This patch adds sslstrip (http://www.thoughtcrime.org/software/sslstrip)
to OpenWrt.
A MITM tool that implements Moxie Marlinspike's HTTPS stripping attacks.
It will transparently hijack HTTP traffic on a network,
watch for HTTPS links and redirects, then map those links
into either look-alike HTTP links or homograph-similar HTTPS
links. It also supports modes for supplying a favicon which
looks like a lock icon, selective logging, and session denial.
Signed-off-by: Luis Dallos <luis.dal...@gmail.com>
---
Index: net/sslstrip/patches/100-fix-version-number.patch
===================================================================
--- net/sslstrip/patches/100-fix-version-number.patch (revision: 0)
+++ net/sslstrip/patches/100-fix-version-number.patch (revision: 0)
@@ -0,0 +1,24 @@
+diff -ruN sslstrip-0.7.orig/setup.py sslstrip-0.7/setup.py
+--- sslstrip-0.7.orig/setup.py 2009-09-23 03:40:05.000000000 +0000
++++ sslstrip-0.7/setup.py 2010-08-29 12:11:11.000000000 +0000
+@@ -5,7 +5,7 @@
+ shutil.copyfile("sslstrip.py", "sslstrip/sslstrip")
+
+ setup (name = 'sslstrip',
+- version = '0.6',
++ version = '0.7',
+ description = 'A MITM tool that implements Moxie
Marlinspike\'s HTTPS stripping attacks.',
+ author = 'Moxie Marlinspike',
+ author_email = 'mo...@thoughtcrime.org',
+diff -ruN sslstrip-0.7.orig/sslstrip.py sslstrip-0.7/sslstrip.py
+--- sslstrip-0.7.orig/sslstrip.py 2009-09-23 03:39:55.000000000 +0000
++++ sslstrip-0.7/sslstrip.py 2010-08-29 12:11:10.000000000 +0000
+@@ -33,7 +33,7 @@
+
+ import sys, getopt, logging, traceback, string, os
+
+-gVersion = "0.6"
++gVersion = "0.7"
+
+ def usage():
+ print "\nsslstrip " + gVersion + " by Moxie Marlinspike"
Index: net/sslstrip/Makefile
===================================================================
--- net/sslstrip/Makefile (revision: 0)
+++ net/sslstrip/Makefile (revision: 0)
@@ -0,0 +1,56 @@
+#
+# Copyright (C) 2006-2010 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=sslstrip
+PKG_VERSION:=0.7
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=http://www.thoughtcrime.org/software/sslstrip
+PKG_MD5SUM:=7fedb46e682c2d8ef3fbc52da5e002da
+
+include $(INCLUDE_DIR)/package.mk
+$(call include_mk, python-package.mk)
+
+define Package/sslstrip
+ SECTION:=net
+ CATEGORY:=Network
+ TITLE:=A MITM tool that implements Moxie Marlinspike's HTTPS
stripping attacks
+ URL:=http://www.thoughtcrime.org/software/sslstrip/index.html
+ DEPENDS:=+python +twisted +twisted-web +pyopenssl
+endef
+
+define Package/sslstrip/description
+ sslstrip will transparently hijack HTTP traffic on a network,
+ watch for HTTPS links and redirects, then map those links
+ into either look-alike HTTP links or homograph-similar HTTPS
+ links. It also supports modes for supplying a favicon which
+ looks like a lock icon, selective logging, and session denial.
+endef
+
+define Build/Compile
+ $(call Build/Compile/PyMod,,install --prefix="$(PKG_INSTALL_DIR)/usr")
+endef
+
+define Package/sslstrip/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(CP) \
+ $(PKG_INSTALL_DIR)/usr/bin/sslstrip \
+ $(1)/usr/bin
+ $(INSTALL_DIR) $(1)/usr/share/sslstrip
+ $(CP) \
+ $(PKG_INSTALL_DIR)/usr/share/sslstrip/* \
+ $(1)/usr/share/sslstrip
+ $(INSTALL_DIR) $(1)$(PYTHON_PKG_DIR)
+ $(CP) \
+ $(PKG_INSTALL_DIR)$(PYTHON_PKG_DIR)/* \
+ $(1)$(PYTHON_PKG_DIR)
+endef
+
+$(eval $(call BuildPackage,sslstrip))
_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
