proxy

package
v1.21.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 12, 2024 License: BSD-3-Clause Imports: 37 Imported by: 0

Documentation

Overview

Package proxy contains the core of the Muraena server

NOTE: This version has been modified for the Muraena needs, for instance removing the X-Forwarded-For header

Index

Constants

View Source 
const (
	// Base64Padding is the padding to use within base64 operations
	Base64Padding = '='
)
View Source 
const CustomWildcardSeparator = "---"
View Source 
const WildcardLabel = "wld"

Variables

View Source 
var (
	Wildcards = false
)

Functions

func ArmorDomain 

func ArmorDomain(slice []string) []string

ArmorDomain filters duplicate strings in place and returns a slice with only unique strings.

func GetSenderIP 

func GetSenderIP(req *http.Request) string

GetSenderIP returns the IP address of the client that sent the request. It checks the following headers in cascade order: - True-Client-IP - CF-Connecting-IP - X-Forwarded-For If none of the headers contain a valid IP, it falls back to RemoteAddr. TODO Update Watchdog to use this function

func IsSubdomain 

func IsSubdomain(root string, subdomain string) bool

IsSubdomain checks if a string is a subdomain of another string. It returns true if the given string is a subdomain of the root string.

func RedirectToHTTPS 

func RedirectToHTTPS(port int) http.HandlerFunc

func Run 

func Run(sess *session.Session)

Types

type Base64 

type Base64 struct {
	Enabled bool
	Padding []string
}

Base64 identifies if the transformation should consider base-64 data and the related padding rules

type BufferPool 

type BufferPool interface {
	Get() []byte
	Put([]byte)
}

A BufferPool is an interface for getting and returning temporary byte slices for use by io.CopyBuffer.

type MuraenaProxy 

type MuraenaProxy struct {
	Session *session.Session

	Origin       string   // proxy origin (phishing site)
	Target       *url.URL // proxy destination (real site)
	Victim       string   // UUID
	ReverseProxy *ReverseProxy
	Tracker      *tracking.Tracker
	Replacer     *Replacer
}

func (*MuraenaProxy) ProxyErrHandler 

func (muraena *MuraenaProxy) ProxyErrHandler(response http.ResponseWriter, request *http.Request, err error)

func (*MuraenaProxy) RequestBodyProcessor 

func (muraena *MuraenaProxy) RequestBodyProcessor(request *http.Request, track *tracking.Trace, base64 Base64) (err error)

func (*MuraenaProxy) RequestProcessor 

func (muraena *MuraenaProxy) RequestProcessor(request *http.Request) (err error)

func (*MuraenaProxy) ResponseProcessor 

func (muraena *MuraenaProxy) ResponseProcessor(response *http.Response) (err error)

type MuraenaProxyInit 

type MuraenaProxyInit struct {
	Session  *session.Session
	Replacer *Replacer

	Origin string // proxy origin (phishing site)
	Target string // proxy destination (real site)
}

func (*MuraenaProxyInit) Spawn 

func (init *MuraenaProxyInit) Spawn() *MuraenaProxy

type Replacer 

type Replacer struct {
	Phishing                      string
	Target                        string
	ExternalOrigin                []string
	ExternalOriginPrefix          string
	Origins                       map[string]string
	WildcardMapping               map[string]string
	SubdomainMap                  [][]string
	CustomResponseTransformations [][]string
	ForwardReplacements           []string `json:"-"`
	ForwardWildcardReplacements   []string `json:"-"`
	BackwardReplacements          []string `json:"-"`
	BackwardWildcardReplacements  []string `json:"-"`
	LastForwardReplacements       []string `json:"-"`
	LastBackwardReplacements      []string `json:"-"`
	WildcardDomain                string   `json:"-"`
	// contains filtered or unexported fields
}

Replacer structure used to populate the transformation rules

func (*Replacer) DomainMapping 

func (r *Replacer) DomainMapping() (err error)

func (*Replacer) GetBackwardReplacements 

func (r *Replacer) GetBackwardReplacements() []string

GetBackwardReplacements returns the BackwardReplacements used in the transformation rules. It returns a copy of the internal slice sorted by length in descending order.

func (*Replacer) GetExternalOrigins 

func (r *Replacer) GetExternalOrigins() []string

GetExternalOrigins returns the ExternalOrigins used in the transformation rules. It returns a copy of the internal slice.

func (*Replacer) GetForwardReplacements 

func (r *Replacer) GetForwardReplacements() []string

GetForwardReplacements returns the ForwardReplacements used in the transformation rules. It returns a copy of the internal slice sorted by length in descending order.

func (*Replacer) GetLastBackwardReplacements 

func (r *Replacer) GetLastBackwardReplacements() []string

GetLastBackwardReplacements returns the LastBackwardReplacements used in the transformation rules. It returns a copy of the internal slice sorted by length in descending order.

func (*Replacer) GetLastForwardReplacements 

func (r *Replacer) GetLastForwardReplacements() []string

GetLastForwardReplacements returns the LastForwardReplacements used in the transformation rules. It returns a copy of the internal slice sorted by length in descending order.

func (*Replacer) GetOrigins 

func (r *Replacer) GetOrigins() map[string]string

GetOrigins returns the Origins mapping used in the transformation rules. It returns a copy of the internal map.

func (*Replacer) GetSessionFileName 

func (r *Replacer) GetSessionFileName() string

GetSessionFileName returns the session file name It generates the value from the Target domain, adding session.json at the end

func (*Replacer) GetWildcardMapping 

func (r *Replacer) GetWildcardMapping() map[string]string

GetWildcardMapping returns the WildcardMapping used in the transformation rules. It returns a copy of the internal map.

func (*Replacer) Init 

func (r *Replacer) Init(s session.Session) error

Init initializes the Replacer struct. If session.json is found, it loads the data from it. Otherwise, it creates a new Replacer struct.

func (*Replacer) Load 

func (r *Replacer) Load() error

Load loads the Replacer data from a JSON file.

func (*Replacer) MakeReplacements 

func (r *Replacer) MakeReplacements()

MakeReplacements prepares the forward and backward replacements to be used in the proxy

func (*Replacer) PatchComposedWildcardURL 

func (r *Replacer) PatchComposedWildcardURL(URL string) (result string)

func (*Replacer) Save 

func (r *Replacer) Save() error

Save saves the Replacer struct to a file as JSON.

func (*Replacer) SetBackwardReplacements 

func (r *Replacer) SetBackwardReplacements(replacements []string)

SetBackwardReplacements sets the BackwardReplacements used in the transformation rules.

func (*Replacer) SetBackwardWildcardReplacements 

func (r *Replacer) SetBackwardWildcardReplacements(replacements []string)

SetBackwardWildcardReplacements sets the BackwardWildcardReplacements used in the transformation rules.

func (*Replacer) SetCustomResponseTransformations 

func (r *Replacer) SetCustomResponseTransformations(newTransformations [][]string)

SetCustomResponseTransformations sets the CustomResponseTransformations used in the transformation rules.

func (*Replacer) SetExternalOrigins 

func (r *Replacer) SetExternalOrigins(origins []string)

SetExternalOrigins sets the ExternalOrigins used in the transformation rules.

func (*Replacer) SetForwardReplacements 

func (r *Replacer) SetForwardReplacements(replacements []string)

SetForwardReplacements sets the ForwardReplacements used in the transformation rules.

func (*Replacer) SetForwardWildcardReplacements 

func (r *Replacer) SetForwardWildcardReplacements(replacements []string)

SetForwardWildcardReplacements sets the ForwardWildcardReplacements used in the transformation rules.

func (*Replacer) SetLastBackwardReplacements 

func (r *Replacer) SetLastBackwardReplacements(replacements []string)

SetLastBackwardReplacements sets the LastBackwardReplacements used in the transformation rules.

func (*Replacer) SetLastForwardReplacements 

func (r *Replacer) SetLastForwardReplacements(replacements []string)

SetLastForwardReplacements sets the LastForwardReplacements used in the transformation rules.

func (*Replacer) SetOrigins 

func (r *Replacer) SetOrigins(newOrigins map[string]string)

SetOrigins sets the Origins mapping used in the transformation rules.

func (*Replacer) SetWildcardDomain 

func (r *Replacer) SetWildcardDomain(domain string)

SetWildcardDomain sets the WildcardDomain used in the transformation rules.

func (*Replacer) SetWildcardMapping 

func (r *Replacer) SetWildcardMapping(domain, mapping string)

SetWildcardMapping sets the WildcardMapping used in the transformation rules.

func (*Replacer) Transform 

func (r *Replacer) Transform(input string, forward bool, b64 Base64, repetitions ...int) (result string)

Transform If used with forward=true, Transform uses Replacer to replace all occurrences of the phishing origin, the external domains defined, as well as the rest of the data to be replaced defined in MakeReplacements(), with the target real origin. If used with forward=false, Transform will replace data coming from the targeted origin with the real proxied origin (target). Forward: - true > change requests, i.e. phishing > target origin - false > change response, i.e. target origin > phishing Base64: Since some request parameter values can be base64 encoded, we need to decode first, apply the transformation and re-encode (hello ReCaptcha) TODO: the b64 can be set into the Replacer struct

func (*Replacer) WildcardPrefix 

func (r *Replacer) WildcardPrefix() string

WildcardPrefix returns the wildcard prefix used in the transformation rules.

func (*Replacer) WildcardRegex 

func (r *Replacer) WildcardRegex(custom bool) string

WildcardRegex returns the wildcard regex used in the transformation rules. Returns a string in the format [a-zA-Z0-9.-]+.WildcardPrefix()

type Response 

type Response struct {
	*http.Response
}

func (*Response) Encode 

func (response *Response) Encode(buffer []byte) (err error)

func (*Response) Unpack 

func (response *Response) Unpack() (buffer []byte, err error)

type ReverseProxy 

type ReverseProxy struct {
	// Director must be a function which modifies
	// the request into a new request to be sent
	// using Transport. Its response is then copied
	// back to the original client unmodified.
	// Director must not access the provided RequestTemplate
	// after returning.
	Director func(*http.Request)

	// The transport used to perform proxy requests.
	// If nil, http.DefaultTransport is used.
	Transport http.RoundTripper

	// FlushInterval specifies the flush interval
	// to flush to the client while copying the
	// response body.
	// If zero, no periodic flushing is done.
	FlushInterval time.Duration

	// ErrorLog specifies an optional logger for errors
	// that occur when attempting to proxy the request.
	// If nil, logging goes to os.Stderr via the log package's
	// standard logger.
	ErrorLog *log.Logger

	// BufferPool optionally specifies a buffer pool to
	// get byte slices for use by io.CopyBuffer when
	// copying HTTP response bodies.
	BufferPool BufferPool

	// ModifyResponse is an optional function that modifies the
	// Response from the backend. It is called if the backend
	// returns a response at all, with any HTTP status code.
	// If the backend is unreachable, the optional ErrorHandler is
	// called without any call to ModifyResponse.
	//
	// If ModifyResponse returns an error, ErrorHandler is called
	// with its error value. If ErrorHandler is nil, its default
	// implementation is used.
	ModifyResponse func(*http.Response) error

	// ErrorHandler is an optional function that handles errors
	// reaching the backend or errors from ModifyResponse.
	//
	// If nil, the default is to log the provided error and return
	// a 502 Status Bad Gateway response.
	ErrorHandler func(http.ResponseWriter, *http.Request, error)
}

ReverseProxy is an HTTP Handler that takes an incoming request and sends it to another server, proxying the response back to the client.

func NewSingleHostReverseProxy 

func NewSingleHostReverseProxy(target *url.URL) *ReverseProxy

NewSingleHostReverseProxy returns a new ReverseProxy that routes URLs to the scheme, host, and base path provided in target. If the target's path is "/base" and the incoming request was for "/dir", the target request will be for /base/dir. NewSingleHostReverseProxy does not rewrite the Host header. To rewrite Host headers, use ReverseProxy directly with a custom Director policy.

func (*ReverseProxy) ServeHTTP 

func (p *ReverseProxy) ServeHTTP(rw http.ResponseWriter, req *http.Request)

type SessionType 

type SessionType struct {
	Session  *session.Session
	Replacer *Replacer
}

func (SessionType) HandleFood 

func (st SessionType) HandleFood(response http.ResponseWriter, request *http.Request)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.