|
| 1 | + |
| 2 | + |
| 3 | + |
| 4 | + |
| 5 | + var net = require('net'); |
| 6 | + var tls = require('tls'); |
| 7 | + var fs = require('fs'); |
| 8 | + |
| 9 | + var cert = fs.readFileSync('cert.pem'); |
| 10 | + var key = fs.readFileSync('key.pem'); |
| 11 | + var secureContext = tls.createSecureContext({cert,key}); |
| 12 | + |
| 13 | + var domains = ['example.com','main.com']; |
| 14 | + var host = '127.0.0.1'; |
| 15 | + var port = 1080; |
| 16 | + var server = net.createServer(connection).listen(port,host); |
| 17 | + console.log(`HTTP CONNECT MITM proxy listening on ${host}:${port}`); |
| 18 | + |
| 19 | + |
| 20 | + function connection(client){ |
| 21 | + console.log('client connect'); |
| 22 | + client.once('data',data=>{ |
| 23 | + |
| 24 | + var req = data.toString().split('\r\n'); |
| 25 | + var connect = req[0]; |
| 26 | + // https only |
| 27 | + if(connect.indexOf('CONNECT')==-1){ |
| 28 | + client.end('HTTP/1.1 400 Bad Request\r\n\r\n'); |
| 29 | + return; |
| 30 | + } |
| 31 | + |
| 32 | + var parts = connect.split(' '); |
| 33 | + var url = parts[1]; |
| 34 | + var host = url.split(':')[0]; |
| 35 | + var port = url.split(':')[1]; |
| 36 | + console.log('client',host,port); |
| 37 | + client.write('HTTP/1.1 200 Connection Established\r\n\r\n'); |
| 38 | + |
| 39 | + if(domains.includes(host)){ |
| 40 | + proxy(client,host,port); |
| 41 | + return; |
| 42 | + } |
| 43 | + |
| 44 | + var upstream = net.connect(port,host); |
| 45 | + upstream.on('error',()=>client.destroy()); |
| 46 | + |
| 47 | + client.pipe(upstream); |
| 48 | + upstream.pipe(client); |
| 49 | + |
| 50 | + }); |
| 51 | + |
| 52 | + }//connection |
| 53 | + |
| 54 | + |
| 55 | + function proxy(client,host,port){ |
| 56 | + console.log('proxy'); |
| 57 | + var clientTls = new tls.TLSSocket(client,{isServer:true,secureContext,ALPNProtocols:['http/1.1']}); |
| 58 | + clientTls.on('error',err=>{console.error(err);client.destroy(err)}); |
| 59 | + |
| 60 | + var upstream = tls.connect({host,port,servername:host,ALPNProtocols:['http/1.1'],rejectUnauthorized:false}); |
| 61 | + upstream.on('error',err=>clientTls.destroy(err)); |
| 62 | + |
| 63 | + upstream.once('secureConnect',()=>{ |
| 64 | + console.log('secureConnect'); |
| 65 | + proxy.client(clientTls,upstream); |
| 66 | + proxy.upstream(clientTls,upstream); |
| 67 | + |
| 68 | + }); |
| 69 | + |
| 70 | + }//proxy |
| 71 | + |
| 72 | + var hdr = {}; |
| 73 | + hdr.rem = (hdrs,name)=>hdrs.replace(new RegExp(`${name}.*\r\n`,'i'),''); |
| 74 | + hdr.add = (hdrs,hdr)=>hdrs.slice(0,-2)+hdr+'\r\n'+hdrs.slice(-2); |
| 75 | + |
| 76 | + proxy.client = function(clientTls,upstream){ |
| 77 | + |
| 78 | + var buf = '' |
| 79 | + var done = false; |
| 80 | + |
| 81 | + clientTls.on('data',chunk=>{ |
| 82 | + |
| 83 | + if(done){ |
| 84 | + upstream.write(chunk); |
| 85 | + return; |
| 86 | + } |
| 87 | + |
| 88 | + buf += chunk |
| 89 | + var end = buf.indexOf('\r\n\r\n'); |
| 90 | + if(end!==-1){ |
| 91 | + done = true; |
| 92 | + var hdrs = buf.slice(0,end+4); |
| 93 | + var rest = buf.slice(end+4); |
| 94 | + // Rewrite header |
| 95 | + //headers = headers.replace(/User-Agent:.*\r\n/i,'User-Agent: MITM-Proxy\r\n'); |
| 96 | + |
| 97 | + upstream.write(hdrs); |
| 98 | + if(rest){ |
| 99 | + upstream.write(rest); |
| 100 | + } |
| 101 | + |
| 102 | + clientTls.pipe(upstream); |
| 103 | + } |
| 104 | + |
| 105 | + }); |
| 106 | + |
| 107 | + }//client |
| 108 | + |
| 109 | + |
| 110 | + proxy.upstream = function(clientTls,upstream){ |
| 111 | + |
| 112 | + var buf = '' |
| 113 | + var done = false; |
| 114 | + |
| 115 | + upstream.on('data',chunk=>{ |
| 116 | + |
| 117 | + if(done){ |
| 118 | + clientTls.write(chunk); |
| 119 | + return; |
| 120 | + } |
| 121 | + |
| 122 | + buf += chunk |
| 123 | + var end = buf.indexOf('\r\n\r\n'); |
| 124 | + if(end!==-1){ |
| 125 | + done = true; |
| 126 | + var hdrs = buf.slice(0,end+4); |
| 127 | + var rest = buf.slice(end+4); |
| 128 | + console.log('\n\n','['+hdrs+']','\n\n'); |
| 129 | +// hdrs = hdr.rem(hdrs,'content-security-policy'); |
| 130 | + hdrs = hdr.add(hdrs,'x-proxy: test'); |
| 131 | + console.log('\n\n','['+hdrs+']','\n\n'); |
| 132 | + clientTls.write(hdrs); |
| 133 | + if(rest){ |
| 134 | + clientTls.write(rest); |
| 135 | + } |
| 136 | + |
| 137 | + upstream.pipe(clientTls); |
| 138 | + |
| 139 | + } |
| 140 | + }); |
| 141 | + |
| 142 | + }//remote |
| 143 | + |
| 144 | + |
| 145 | + |
| 146 | + |
| 147 | + |
| 148 | + |
| 149 | + |
| 150 | + |
| 151 | + |
| 152 | + |
| 153 | + |
| 154 | + |
| 155 | + |
| 156 | + |
| 157 | + |
0 commit comments