w {0}".format(self.tshark_filename)
#tshark_exec = self.get_path("TShark")
#log.info("tshark_exec: " + tshark_exec)
#self.tshark_proc = Popen(shlex.split(tshark_cmd), #executable=tshark_exec, stdout=PIPE, stderr=STDOUT)
#log.info("ran tshark")
#output,err = self.tshark_proc.communicate()
#if err:
# log.error(err)
#Pcap.PATHS = Pcap.IE_PATHS
iexplore = self.get_path("Internet Explorer")
log.info("iexplore: " + iexplore)
log.info("url: " + open_url)
return self.execute(iexplore, args="%s" % open_url)
except Exception, e:
log.error("Error starting Web Server: %s",
str(CTCore.msg_type.ERROR))
if str(e).find("Errno 1004") > 0 or str(e).find("Errno 98") > 0:
log.error(" Port " + str(CTCore.PORT) + " is already taken.")
log.error(
" Change the port using 'CapTipper.py <pcap_file> -p <port=80>' or use '-s' to disable web server"
)
log.error(" Proceeding without starting the web server..." +
CTCore.newLine)
else:
log.error(str(e))
def get_server(self):
try:
return ProxyServer(self.proxy_config)
except:
self.status_bar.showMessage('Error running proxy server')
def __init__(self, policy, port, hostre, reporturi, block, callback):
config = proxy.ProxyConfig(port = port)
state = flow.State()
server = ProxyServer(config)
self.proxy = CSPTestMaster(server, state, policy, hostre, reporturi, block, callback)
