fakessl 0.0.1
Sign up to get free protection for your applications and to get access to all the features.
- data/Gemfile +5 -0
- data/LICENSE.txt +22 -0
- data/README.md +26 -0
- data/Rakefile +1 -0
- data/bin/fakessl +46 -0
- data/fakessl.gemspec +20 -0
- data/lib/fakessl/fakessl.rb +45 -0
- data/lib/fakessl/version.rb +3 -0
- data/lib/fakessl.rb +6 -0
- metadata +55 -0
data/Gemfile
ADDED
data/LICENSE.txt
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
Copyright (c) 2012 Matteo Michelini - cor3ngine
|
2
|
+
|
3
|
+
MIT License
|
4
|
+
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
6
|
+
a copy of this software and associated documentation files (the
|
7
|
+
"Software"), to deal in the Software without restriction, including
|
8
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
9
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
10
|
+
permit persons to whom the Software is furnished to do so, subject to
|
11
|
+
the following conditions:
|
12
|
+
|
13
|
+
The above copyright notice and this permission notice shall be
|
14
|
+
included in all copies or substantial portions of the Software.
|
15
|
+
|
16
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
17
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
18
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
19
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
20
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
21
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
22
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,26 @@
|
|
1
|
+
# FakeSSL
|
2
|
+
|
3
|
+
FakeSSL impersonates an HTTPS server and displays the client requests.
|
4
|
+
|
5
|
+
## Installation
|
6
|
+
|
7
|
+
Download and unzip the master zip from github and execute the following into fakessl dir
|
8
|
+
|
9
|
+
$ gem build ./fakessl.gemspec
|
10
|
+
$ gem install fakessl-0.0.1.gem
|
11
|
+
|
12
|
+
Or install it as:
|
13
|
+
|
14
|
+
$ gem install fakessl
|
15
|
+
|
16
|
+
## Usage
|
17
|
+
|
18
|
+
$ fakessl -h
|
19
|
+
|
20
|
+
## Contributing
|
21
|
+
|
22
|
+
1. Fork it
|
23
|
+
2. Create your feature branch (`git checkout -b my-new-feature`)
|
24
|
+
3. Commit your changes (`git commit -am 'Add some feature'`)
|
25
|
+
4. Push to the branch (`git push origin my-new-feature`)
|
26
|
+
5. Create new Pull Request
|
data/Rakefile
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
require "bundler/gem_tasks"
|
data/bin/fakessl
ADDED
@@ -0,0 +1,46 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
$:.unshift File.join(File.dirname(File.dirname(__FILE__)), 'lib')
|
3
|
+
|
4
|
+
require 'fakessl'
|
5
|
+
require 'optparse'
|
6
|
+
|
7
|
+
class String
|
8
|
+
def is_integer?
|
9
|
+
self.to_i.to_s == self
|
10
|
+
end
|
11
|
+
end
|
12
|
+
|
13
|
+
options = {}
|
14
|
+
|
15
|
+
optparse = OptionParser.new do |opts|
|
16
|
+
|
17
|
+
opts.banner = "Usage: ./fakessl.rb -s HOSTNAME -p PORT"
|
18
|
+
opts.on('-h', '--help', 'Display this menu') do
|
19
|
+
puts opts
|
20
|
+
exit
|
21
|
+
end
|
22
|
+
opts.on('-s', '--server HOSTNAME', 'Server that FakeSSL should impersonate') do |f|
|
23
|
+
options[:server] = f
|
24
|
+
end
|
25
|
+
opts.on('-p', '--port PORT', 'Port that FakeSSL should bind eg. 443') do |f|
|
26
|
+
if f.is_integer?
|
27
|
+
options[:port] = f
|
28
|
+
else
|
29
|
+
puts opts
|
30
|
+
exit
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
end
|
35
|
+
|
36
|
+
optparse.parse!
|
37
|
+
|
38
|
+
if (!(options[:server].nil?) && !(options[:port].nil?))
|
39
|
+
if Integer(options[:port]) < 1025
|
40
|
+
raise "Must run as root" unless Process.uid == 0
|
41
|
+
end
|
42
|
+
server = FakeSSL.new(options[:server],options[:port])
|
43
|
+
else
|
44
|
+
$stdout.puts "[-] Mandatory Parameter is missing, try ./fakessl.rb -h"
|
45
|
+
end
|
46
|
+
|
data/fakessl.gemspec
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
# -*- encoding: utf-8 -*-
|
2
|
+
#lib = File.expand_path('../lib', __FILE__)
|
3
|
+
#$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
4
|
+
#require 'fakessl/version'
|
5
|
+
require File.expand_path('../lib/fakessl/version', __FILE__)
|
6
|
+
|
7
|
+
Gem::Specification.new do |gem|
|
8
|
+
gem.name = "fakessl"
|
9
|
+
gem.version = Fakessl::VERSION
|
10
|
+
gem.authors = ["Matteo Michelini"]
|
11
|
+
gem.email = ["cor3ngine@gmail.com"]
|
12
|
+
gem.description = %q{FakeSSL impersonates an HTTPS server and displays the client requests}
|
13
|
+
gem.summary = %q{FakeSSL impersonates an HTTPS server and displays the client requests}
|
14
|
+
gem.homepage = "https://github.com/cor3ngine/fakessl"
|
15
|
+
|
16
|
+
gem.files = `git ls-files`.split($/)
|
17
|
+
gem.executables = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
|
18
|
+
gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
|
19
|
+
gem.require_paths = ["lib"]
|
20
|
+
end
|
@@ -0,0 +1,45 @@
|
|
1
|
+
require 'socket'
|
2
|
+
require 'openssl'
|
3
|
+
|
4
|
+
class FakeSSL
|
5
|
+
|
6
|
+
def initialize(hostname,lport)
|
7
|
+
@hostname = hostname
|
8
|
+
@lport = lport
|
9
|
+
$stdout.puts "[+] Generating fake SSL certificate for #{@hostname}"
|
10
|
+
generate_certificate
|
11
|
+
sslServer = server_setup
|
12
|
+
$stdout.puts "[+] Fake #{@hostname} is listening on port #{@lport}"
|
13
|
+
get_request(sslServer)
|
14
|
+
end
|
15
|
+
|
16
|
+
def generate_certificate
|
17
|
+
%x[openssl req -new -newkey rsa:4096 -days 365 -nodes -x509 -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=#{@hostname}" -keyout #{@hostname}.key -out #{@hostname}.cert]
|
18
|
+
end
|
19
|
+
|
20
|
+
def server_setup
|
21
|
+
server = TCPServer.new(@hostname, @lport)
|
22
|
+
sslContext = OpenSSL::SSL::SSLContext.new
|
23
|
+
#certificate
|
24
|
+
sslContext.cert = OpenSSL::X509::Certificate.new(File.open("#{@hostname}.cert"))
|
25
|
+
#private key
|
26
|
+
sslContext.key = OpenSSL::PKey::RSA.new(File.open("#{@hostname}.key"))
|
27
|
+
sslServer = OpenSSL::SSL::SSLServer.new(server,sslContext)
|
28
|
+
return sslServer
|
29
|
+
end
|
30
|
+
|
31
|
+
def get_request(sslServer)
|
32
|
+
$stdout.puts "[+] Client requests are: "
|
33
|
+
loop do
|
34
|
+
conn = sslServer.accept
|
35
|
+
lineIn = conn.gets
|
36
|
+
if !lineIn.nil?
|
37
|
+
$stdout.puts "=> " + lineIn
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
41
|
+
|
42
|
+
private :generate_certificate, :server_setup, :get_request
|
43
|
+
|
44
|
+
end
|
45
|
+
|
data/lib/fakessl.rb
ADDED
metadata
ADDED
@@ -0,0 +1,55 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: fakessl
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.1
|
5
|
+
prerelease:
|
6
|
+
platform: ruby
|
7
|
+
authors:
|
8
|
+
- Matteo Michelini
|
9
|
+
autorequire:
|
10
|
+
bindir: bin
|
11
|
+
cert_chain: []
|
12
|
+
date: 2012-12-09 00:00:00.000000000 Z
|
13
|
+
dependencies: []
|
14
|
+
description: FakeSSL impersonates an HTTPS server and displays the client requests
|
15
|
+
email:
|
16
|
+
- cor3ngine@gmail.com
|
17
|
+
executables:
|
18
|
+
- fakessl
|
19
|
+
extensions: []
|
20
|
+
extra_rdoc_files: []
|
21
|
+
files:
|
22
|
+
- Gemfile
|
23
|
+
- LICENSE.txt
|
24
|
+
- README.md
|
25
|
+
- Rakefile
|
26
|
+
- bin/fakessl
|
27
|
+
- fakessl.gemspec
|
28
|
+
- lib/fakessl.rb
|
29
|
+
- lib/fakessl/fakessl.rb
|
30
|
+
- lib/fakessl/version.rb
|
31
|
+
homepage: https://github.com/cor3ngine/fakessl
|
32
|
+
licenses: []
|
33
|
+
post_install_message:
|
34
|
+
rdoc_options: []
|
35
|
+
require_paths:
|
36
|
+
- lib
|
37
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
38
|
+
none: false
|
39
|
+
requirements:
|
40
|
+
- - ! '>='
|
41
|
+
- !ruby/object:Gem::Version
|
42
|
+
version: '0'
|
43
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
44
|
+
none: false
|
45
|
+
requirements:
|
46
|
+
- - ! '>='
|
47
|
+
- !ruby/object:Gem::Version
|
48
|
+
version: '0'
|
49
|
+
requirements: []
|
50
|
+
rubyforge_project:
|
51
|
+
rubygems_version: 1.8.24
|
52
|
+
signing_key:
|
53
|
+
specification_version: 3
|
54
|
+
summary: FakeSSL impersonates an HTTPS server and displays the client requests
|
55
|
+
test_files: []
|