NodeJS proxy with JS intrumentation
modules:
- python mitmproxy
- esprima
- cheerio
- mitmproxy
- modified target response on the fly
- instrument dom-based XSS
Last active
May 2, 2017 00:54
-
-
Save lotusirous/f3c78f6002ee2949bcaf6c8aa45eeeb0 to your computer and use it in GitHub Desktop.
mitmproxy for modifying js on-the-fly
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var zerorpc = require("zerorpc"); | |
| var server = new zerorpc.Server({ | |
| process: function (data, reply) { | |
| // Init | |
| var _isHTML = false, | |
| _isJS = false; | |
| var _contentType = ""; | |
| var _headers = JSON.parse(data).headers; | |
| var _content = JSON.parse(data).content; | |
| var processedContent = ""; | |
| // Methods | |
| var initProcess = function () { | |
| if (_headers['Content-Type']) { | |
| _contentType = _headers['Content-Type']; | |
| if (_contentType.match(/javascript/)) { | |
| _isJS = true; | |
| } else if (_contentType.match(/text\/html/)) { | |
| _isHTML = true; | |
| } | |
| } | |
| if (_isHTML || _isJS) { | |
| processedContent = new Buffer(0); | |
| } | |
| }; | |
| var _instrumentJS = function (strJS) { | |
| return strJS; | |
| }; | |
| var _instrumentHTML = function (strHTML) { | |
| return strHTML; | |
| }; | |
| /* | |
| Main process | |
| */ | |
| initProcess(); | |
| if (_isJS) { | |
| processedContent = _instrumentJS(_content); | |
| } else if (_isHTML) { | |
| processedContent = _instrumentHTML(_content); | |
| } else { | |
| processedContent = _content; | |
| } | |
| reply(null, "Hello, " + processedContent, false); | |
| } | |
| }); | |
| <<<<<<< HEAD | |
| server.bind("tcp://127.0.0.1:3000"); | |
| ======= | |
| server.bind("tcp://127.0.0.1:3000"); | |
| >>>>>>> b7c9613e88cf2c043fa5dfafcc0d8429720923d4 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from libmproxy.models import decoded | |
| from re import search | |
| import zerorpc | |
| import json | |
| buffer_size = 4096 | |
| def instrument(data): | |
| ret = "" | |
| c = zerorpc.Client() | |
| c.connect("tcp://127.0.0.1:3000") | |
| return c.process(data) | |
| def response(context, flow): | |
| with decoded(flow.response): # automatically decode gzipped responses. | |
| headers = flow.response.headers.fields | |
| contentType = flow.response.headers.get('Content-Type') | |
| content = flow.response.content | |
| isProcess = False | |
| if search("text\/html",contentType) or search("javascript", contentType): | |
| print "Process... " | |
| mes = json.dumps({"headers": headers, "content": content}) | |
| content = instrument(mes) | |
| flow.response.content = content |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment