Class: BetterCap::Proxy::HTTP::SSLStrip::StrippedObject

Inherits:

Object

• Object
• BetterCap::Proxy::HTTP::SSLStrip::StrippedObject

Defined in:

lib/bettercap/proxy/http/sslstrip/strip.rb

Overview

Represent a stripped url associated to the client that requested it.

Constant Summary

SUBDOMAIN_REPLACES =

Known subdomains to replace.

{
  'www'     => 'wwwww',
  'webmail' => 'wwebmail',
  'mail'    => 'wmail',
  'm'       => 'wmobile'
}.freeze

Instance Attribute Summary

• #client ⇒ Object

  The stripped request client address.

• #original ⇒ Object

  The original URL.

• #stripped ⇒ Object

  The stripped version of the URL.

Class Method Summary

• .normalize(url, schema = 'https') ⇒ Object

  Return a normalized version of url.

• .process(url) ⇒ Object
• .strip(url) ⇒ Object

  Downgrade url from HTTPS to HTTP.

Instance Method Summary

• #initialize(client, original, stripped) ⇒ StrippedObject constructor

  Create an instance with the given arguments.

• #original_hostname ⇒ Object

  Return the #original hostname.

• #stripped_hostname ⇒ Object

  Return the #stripped hostname.

Constructor Details

#initialize(client, original, stripped) ⇒ StrippedObject

Create an instance with the given arguments.

# File 'lib/bettercap/proxy/http/sslstrip/strip.rb', line 37

def initialize( client, original, stripped )
  @client   = client
  @original = original
  @stripped = stripped
end

Instance Attribute Details

#client ⇒ Object

The stripped request client address.

# File 'lib/bettercap/proxy/http/sslstrip/strip.rb', line 22

def client
  @client
end

#original ⇒ Object

The original URL.

# File 'lib/bettercap/proxy/http/sslstrip/strip.rb', line 24

def original
  @original
end

#stripped ⇒ Object

The stripped version of the URL.

# File 'lib/bettercap/proxy/http/sslstrip/strip.rb', line 26

def stripped
  @stripped
end

Class Method Details

.normalize(url, schema = 'https') ⇒ Object

Return a normalized version of url.

# File 'lib/bettercap/proxy/http/sslstrip/strip.rb', line 54

def self.normalize( url, schema = 'https' )
  # add schema if needed
  unless url.include?('://')
    url = "#{schema}://#{url}"
  end
  # add path if needed
  unless url.end_with?('/')
    url = "#{url}/"
  end
  url
end

.process(url) ⇒ Object

# File 'lib/bettercap/proxy/http/sslstrip/strip.rb', line 90

def self.process( url )
  normalized = self.normalize(url)
  stripped   = self.strip(normalized)
  [ normalized, stripped ]
end

.strip(url) ⇒ Object

Downgrade url from HTTPS to HTTP. Will take care of HSTS bypass urls in a near future.

# File 'lib/bettercap/proxy/http/sslstrip/strip.rb', line 68

def self.strip( url )
  # first thing first, downgrade the protocol schema
  stripped = url.gsub( 'https://', 'http://' )
  # search for a known subdomain and replace it
  found = false
  SUBDOMAIN_REPLACES.each do |from,to|
    if stripped.include?( "://#{from}." )
      stripped = stripped.gsub( "://#{from}.", "://#{to}." )
      found = true
      break
    end
  end
  # fallback, prepend custom 'wwwww.'
  unless found
    stripped.gsub!( '://', '://wwwww.' )
  end

  Logger.debug  "[#{'SSLSTRIP'.green} '#{url}' -> '#{stripped}'"

  stripped
end

Instance Method Details

#original_hostname ⇒ Object

Return the #original hostname.

# File 'lib/bettercap/proxy/http/sslstrip/strip.rb', line 44

def original_hostname
  URI::parse(@original).hostname
end

#stripped_hostname ⇒ Object

Return the #stripped hostname.

# File 'lib/bettercap/proxy/http/sslstrip/strip.rb', line 49

def stripped_hostname
  URI::parse(@stripped).hostname
end