Class: BetterCap::Proxy::HTTP::SSLStrip::Strip

Inherits:

Object

• Object
• BetterCap::Proxy::HTTP::SSLStrip::Strip

Defined in:

lib/bettercap/proxy/http/sslstrip/strip.rb

Overview

Handle SSL stripping.

Constant Summary

MAX_REDIRECTS =

Maximum number of redirects to detect a HTTPS redirect loop.

3

HTTPS_URL_RE =

Regular expression used to parse HTTPS urls.

/(https:\/\/[^"'\/]+)/i

Instance Method Summary

• #initialize(ctx) ⇒ Strip constructor

  Create an instance of this object.

• #preprocess(request) ⇒ Object

  Check if the request is a result of a stripped link/redirect and handle cookies cleaning.

• #process(request, response) ⇒ Object

  Process the request and if it’s a redirect to a HTTPS url patch the Location header and retry.

• #unstrip(request, url) ⇒ Object
• #was_stripped?(request) ⇒ Boolean

  Return true if the request was stripped.

Constructor Details

#initialize(ctx) ⇒ Strip

Create an instance of this object.

# File 'lib/bettercap/proxy/http/sslstrip/strip.rb', line 103

def initialize( ctx )
  @stripped = []
  @cookies  = CookieMonitor.new
  @favicon  = Response.from_file( File.dirname(__FILE__) + '/lock.ico', 'image/x-icon' )
  @resolver = BetterCap::Network::Servers::DNSD.new( nil, ctx.iface.ip, ctx.options.servers.dnsd_port )

  @resolver.start
end

Instance Method Details

#preprocess(request) ⇒ Object

Check if the request is a result of a stripped link/redirect and handle cookies cleaning. Return a response object or nil if the request must be performed.

# File 'lib/bettercap/proxy/http/sslstrip/strip.rb', line 135

def preprocess( request )
  process_headers!(request)
  response = process_cookies!(request)
  if response.nil?
    process_stripped!(request)
    response = spoof_favicon!(request)
  end
  response
end

#process(request, response) ⇒ Object

Process the request and if it’s a redirect to a HTTPS url patch the Location header and retry. Process the response and replace every https link in its body with http counterparts.

# File 'lib/bettercap/proxy/http/sslstrip/strip.rb', line 149

def process( request, response )
  # check for a redirect
  if process_redirection!( request, response )
    # retry the request
    return true
  end

  process_headers!(response)
  process_body!( request, response )

  # do not retry the request.
  false
end

#unstrip(request, url) ⇒ Object

# File 'lib/bettercap/proxy/http/sslstrip/strip.rb', line 123

def unstrip( request, url )
  @stripped.each do |s|
    if s.client == request.client and s.stripped.start_with?(url)
      return s.original
    end
  end
  url
end

#was_stripped?(request) ⇒ Boolean

Return true if the request was stripped.

Returns:

• (Boolean)

# File 'lib/bettercap/proxy/http/sslstrip/strip.rb', line 113

def was_stripped?(request)
  url = request.base_url
  @stripped.each do |s|
    if s.client == request.client and s.stripped.start_with?(url)
      return true
    end
  end
  false
end