Class: BetterCap::Proxy::HTTP::SSLStrip::Strip
- Inherits:
-
Object
- Object
- BetterCap::Proxy::HTTP::SSLStrip::Strip
- Defined in:
- lib/bettercap/proxy/http/sslstrip/strip.rb
Overview
Handle SSL stripping.
Constant Summary collapse
- MAX_REDIRECTS =
Maximum number of redirects to detect a HTTPS redirect loop.
3
- HTTPS_URL_RE =
Regular expression used to parse HTTPS urls.
/(https:\/\/[^"'\/]+)/i
Instance Method Summary collapse
-
#initialize(ctx) ⇒ Strip
constructor
Create an instance of this object.
-
#preprocess(request) ⇒ Object
Check if the
request
is a result of a stripped link/redirect and handle cookies cleaning. -
#process(request, response) ⇒ Object
Process the
request
and if it’s a redirect to a HTTPS url patch the Location header and retry. - #unstrip(request, url) ⇒ Object
-
#was_stripped?(request) ⇒ Boolean
Return true if the
request
was stripped.
Constructor Details
#initialize(ctx) ⇒ Strip
Create an instance of this object.
105 106 107 108 109 110 111 112 |
# File 'lib/bettercap/proxy/http/sslstrip/strip.rb', line 105 def initialize( ctx ) @stripped = [] @cookies = CookieMonitor.new @favicon = Response.from_file( File.dirname(__FILE__) + '/lock.ico', 'image/x-icon' ) @resolver = BetterCap::Network::Servers::DNSD.new( nil, ctx.ifconfig[:ip_saddr], ctx..servers.dnsd_port ) @resolver.start end |
Instance Method Details
#preprocess(request) ⇒ Object
Check if the request
is a result of a stripped link/redirect and handle cookies cleaning. Return a response object or nil if the request must be performed.
137 138 139 140 141 142 143 144 145 |
# File 'lib/bettercap/proxy/http/sslstrip/strip.rb', line 137 def preprocess( request ) process_headers!(request) response = (request) if response.nil? process_stripped!(request) response = spoof_favicon!(request) end response end |
#process(request, response) ⇒ Object
Process the request
and if it’s a redirect to a HTTPS url patch the Location header and retry. Process the response
and replace every https link in its body with http counterparts.
151 152 153 154 155 156 157 158 159 160 161 162 163 |
# File 'lib/bettercap/proxy/http/sslstrip/strip.rb', line 151 def process( request, response ) # check for a redirect if process_redirection!( request, response ) # retry the request return true end process_headers!(response) process_body!( request, response ) # do not retry the request. false end |
#unstrip(request, url) ⇒ Object
125 126 127 128 129 130 131 132 |
# File 'lib/bettercap/proxy/http/sslstrip/strip.rb', line 125 def unstrip( request, url ) @stripped.each do |s| if s.client == request.client and s.stripped.start_with?(url) return s.original end end url end |
#was_stripped?(request) ⇒ Boolean
Return true if the request
was stripped.
115 116 117 118 119 120 121 122 123 |
# File 'lib/bettercap/proxy/http/sslstrip/strip.rb', line 115 def was_stripped?(request) url = request.base_url @stripped.each do |s| if s.client == request.client and s.stripped.start_with?(url) return true end end false end |