Categories
PHP-MiTM 项目、研究

PHP Man-in-The-Middle TCP Proxy

By @sskaje
Link: https://sskaje.me/2016/10/php-man-in-the-middle-tcp-proxy/

After learning modern PHP in past few days, I decide GIVING UP this language now. :(

I wrote an MiTM proxy in PHP for TCP connection forwarding and hijacking, code can be found on github.

This project is based on ReactPHP.

It can be also installed from composer / packagist.org.

I’ve coded some examples in that project, you can try those out and write your own. Including: forward DNS TCP query, forward HTTP query, modify HTTP request.

If you have a linux router/box, you can add some iptables rules forwarding requests to your running instance.

Have fun!

PHP Man-in-The-Middle TCP Proxy by @sskaje: https://sskaje.me/2016/10/php-man-in-the-middle-tcp-proxy/

Incoming search terms:

Categories
Mallory 学习研究 项目、研究

mallory proxy update

By @sskaje
Link: https://sskaje.me/2014/01/mallory-proxy-update/

Here is my fork of mallory: https://bitbucket.org/sskaje/mallory, which, as it’s said, is a powerful TCP/UDP proxy, but way too old.
Here you can find how to install it, but the official repo one.

I created a pull request here, but seems IntrepidusGroup guys are not working on this anymore.

And the TCP/UDP raw protocol debug still not work for me. Hope I can figure it out one day.

Btw, quotes of my commit logs:

mallory proxy update by @sskaje: https://sskaje.me/2014/01/mallory-proxy-update/
Categories
Mallory 学习研究

Brief Intro to Mallory

By @sskaje
Link: https://sskaje.me/2014/01/brief-intro-to-mallory/

MiTM(Man in The Middle) is a good way analysing protocols, especially when there’s an SSL. http://en.wikipedia.org/wiki/Man-in-the-middle_attack
To analyse HTTP/HTTPS protocol, we have Charles Proxy. Posts on my blog can be found https://sskaje.me/tag/charles-proxy/ (there’s another MiTM proxy, ‘mitmproxy’, https://github.com/mitmproxy/mitmproxy and http://mitmproxy.org/, will try later.)
For others, mallory is recommended.

Mallory

Mallory is an extensible TCP/UDP man in the middle proxy that is designed to be run as a gateway. Unlike other tools of its kind, Mallory supports modifying non-standard protocols on the fly.

We have mallory from https://bitbucket.org/IntrepidusGroup/mallory and https://intrepidusgroup.com/insight/mallory/.

Brief Intro to Mallory by @sskaje: https://sskaje.me/2014/01/brief-intro-to-mallory/