Class: BetterCap::Proxy::HTTP::SSLStrip::StrippedObject

Inherits:
Object
  • Object
show all
Defined in:
lib/bettercap/proxy/http/sslstrip/strip.rb

Overview

Represent a stripped url associated to the client that requested it.

Constant Summary collapse

SUBDOMAIN_REPLACES =

Known subdomains to replace.

{
  'www'     => 'wwwww',
  'webmail' => 'wwebmail',
  'mail'    => 'wmail',
  'm'       => 'wmobile'
}.freeze

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(client, original, stripped) ⇒ StrippedObject

Create an instance with the given arguments.


37
38
39
40
41
# File 'lib/bettercap/proxy/http/sslstrip/strip.rb', line 37

def initialize( client, original, stripped )
  @client   = client
  @original = original
  @stripped = stripped
end

Instance Attribute Details

#clientObject

The stripped request client address.


22
23
24
# File 'lib/bettercap/proxy/http/sslstrip/strip.rb', line 22

def client
  @client
end

#originalObject

The original URL.


24
25
26
# File 'lib/bettercap/proxy/http/sslstrip/strip.rb', line 24

def original
  @original
end

#strippedObject

The stripped version of the URL.


26
27
28
# File 'lib/bettercap/proxy/http/sslstrip/strip.rb', line 26

def stripped
  @stripped
end

Class Method Details

.normalize(url, schema = 'https') ⇒ Object

Return a normalized version of url.


54
55
56
57
58
59
60
61
62
63
64
# File 'lib/bettercap/proxy/http/sslstrip/strip.rb', line 54

def self.normalize( url, schema = 'https' )
  # add schema if needed
  unless url.include?('://')
    url = "#{schema}://#{url}"
  end
  # add path if needed
  unless url.end_with?('/')
    url = "#{url}/"
  end
  url
end

.process(url) ⇒ Object


90
91
92
93
94
# File 'lib/bettercap/proxy/http/sslstrip/strip.rb', line 90

def self.process( url )
  normalized = self.normalize(url)
  stripped   = self.strip(normalized)
  [ normalized, stripped ]
end

.strip(url) ⇒ Object

Downgrade url from HTTPS to HTTP. Will take care of HSTS bypass urls in a near future.


68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
# File 'lib/bettercap/proxy/http/sslstrip/strip.rb', line 68

def self.strip( url )
  # first thing first, downgrade the protocol schema
  stripped = url.gsub( 'https://', 'http://' )
  # search for a known subdomain and replace it
  found = false
  SUBDOMAIN_REPLACES.each do |from,to|
    if stripped.include?( "://#{from}." )
      stripped = stripped.gsub( "://#{from}.", "://#{to}." )
      found = true
      break
    end
  end
  # fallback, prepend custom 'wwwww.'
  unless found
    stripped.gsub!( '://', '://wwwww.' )
  end

  Logger.debug  "[#{'SSLSTRIP'.green} '#{url}' -> '#{stripped}'"

  stripped
end

Instance Method Details

#original_hostnameObject

Return the #original hostname.


44
45
46
# File 'lib/bettercap/proxy/http/sslstrip/strip.rb', line 44

def original_hostname
  URI::parse(@original).hostname
end

#stripped_hostnameObject

Return the #stripped hostname.


49
50
51
# File 'lib/bettercap/proxy/http/sslstrip/strip.rb', line 49

def stripped_hostname
  URI::parse(@stripped).hostname
end