SSL Destroyer

ssld.py

#!/usr/bin/env python3

import argparse
import subprocess
from threading import Event


def run_command(cmd):
    return subprocess.Popen(cmd)


def main(args):
    src = args.src
    dst = args.dst
    mid = args.mid

    key = args.key
    crt = args.crt

    cmd1 = [
        'socat',
        f'openssl-listen:{src},fork,reuseaddr,cert={crt},key={key},verify=0',
        f'system:\'socat - tcp\\:127.0.0.1\\:{mid}\'',
    ]

    cmd2 = [
        'socat',
        f'tcp-l:{mid},fork,reuseaddr',
        f'system:\'socat - openssl\\:127.0.0.1\\:{dst}\\,verify=0\''
    ]

    p1 = run_command(cmd1)
    p2 = run_command(cmd2)

    try:
        Event().wait()
    except KeyboardInterrupt:
        print('Finishing')
    finally:
        p1.kill()
        p2.kill()


if __name__ == '__main__':
    parser = argparse.ArgumentParser(
        description='Decrypt ssl traffic for service.'
    )

    parser.add_argument('-s', '--src', required=True, type=int, help='Listen on this port')
    parser.add_argument('-d', '--dst', required=True, type=int, help='Real service port')
    parser.add_argument('-m', '--mid', required=True, type=int, help='Decrypted traffic port')

    parser.add_argument('-k', '--key', required=True, type=str, help='Path to ssl key')
    parser.add_argument('-c', '--crt', required=True, type=str, help='Path to ssl crt')

    parsed = parser.parse_args()

    main(parsed)