iframe injector example: use inline script

This commit is contained in:
Maximilian Hils 2014-09-05 15:05:44 +02:00
parent a7a3b5703a
commit f2570c773a
3 changed files with 20 additions and 50 deletions

View File

@ -1,50 +0,0 @@
#!/usr/bin/env python
"""
Zap encoding in requests and inject iframe after body tag in html responses.
Usage:
iframe_injector http://someurl/somefile.html
"""
from libmproxy import controller, proxy
import os
import sys
class InjectingMaster(controller.Master):
def __init__(self, server, iframe_url):
controller.Master.__init__(self, server)
self._iframe_url = iframe_url
def run(self):
try:
return controller.Master.run(self)
except KeyboardInterrupt:
self.shutdown()
def handle_request(self, msg):
if 'Accept-Encoding' in msg.headers:
msg.headers["Accept-Encoding"] = 'none'
msg.reply()
def handle_response(self, msg):
if msg.content:
c = msg.replace('<body>', '<body><iframe src="%s" frameborder="0" height="0" width="0"></iframe>' % self._iframe_url)
if c > 0:
print 'Iframe injected!'
msg.reply()
def main(argv):
if len(argv) != 2:
print "Usage: %s IFRAME_URL" % argv[0]
sys.exit(1)
iframe_url = argv[1]
config = proxy.ProxyConfig(
cacert = os.path.expanduser("~/.mitmproxy/mitmproxy-ca.pem")
)
server = proxy.ProxyServer(config, 8080)
print 'Starting proxy...'
m = InjectingMaster(server, iframe_url)
m.run()
if __name__ == '__main__':
main(sys.argv)

View File

@ -0,0 +1,18 @@
# Usage: mitmdump -s "iframe_injector.py url"
# (this script works best with --anticache)
from libmproxy.protocol.http import decoded
def start(ctx, argv):
if len(argv) != 2:
raise ValueError('Usage: -s "iframe_injector.py url"')
ctx.iframe_url = argv[1]
def handle_response(ctx, flow):
with decoded(flow.response): # Remove content encoding (gzip, ...)
c = flow.response.replace(
'<body>',
'<body><iframe src="%s" frameborder="0" height="0" width="0"></iframe>' % ctx.iframe_url)
if c > 0:
ctx.log("Iframe injected!")

View File

@ -12,6 +12,8 @@ def test_load_scripts():
tmaster = tservers.TestMaster(config.ProxyConfig()) tmaster = tservers.TestMaster(config.ProxyConfig())
for f in scripts: for f in scripts:
if "iframe_injector" in f:
f += " foo" # one argument required
if "modify_response_body" in f: if "modify_response_body" in f:
f += " foo bar" # two arguments required f += " foo bar" # two arguments required
script.Script(f, tmaster) # Loads the script file. script.Script(f, tmaster) # Loads the script file.