Documentation ¶
Overview ¶
Package proxy contains the core of the Muraena server
NOTE: This version has been modified for the Muraena needs, for instance removing the X-Forwarded-For header
Index ¶
- Constants
- Variables
- func ArmorDomain(slice []string) []string
- func GetSenderIP(req *http.Request) string
- func IsSubdomain(root string, subdomain string) bool
- func RedirectToHTTPS(port int) http.HandlerFunc
- func Run(sess *session.Session)
- type Base64
- type BufferPool
- type MuraenaProxy
- func (muraena *MuraenaProxy) ProxyErrHandler(response http.ResponseWriter, request *http.Request, err error)
- func (muraena *MuraenaProxy) RequestBodyProcessor(request *http.Request, track *tracking.Trace, base64 Base64) (err error)
- func (muraena *MuraenaProxy) RequestProcessor(request *http.Request) (err error)
- func (muraena *MuraenaProxy) ResponseProcessor(response *http.Response) (err error)
- type MuraenaProxyInit
- type Replacer
- func (r *Replacer) DomainMapping() (err error)
- func (r *Replacer) GetBackwardReplacements() []string
- func (r *Replacer) GetExternalOrigins() []string
- func (r *Replacer) GetForwardReplacements() []string
- func (r *Replacer) GetLastBackwardReplacements() []string
- func (r *Replacer) GetLastForwardReplacements() []string
- func (r *Replacer) GetOrigins() map[string]string
- func (r *Replacer) GetSessionFileName() string
- func (r *Replacer) GetWildcardMapping() map[string]string
- func (r *Replacer) Init(s session.Session) error
- func (r *Replacer) Load() error
- func (r *Replacer) MakeReplacements()
- func (r *Replacer) PatchComposedWildcardURL(URL string) (result string)
- func (r *Replacer) Save() error
- func (r *Replacer) SetBackwardReplacements(replacements []string)
- func (r *Replacer) SetBackwardWildcardReplacements(replacements []string)
- func (r *Replacer) SetCustomResponseTransformations(newTransformations [][]string)
- func (r *Replacer) SetExternalOrigins(origins []string)
- func (r *Replacer) SetForwardReplacements(replacements []string)
- func (r *Replacer) SetForwardWildcardReplacements(replacements []string)
- func (r *Replacer) SetLastBackwardReplacements(replacements []string)
- func (r *Replacer) SetLastForwardReplacements(replacements []string)
- func (r *Replacer) SetOrigins(newOrigins map[string]string)
- func (r *Replacer) SetWildcardDomain(domain string)
- func (r *Replacer) SetWildcardMapping(domain, mapping string)
- func (r *Replacer) Transform(input string, forward bool, b64 Base64, repetitions ...int) (result string)
- func (r *Replacer) WildcardPrefix() string
- func (r *Replacer) WildcardRegex(custom bool) string
- type Response
- type ReverseProxy
- type SessionType
Constants ¶
const (
// Base64Padding is the padding to use within base64 operations
Base64Padding = '='
)
const CustomWildcardSeparator = "---"
const WildcardLabel = "wld"
Variables ¶
var (
Wildcards = false
)
Functions ¶
func ArmorDomain ¶
ArmorDomain filters duplicate strings in place and returns a slice with only unique strings.
func GetSenderIP ¶
GetSenderIP returns the IP address of the client that sent the request. It checks the following headers in cascade order: - True-Client-IP - CF-Connecting-IP - X-Forwarded-For If none of the headers contain a valid IP, it falls back to RemoteAddr. TODO Update Watchdog to use this function
func IsSubdomain ¶
IsSubdomain checks if a string is a subdomain of another string. It returns true if the given string is a subdomain of the root string.
func RedirectToHTTPS ¶
func RedirectToHTTPS(port int) http.HandlerFunc
Types ¶
type Base64 ¶
Base64 identifies if the transformation should consider base-64 data and the related padding rules
type BufferPool ¶
A BufferPool is an interface for getting and returning temporary byte slices for use by io.CopyBuffer.
type MuraenaProxy ¶
type MuraenaProxy struct { Session *session.Session Origin string // proxy origin (phishing site) Target *url.URL // proxy destination (real site) Victim string // UUID ReverseProxy *ReverseProxy Tracker *tracking.Tracker Replacer *Replacer }
func (*MuraenaProxy) ProxyErrHandler ¶
func (muraena *MuraenaProxy) ProxyErrHandler(response http.ResponseWriter, request *http.Request, err error)
func (*MuraenaProxy) RequestBodyProcessor ¶
func (*MuraenaProxy) RequestProcessor ¶
func (muraena *MuraenaProxy) RequestProcessor(request *http.Request) (err error)
func (*MuraenaProxy) ResponseProcessor ¶
func (muraena *MuraenaProxy) ResponseProcessor(response *http.Response) (err error)
type MuraenaProxyInit ¶
type MuraenaProxyInit struct { Session *session.Session Replacer *Replacer Origin string // proxy origin (phishing site) Target string // proxy destination (real site) }
func (*MuraenaProxyInit) Spawn ¶
func (init *MuraenaProxyInit) Spawn() *MuraenaProxy
type Replacer ¶
type Replacer struct { Phishing string Target string ExternalOrigin []string ExternalOriginPrefix string Origins map[string]string WildcardMapping map[string]string SubdomainMap [][]string CustomResponseTransformations [][]string ForwardReplacements []string `json:"-"` ForwardWildcardReplacements []string `json:"-"` BackwardReplacements []string `json:"-"` BackwardWildcardReplacements []string `json:"-"` LastForwardReplacements []string `json:"-"` LastBackwardReplacements []string `json:"-"` WildcardDomain string `json:"-"` // contains filtered or unexported fields }
Replacer structure used to populate the transformation rules
func (*Replacer) DomainMapping ¶
func (*Replacer) GetBackwardReplacements ¶
GetBackwardReplacements returns the BackwardReplacements used in the transformation rules. It returns a copy of the internal slice sorted by length in descending order.
func (*Replacer) GetExternalOrigins ¶
GetExternalOrigins returns the ExternalOrigins used in the transformation rules. It returns a copy of the internal slice.
func (*Replacer) GetForwardReplacements ¶
GetForwardReplacements returns the ForwardReplacements used in the transformation rules. It returns a copy of the internal slice sorted by length in descending order.
func (*Replacer) GetLastBackwardReplacements ¶
GetLastBackwardReplacements returns the LastBackwardReplacements used in the transformation rules. It returns a copy of the internal slice sorted by length in descending order.
func (*Replacer) GetLastForwardReplacements ¶
GetLastForwardReplacements returns the LastForwardReplacements used in the transformation rules. It returns a copy of the internal slice sorted by length in descending order.
func (*Replacer) GetOrigins ¶
GetOrigins returns the Origins mapping used in the transformation rules. It returns a copy of the internal map.
func (*Replacer) GetSessionFileName ¶
GetSessionFileName returns the session file name It generates the value from the Target domain, adding session.json at the end
func (*Replacer) GetWildcardMapping ¶
GetWildcardMapping returns the WildcardMapping used in the transformation rules. It returns a copy of the internal map.
func (*Replacer) Init ¶
Init initializes the Replacer struct. If session.json is found, it loads the data from it. Otherwise, it creates a new Replacer struct.
func (*Replacer) MakeReplacements ¶
func (r *Replacer) MakeReplacements()
MakeReplacements prepares the forward and backward replacements to be used in the proxy
func (*Replacer) PatchComposedWildcardURL ¶
func (*Replacer) SetBackwardReplacements ¶
SetBackwardReplacements sets the BackwardReplacements used in the transformation rules.
func (*Replacer) SetBackwardWildcardReplacements ¶
SetBackwardWildcardReplacements sets the BackwardWildcardReplacements used in the transformation rules.
func (*Replacer) SetCustomResponseTransformations ¶
SetCustomResponseTransformations sets the CustomResponseTransformations used in the transformation rules.
func (*Replacer) SetExternalOrigins ¶
SetExternalOrigins sets the ExternalOrigins used in the transformation rules.
func (*Replacer) SetForwardReplacements ¶
SetForwardReplacements sets the ForwardReplacements used in the transformation rules.
func (*Replacer) SetForwardWildcardReplacements ¶
SetForwardWildcardReplacements sets the ForwardWildcardReplacements used in the transformation rules.
func (*Replacer) SetLastBackwardReplacements ¶
SetLastBackwardReplacements sets the LastBackwardReplacements used in the transformation rules.
func (*Replacer) SetLastForwardReplacements ¶
SetLastForwardReplacements sets the LastForwardReplacements used in the transformation rules.
func (*Replacer) SetOrigins ¶
SetOrigins sets the Origins mapping used in the transformation rules.
func (*Replacer) SetWildcardDomain ¶
SetWildcardDomain sets the WildcardDomain used in the transformation rules.
func (*Replacer) SetWildcardMapping ¶
SetWildcardMapping sets the WildcardMapping used in the transformation rules.
func (*Replacer) Transform ¶
func (r *Replacer) Transform(input string, forward bool, b64 Base64, repetitions ...int) (result string)
Transform If used with forward=true, Transform uses Replacer to replace all occurrences of the phishing origin, the external domains defined, as well as the rest of the data to be replaced defined in MakeReplacements(), with the target real origin. If used with forward=false, Transform will replace data coming from the targeted origin with the real proxied origin (target). Forward: - true > change requests, i.e. phishing > target origin - false > change response, i.e. target origin > phishing Base64: Since some request parameter values can be base64 encoded, we need to decode first, apply the transformation and re-encode (hello ReCaptcha) TODO: the b64 can be set into the Replacer struct
func (*Replacer) WildcardPrefix ¶
WildcardPrefix returns the wildcard prefix used in the transformation rules.
func (*Replacer) WildcardRegex ¶
WildcardRegex returns the wildcard regex used in the transformation rules. Returns a string in the format [a-zA-Z0-9.-]+.WildcardPrefix()
type ReverseProxy ¶
type ReverseProxy struct { // Director must be a function which modifies // the request into a new request to be sent // using Transport. Its response is then copied // back to the original client unmodified. // Director must not access the provided RequestTemplate // after returning. Director func(*http.Request) // The transport used to perform proxy requests. // If nil, http.DefaultTransport is used. Transport http.RoundTripper // FlushInterval specifies the flush interval // to flush to the client while copying the // response body. // If zero, no periodic flushing is done. FlushInterval time.Duration // ErrorLog specifies an optional logger for errors // that occur when attempting to proxy the request. // If nil, logging goes to os.Stderr via the log package's // standard logger. ErrorLog *log.Logger // BufferPool optionally specifies a buffer pool to // get byte slices for use by io.CopyBuffer when // copying HTTP response bodies. BufferPool BufferPool // ModifyResponse is an optional function that modifies the // Response from the backend. It is called if the backend // returns a response at all, with any HTTP status code. // If the backend is unreachable, the optional ErrorHandler is // called without any call to ModifyResponse. // // If ModifyResponse returns an error, ErrorHandler is called // with its error value. If ErrorHandler is nil, its default // implementation is used. ModifyResponse func(*http.Response) error // ErrorHandler is an optional function that handles errors // reaching the backend or errors from ModifyResponse. // // If nil, the default is to log the provided error and return // a 502 Status Bad Gateway response. ErrorHandler func(http.ResponseWriter, *http.Request, error) }
ReverseProxy is an HTTP Handler that takes an incoming request and sends it to another server, proxying the response back to the client.
func NewSingleHostReverseProxy ¶
func NewSingleHostReverseProxy(target *url.URL) *ReverseProxy
NewSingleHostReverseProxy returns a new ReverseProxy that routes URLs to the scheme, host, and base path provided in target. If the target's path is "/base" and the incoming request was for "/dir", the target request will be for /base/dir. NewSingleHostReverseProxy does not rewrite the Host header. To rewrite Host headers, use ReverseProxy directly with a custom Director policy.
func (*ReverseProxy) ServeHTTP ¶
func (p *ReverseProxy) ServeHTTP(rw http.ResponseWriter, req *http.Request)
type SessionType ¶
func (SessionType) HandleFood ¶
func (st SessionType) HandleFood(response http.ResponseWriter, request *http.Request)