kai/ManInTheMiddleAmongUs
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Init with pokemmo script

Browse Source
This commit is contained in:
Kai Vogelgesang 2020-10-09 14:14:59 +02:00
commit 2a4b0fa409
4 changed files with 317 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

138
.gitignore vendored Normal file
View File

@ -0,0 +1,138 @@
# Byte-compiled / optimized / DLL files
__pycache__/
*.py[cod]
*$py.class
# C extensions
*.so
# Distribution / packaging
.Python
build/
develop-eggs/
dist/
downloads/
eggs/
.eggs/
lib/
lib64/
parts/
sdist/
var/
wheels/
share/python-wheels/
*.egg-info/
.installed.cfg
*.egg
MANIFEST
# PyInstaller
# Usually these files are written by a python script from a template
# before PyInstaller builds the exe, so as to inject date/other infos into it.
*.manifest
*.spec
# Installer logs
pip-log.txt
pip-delete-this-directory.txt
# Unit test / coverage reports
htmlcov/
.tox/
.nox/
.coverage
.coverage.*
.cache
nosetests.xml
coverage.xml
*.cover
*.py,cover
.hypothesis/
.pytest_cache/
cover/
# Translations
*.mo
*.pot
# Django stuff:
*.log
local_settings.py
db.sqlite3
db.sqlite3-journal
# Flask stuff:
instance/
.webassets-cache
# Scrapy stuff:
.scrapy
# Sphinx documentation
docs/_build/
# PyBuilder
.pybuilder/
target/
# Jupyter Notebook
.ipynb_checkpoints
# IPython
profile_default/
ipython_config.py
# pyenv
# For a library or package, you might want to ignore these files since the code is
# intended to run in multiple environments; otherwise, check them in:
# .python-version
# pipenv
# According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
# However, in case of collaboration, if having platform-specific dependencies or dependencies
# having no cross-platform support, pipenv may install dependencies that don't work, or not
# install all needed dependencies.
#Pipfile.lock
# PEP 582; used by e.g. github.com/David-OConnor/pyflow
__pypackages__/
# Celery stuff
celerybeat-schedule
celerybeat.pid
# SageMath parsed files
*.sage.py
# Environments
.env
.venv
env/
venv/
ENV/
env.bak/
venv.bak/
# Spyder project settings
.spyderproject
.spyproject
# Rope project settings
.ropeproject
# mkdocs documentation
/site
# mypy
.mypy_cache/
.dmypy.json
dmypy.json
# Pyre type checker
.pyre/
# pytype static type analyzer
.pytype/
# Cython debug symbols
cython_debug/

52
forwarding.py Normal file
View File

@ -0,0 +1,52 @@
import asyncio
import signal
async def a2b(a_reader: asyncio.StreamReader, b_writer: asyncio.StreamWriter, tag: str, queue: asyncio.Queue):
while True:
data = await a_reader.read(65536)
if not data:
break
await queue.put((tag, data))
b_writer.write(data)
class Forwarder:
def __init__(self, listen_host: str, listen_port: int, server_host: str, server_port: int, queue: asyncio.Queue):
self.listen_host = listen_host
self.listen_port = listen_port
self.server_host = server_host
self.server_port = server_port
self.queue = queue
async def handle_client(self, client_reader: asyncio.StreamReader, client_writer: asyncio.StreamWriter):
server_reader, server_writer = await asyncio.open_connection(self.server_host, self.server_port)
s2c = asyncio.create_task(a2b(server_reader, client_writer, 'server', self.queue))
c2s = asyncio.create_task(a2b(client_reader, server_writer, 'client', self.queue))
_, pending = await asyncio.wait([s2c, c2s], return_when=asyncio.FIRST_COMPLETED)
for future in pending:
future.cancel()
if not client_writer.is_closing():
client_writer.close()
if not server_writer.is_closing():
server_writer.close()
await asyncio.wait([client_writer.wait_closed(), server_writer.wait_closed()])
async def run(self):
srv = await asyncio.start_server(self.handle_client, host=self.listen_host, port=self.listen_port)
asyncio.get_event_loop().add_signal_handler(signal.SIGINT, lambda: srv.close())
try:
await srv.serve_forever()
except asyncio.CancelledError:
pass

42
handler.py Normal file
View File

@ -0,0 +1,42 @@
import binascii
"""
import hashlib
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
from cryptography.hazmat.backends import default_backend
IV_SEED = b'IVDERIV'
KEY_1 = bytes([
(x + 0xFF) % 0xFF for x in [31, -102, -128, 60, -103, 38, 10, -117, -105, -50, 2, 116, -83, 57, 39, -76]
])
KEY_2 = bytes([
(x + 0xFF) % 0xFF for x in [63, 24, -15, 98, 114, 7, 68, 24, -12, 109, -111, -105, 66, -96, -2, -55]
])
def get_iv(key):
m = hashlib.sha256()
m.update(IV_SEED)
m.update(key)
m.update(IV_SEED)
return m.digest()[:16]
backend = default_backend()
CIPHER_1 = Cipher(algorithms.AES(KEY_1), modes.CTR(get_iv(KEY_1)), backend=backend)
CIPHER_2 = Cipher(algorithms.AES(KEY_2), modes.CTR(get_iv(KEY_2)), backend=backend)
dec_1 = CIPHER_1.decryptor()
dec_2 = CIPHER_2.decryptor()
"""
def handle(tag: str, data: bytes):
if tag == 'server':
return
print(binascii.hexlify(data).decode())
# print(binascii.hexlify(data[0:2] + dec_1.update(data[2:-3])).decode())
# print(binascii.hexlify(data[0:2] + dec_2.update(data[2:-3])).decode())
print('\n')

85
main.py Normal file
View File

@ -0,0 +1,85 @@
import asyncio
import importlib
import traceback
import os
import argparse
import ipaddress
import socket
import forwarding
import handler
async def queue_handler(queue: asyncio.Queue):
last_edit_timestamp = os.stat(handler.__file__).st_mtime_ns
while True:
tag, data = await queue.get()
try:
timestamp = os.stat(handler.__file__).st_mtime_ns
if timestamp > last_edit_timestamp:
importlib.reload(handler)
last_edit_timestamp = timestamp
if asyncio.iscoroutinefunction(handler.handle):
await handler.handle(tag, data)
else:
handler.handle(tag, data)
except Exception:
traceback.print_exc()
async def main():
p = argparse.ArgumentParser()
p.add_argument('remote_host', type=str, help='Host you want to spy on')
p.add_argument('remote_port', type=int, help='Port on remote_host')
p.add_argument('--listen-host', type=str, default='0.0.0.0', help='MITM binds to this (default 0.0.0.0)')
p.add_argument('--listen-port', type=int, default=1337, help='MITM port (default 1337)')
p.add_argument('--output-host', type=str, default='10.227.12.40',
help='IP used to proxy remote_host (default 10.227.12.40)')
p.add_argument('--output-port', type=int, default=1337, help='Port used by proxy (default 1337)')
args = p.parse_args()
remote_host_ip = ipaddress.IPv4Address(socket.gethostbyname(args.remote_host))
listen_host_ip = ipaddress.IPv4Address(args.listen_host)
output_host_ip = ipaddress.IPv4Address(args.output_host)
# set up iptables
os.system(f'sudo iptables '
f'-t nat -A OUTPUT '
f'-d {remote_host_ip} -p tcp --dport {args.remote_port} '
f'-j DNAT --to 127.0.0.1:{args.listen_port}')
os.system(f'sudo iptables '
f'-t nat -A OUTPUT '
f'-d {output_host_ip} -p tcp --dport {args.output_port} '
f'-j DNAT --to {remote_host_ip}:{args.remote_port}')
# run man-in-the-middle
queue = asyncio.Queue()
forwarder = forwarding.Forwarder(str(listen_host_ip), args.listen_port,
str(output_host_ip), args.output_port,
queue)
queue_task = asyncio.create_task(queue_handler(queue))
await forwarder.run()
queue_task.cancel()
# tear down iptables
os.system(f'sudo iptables '
f'-t nat -D OUTPUT '
f'-d {remote_host_ip} -p tcp --dport {args.remote_port} '
f'-j DNAT --to 127.0.0.1:{args.listen_port}')
os.system(f'sudo iptables '
f'-t nat -D OUTPUT '
f'-d {output_host_ip} -p tcp --dport {args.output_port} '
f'-j DNAT --to {remote_host_ip}:{args.remote_port}')
if __name__ == '__main__':
asyncio.run(main())