I have improved the visibility of my multi-protocol proxy.
This soft is useful if you want to analyze a protocol, or a daemon. Plug this stuff at the middle, point it to the daemon, and point the client to the proxy.
~ > sha0proxy.pl
/bin/sha0proxy.pl
modes: view trap
At view mode, you can view the comunication.
At trap mode you can interact with the communication.
download sha0proxy
-------- sha0proxy.pl ----------
This soft is useful if you want to analyze a protocol, or a daemon. Plug this stuff at the middle, point it to the daemon, and point the client to the proxy.
~ > sha0proxy.pl
/bin/sha0proxy.pl
modes: view trap
At view mode, you can view the comunication.
At trap mode you can interact with the communication.
download sha0proxy
-------- sha0proxy.pl ----------
#Proxy MultiProtocolo
#sha0proxy.pl v0.5 coded by sha0[@]badchecksum[.]net
#Private No distribuir!!
#TODO: capturar SIGINT
# ncurses para modificar los bytes directamente
# udp
# formato shellcode
# logear
#You have to install vncviewer, and the following perl modules:
#perl -MCPAN -e shell
#cpan>install threads
#...
#cpan>install IO::Socket
#...
#cpan>install IO::Select
#...
use IO::Socket;
use IO::Select;
#use Net::UDP;
my %color=(
red=>"\x1b[31;01m",
green=>"\x1b[32;02m",
yellow=>"\x1b[33;01m",
blue=>"\x1b[34;01m",
magenta=>"\x1b[35;01m",
cyan=>"\x1b[36;01m",
white=>"\x1b[37;00m"
);
die "$0\nmodes: view trap\n" if (@ARGV!=4);
die "Valid modes are: view & trap\n" if ($ARGV[3] ne 'view' && $ARGV[3] ne 'trap');
#my $lport=(int(rand(500))+10000);
my $lport=$ARGV[0];
my $rport=$ARGV[2];
my $rhost=$ARGV[1];
my $buff;
my $vulnerable=0;
my $mode=$ARGV[3];
my $out;
my $in=IO::Socket::INET->new (
LocalAddr=>'0.0.0.0',
LocalPort=>$lport,
Proto=>'tcp',
Listen=>1,
Reuse=>100
) or die "cannot open port $!\n";
print "listening $lport port\n";
#print "\x1b[?25l"; #no cursor
while (my $welcome=$in->accept()) {
$out=IO::Socket::INET->new (
PeerAddr=>$rhost,
PeerPort=>$rport,
Timeout=>20
) or die "cannot connect $!\n";
print "connected to $rhost:$rport\n";
if (!fork()) {
$out->blocking(1);
$welcome->blocking(1);
$out->autoflush(1);
$welcome->autoflush(1);
$s=IO::Select->new($out, $welcome);
proxy:
while(1) {
my @ready = $s->can_read;
foreach my $ready (@ready) {
if($ready == $welcome) {
my $data;
$welcome->recv($data, 8192);
last proxy if (! length($data));
last proxy if(!$out || !$out->connected);
&muestra($data,1);
if ($mode ne 'view') {
print "=>>";
$cmd=;
chomp($cmd);
$data=sprintf(eval("\"$cmd\"")) if (length($cmd));
}
eval { $out->send($data); };
last proxy if $@;
} elsif ($ready == $out) {
my $data;
$out->recv($data, 8192);
last proxy if(!length($data));
last proxy if(!$welcome || !$welcome->connected);
&muestra($data,0);
if ($mode ne 'view') {
print "=<<";
$cmd=;
chomp($cmd);
$data=sprintf(eval("\"$cmd\"")) if (length($cmd));
}
eval { $welcome->send($data); };
last proxy if $@;
}
}#foreach
if (!$welcome || !$out) {
close $out;
close $welcome;
return;
}
}#while 1
} #fork
}
sub muestra {
my $data = $_[0];
my @bytes = split(//,$data);
my $b;
my $alserver = $_[1];
my $count=0;
my $str="";
my $lin=1;
print $color{white};
print ">"x33 if ($alserver);
print "<"x33 if (!$alserver);
print "\n |00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20|";
print "\n---+--------------------------------------------------------------+---\n";
print "000|";
foreach $b (@bytes) {
print $color{green} if (($b ge 'a' && $b le 'z') ||($b ge 'A' && $b le 'Z') || $b eq "\x20");
print $color{blue} if ($b ge '0' && $b le '9');
print $color{red} if ($b eq "\x00");
print $color{cyan} if ($b eq "\x0a" || $b eq "\x0d");
printf "%.2x ",ord($b);
print $color{white};
$b = "." if ($b lt "\x20" || $b gt "\x7e");
$count++;
$str.=$b;
if ($count==21) {
#$str=~s/[^a-z^A-Z^0-9^#^@^:^]/\./ig;
$count = 0;
printf "%s\n%.3d|",$str,$lin;
$lin++;
$str="";
}
}
$str=~s/[^a-z^A-Z^0-9^#^@]/\./ig;
for ($b=$count;$b<21;$b++){
print " ";
}
print $str."\n";
}
Comentarios