secretsquirrel
add support for OS integrated bdfproxy with OS-integrated bdf.
This release support newer version of mitmproxy 0.18 and higher) as distributed in Debian (and in Kali, as a consequence). The config file can be installed in /etc/bdfproxy/bdfproxy.cfg but can be overloaded by the same file in the current dir, to allow the test files to continue to work (see the diff). This implies that bdf has merged the PR secretsquirrel/the-backdoor-factory#81.
I'll push the patch in the Debian package to get a review from the Kali folks. If you merge the patch upstream, i'll delete it from the Debian package and update the upstream version of both bdfproxy and backdoor-factory.
Cheers,
Looks good, I'll test everything out over the next couple days and make changes/accept the pull request. Thanks!
Having an issue with mitmproxy 0.18.2:
./bdf_proxy.py
[!] Writing resource script.
[!] Resource writen to bdfproxy_msf_resource.rc
[!] Configuring traffic forwarding
[*] Starting BDFProxy
[*] Version: v0.3.8
[*] Author: @midnite_runr | the[.]midnite).(runr<at>gmail|.|com
Traceback (most recent call last):
File "./bdf_proxy.py", line 895, in <module>
m.run()
File "./bdf_proxy.py", line 177, in run
return controller.Master.run(self)
File "/Library/Python/2.7/site-packages/mitmproxy/controller.py", line 142, in run
self.tick(0.1)
File "/Library/Python/2.7/site-packages/mitmproxy/controller.py", line 154, in tick
handle_func = getattr(self, mtype)
AttributeError: 'ProxyMaster' object has no attribute 'log'
I've tried hunting the bug down, but seems a bit elusive at the moment.
This affects the other BDFProxy pull request (pybuild) as that one is formatted for mitmproxy 0.18.2, too.
I'm going to accept the backdoor-factory request for pybuild support.
To make things simple for me, I need the following:
- A single pull request for BDFProxy that works with mitmproxy 0.18.2 and pybuild.
OR
- Two pull requests (like you have now but a little different):
-
One that addresses JUST the pybuild updates only against BDFProxy that supports mitmproxy 0.17 >= 0.11 (the current version). The current pybuild support pull request has changes for mitmproxy 0.18.2 (non-working). In this way we can get both BDF and BDFProxy in pip sooner.
-
One that addresses JUST the updates to mitmproxy 0.18.2, which can be done later as there are bugs we need to fix.
Let me know if this doesn't make sense.
Thanks!
Ok I'tll try to hunt that bug.
Right now i've made three patches in the Debian source package: https://anonscm.debian.org/cgit/pkg-security/bdfproxy.git/tree/debian/patches
- One for pybuild (containing only the setup.py)
- One for the integration with bdf using the package name bdfactory
- One for mitm support 0.18 and greater (the one i need to update)
The first one is completely autonomous. The second and the third have to be deployed in this order, as they patch the same files.
I can make three PR, or one or two as you described if you prefer. I'll take you informed when the mitm patch is updated :-)
Hi, just to give an update regarding the debian patchs. We currently have 5 patches:
- changelog.patch: add a changelog to bdf_proxy;
- bdf_integrated.patch: add support for a system-wide bdf installation;
- newer_mitmproxy_support.patch: add support for newer mitmproxy;
- pybuild.patch: add support to pybuild build system;
- python3_support.patch: convert bdf_proxy to python3.
It would be really nice to see them merged :-)
Interesting. 😄 Did you all trying running this code? BDF as backdoor-factory here us written in python2.7 and has not been publicly ported to 3.X, so when you import it into the python3.X environment it should crash quickly and often.
It has also been ported to python3: https://salsa.debian.org/pkg-security-team/backdoor-factory/-/blob/debian/master/debian/patches/python3_support.patch
Hmm, converting just print statements doesn't make it python3.X compatible. I'm no longer supporting updates to this version. I will be publishing a new version in a couple years that is 3.X compatible.