Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
I was looking to do HTTPS socket hijacking, here is the way to do ! The link between client and server are completely encrpted.Keywords : HTTPS TCP Socket Hijacking Golang
package main
import (
"crypto/tls"
"crypto/x509"
"fmt"
"io/ioutil"
"log"
"net"
"net/http"
"net/http/httputil"
"time"
)
func main() {
http.HandleFunc("/auth", func(res http.ResponseWriter, req *http.Request) {
conn, _, err := res.(http.Hijacker).Hijack()
if err != nil {
panic(err)
}
conn.Write([]byte{})
fmt.Fprintf(conn, "HTTP/1.1 200 OK\r\nContent-Type: text/plain\r\n\r\n")
buffer := make([]byte, 1024)
fmt.Println("Server : Enter routine")
for {
time.Sleep(1 * time.Second)
fmt.Println("Server : I send")
_, err = conn.Write([]byte("Hijack server"))
if err != nil {
panic(err)
}
fmt.Println("Server : I'm receiving")
n, err := conn.Read(buffer)
if err != nil {
panic(err)
}
fmt.Printf("Server : %d bytes from client : %s\n", n, string(buffer))
}
})
go runClient()
err := http.ListenAndServeTLS(":8081", "./localhost.crt", "./localhost.key", nil)
if err != nil {
panic(err)
}
}
func runClient() {
time.Sleep(1 * time.Second)
req, err := http.NewRequest("GET", "/auth", nil)
if err != nil {
panic(err)
}
dial, err := net.Dial("tcp", "localhost:8081")
if err != nil {
panic(err)
}
fmt.Println("Client : create TLS connection")
caCert, err := ioutil.ReadFile("localhost.crt")
if err != nil {
log.Fatal(err)
}
caCertPool := x509.NewCertPool()
caCertPool.AppendCertsFromPEM(caCert)
tls_conn := tls.Client(dial, &tls.Config{
RootCAs: caCertPool,
ServerName: "localhost",
})
fmt.Println("Client : create http connection from tls client")
conn := httputil.NewClientConn(tls_conn, nil)
fmt.Println("Client : do request through http connection")
_, err = conn.Do(req)
if err != httputil.ErrPersistEOF && err != nil {
panic(err)
}
fmt.Println("Client : hijack https connection")
connection, reader := conn.Hijack()
buffer := make([]byte, 1024)
fmt.Println("Client : Enter client routine")
for {
time.Sleep(250 * time.Millisecond)
n, err := reader.Read(buffer)
if err != nil {
panic(err)
}
fmt.Printf("Receive %n bytes : %s\n", n, string(buffer))
connection.Write([]byte("I am Leo"))
}
}
-----BEGIN CERTIFICATE-----
MIIC5TCCAc2gAwIBAgIJAOBvP8UbzqCPMA0GCSqGSIb3DQEBCwUAMBQxEjAQBgNV
BAMMCWxvY2FsaG9zdDAeFw0xODA5MDkwMTE0MzhaFw0xODEwMDkwMTE0MzhaMBQx
EjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK/ziu/CeYdPLfJHGJxoS1OSo3Szs8+ewEZfrTm/oUQlNATZdhPGfl0HOIzO
T7XPbCFd+hWVhTjTE/0JBDGeGVc5qiaPJAq11knyjtFR3GcuVFdsukgY1CLz0Mc9
E4K0jQ7uP3WRhKSp22fZKCoNCHYKS3xXuMCdEeBPOXoZaN3jZWj7x5HPhFgRKLwO
tDQQqll2IfxTVkaPwnlB7gZO5+OlEn/pV26VcBD1QJtr7533tcG4ywWguH4a6Xlw
S/v2gcErg7RQ+2Fg4O3/rTOMmxPhgwbjamJ80KlGpgLovnNTP3IPVg5TCZgjj7lS
dKi6Kp2Z3K3uiumH9Kq4iS0QBLECAwEAAaM6MDgwFAYDVR0RBA0wC4IJbG9jYWxo
b3N0MAsGA1UdDwQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDATANBgkqhkiG9w0B
AQsFAAOCAQEAMJbSN1UzLV3RCgCd6uUNjOZSZHA8jZvd4c4aRi7Gs47TSx+JYZEj
7dkFIynvq1t2kOcATFExclEFeHTtWKgAw27htsbvN1DBQpC+ij4W1BCooTzkD+gU
5WXsibgKsGN3dXeTOsjtpZBbIyj9r2sArGyF3rQR6YRP/0mv3SUmHuXEc2uIrb8s
OIFpfAGRx7LacdkUurdUzsxzc2SpMHIJXxl/+pIInbrqkNwsT9mUlLTZxbsuvBiI
5wCUZyFyCCI+I8bstNzNgxk2luun8NUpjzPBwNsIauyTtueqfgx/MZaarB0MvvQW
n07vD6nfhoPPEC54fwnHekKuHII7vGp8BQ==
-----END CERTIFICATE-----
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCv84rvwnmHTy3y
RxicaEtTkqN0s7PPnsBGX605v6FEJTQE2XYTxn5dBziMzk+1z2whXfoVlYU40xP9
CQQxnhlXOaomjyQKtdZJ8o7RUdxnLlRXbLpIGNQi89DHPROCtI0O7j91kYSkqdtn
2SgqDQh2Ckt8V7jAnRHgTzl6GWjd42Vo+8eRz4RYESi8DrQ0EKpZdiH8U1ZGj8J5
Qe4GTufjpRJ/6VdulXAQ9UCba++d97XBuMsFoLh+Gul5cEv79oHBK4O0UPthYODt
/60zjJsT4YMG42pifNCpRqYC6L5zUz9yD1YOUwmYI4+5UnSouiqdmdyt7orph/Sq
uIktEASxAgMBAAECggEAWCo52S/ig3madUdIvr7H1+WngAe3tvY+NEUm4MP0A9h8
e12X/Aq/MNA4dt2+NUTtUr7rXDti2Plzj5wf/NjSq9FaQB4DmlZJPR6Mj7hsL0uY
uYHiydOfILB5Ugx5pUnhULTzGW9EPtpZ9Wxr4r5LGhLIhlLSYbmSxooMK/FliaDe
WppbjttK9UEHSRJCG1imU0seBK5Y6atjzX0a504/WCGtC4AV2Cyaleu+6ZuVbTl2
0VwD+ZFgQ5r16J5U16BBTm+bNvPPmqI4EJ1J7WQrdGN6990/AgZv8HG6o5rwkaw2
t/tMUroSzNjN7qvd6A5uHNb/xg0Jlrg/+O2e+7BXEQKBgQDarY+hFOY1HtMXMTYt
KwKxZ2uiuh0KYRDFgWEeiCm+4YONaPA+InHIlx/BapQ0isgGCrggpOQtpdJ+RW6X
t6KaeS92ymQhumc8vlx9cZ3B7p4XxfAXi722sx/yPZxpaOXw86c+MUFJ212JqGCX
F7o0PM9HAr6G+GvLcTJO30eadQKBgQDN+y1c/j/dlS8YxKNiKE0gkizJnV8AIX0b
EWzTC1qIGp/ko57SrsoJqlHwf0k6DSNChew5DG6aaa9RGVQFr0BmPC7Fem6ki4s2
CxDD5GeIgt+f5Q/dQ2vuKq46be+iHHO+JBYos63qD3Tzek3TZsqzlU07+NdR3F/8
OCHQLgdhzQKBgEpWrDf/Sc8PHoWI1jj+oRi75qxYBp1LqA7sT564fTCFq1n8LYeB
4BpnvYTb/WvrLdpX9IYsZ+FYuLjyU4lCBQXsYoVIgkew/X153SlL4WxW+OluAZOP
jru4IwkPhseSwHBr9BPBXMeFykOMuOFEUKmHbpNeTHTHqKVtYsPLRaUtAoGAZVON
UjSkWC1eGLIKqWun3UDrFVb798WBlIIy5XKtW0y1oTS4GW3wZ2bIniUPcaYq1Tuq
I7ow4nbgzmVGRvGaHXC3lV+P9BPNLI2u9p5yK94tgaud7TuQaX3HbWjNPBMBAOUh
nW4ePIjUAD4G8NqdFlB4yOq1iUh+U0WNpKov6XUCgYEAkLdoudDqJmcdwwKs8UZW
fNvukIbdrZZo719MSzYwPmYjvBfYpopZwyJm934HJtf2hdpYv9yuXGNe+NlxW+jA
TvV6ZFS/1pL1ksI3f4FscZrYEVPFekV9Y67RBo30vL/5c8Ri0D9rHR3BhH+eX323
xMiZImwqUlDyUsYmyHTXDdM=
-----END PRIVATE KEY-----
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.