Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
project:interceraptor [2012/11/13 19:14]
da3m0n22 [performance]
project:interceraptor [2013/03/02 17:01] (current)
da3m0n22 [schemas]
Line 1: Line 1:
 +====== Interceraptor ======
  
 +{{template>​infobox|
 +name=EDITME|
 +image=EDITME|
 +sw=-|
 +hw=-|
 +founder=[[user:​EDITME]]|
 +interested=[[user:​EDITME]]\\ [[user:​EDITME]]|
 +status=active
 +}}
 +
 +<​code>​
 + ~> listener (1) -> intercept (2) -> filter (3) -> real server (4)
 + <~ listener (8) <- intercept (7) <- filter (6) <- real server (5)
 +</​code>​
 +
 +Listeners:
 +  * socks 
 +  * forwarding
 +  * custom routing table
 +
 +SSL:
 +  * generate SSL cert per host
 +  * for android emulator generate SSL cert according to the real target cert
 +  * select custom CA
 +  * accept HTTP and redirect to HTTP (arbitrary host via routing table (per host filter))
 +
 +Intercept (all operations are bidirectional):​
 +  * hand examination/​modification
 +  * automatic data modification
 +
 +Filters:
 +  * (intercept is a special filter)
 +  * response normalization. custom rules that defines which request means that the file does (not) exists
 +  * cookie jar
 +  * active session maintaining
 +  * Throttle (max requests per time ...)
 +  * data parsing (nonce extraction. VIEWSTATE)
 +  * time analysis for request-response (show the delta)
 +
 +Vulnerability discovery:
 +  * http protocol fuzzing / content discovery (files, directories,​ http parameters) ​
 +  * inner protocol fuzzing (JSON, XML, REST, SOAP)
 +
 +Data manipulation:​
 +  * base64
 +  * hex/ascii
 +  * data validation (html-tidy, json validator, xml validator)
 +
 +==== GUI ====
 +  * HTML5 rest client
 +
 +==== module ====
 +
 +=== dataflow ===
 +
 +  - c-s input match
 +  - c-s perform action (modify input / invoke external script or whatever)
 +  - c-s send data
 +  - s-c recieve data
 +  - s-c match output
 +  - s-c perform final action
 +
 +<note tip>
 +<​code>​
 +data flow direction:
 +c-s -- client to server
 +s-c -- server to client
 +</​code>​
 +</​note>​
 +
 +
 +=== module interconnection ===
 +  * do it like they do it in apache mod_rewrite rules
 +
 +===== roadplan =====
 +  - accept HTTP connection, redirect to SLL service, rule match per HTTP.host
 +  - accept SSL connection, fake SLL.CommonName by the target service
 +
 +===== performance =====
 +  * multithread
 +  * fast backend without gui
 +  * ability to cancel pending request
 +  * each tab can be separated to standalone window
 +    * window plugin-like eclipse/​netbeans/​visalstudio...
 +
 +
 +===== scanner =====
 +  * passive
 +  * active
 +
 +===== schemas =====
 +
 +{{ :​project:​img_20130223_181909.jpg?​direct&​900 |Thread schema}}
 +{{ :​project:​img_20130302_163117.jpg?​direct&​900 |Rules outline}}
 +{{ :​project:​img_20130302_170003.jpg?​direct&​900 |Core REST interface}}
 +===== references =====
 +  * http://​code.google.com/​p/​raft/​
 +  * http://​www.youtube.com/​watch?​v=e7FYHaRztWw
 +  * https://​www.owasp.org/​index.php/​OWASP_Zed_Attack_Proxy_Project
 +  * http://​portswigger.net/​burp/​proxy.html
 +  * http://​www.youtube.com/​watch?​v=kDVIcW7TZVw
 +  * http://​vimeo.com/​43659037
 +  * www.fiddler2.com
 +  * http://​proxies.xhaus.com/​java/​
 
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 4.0 International
Recent changes RSS feed Donate Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki