BDFProxy – Patch Binaries via MiTM – BackdoorFactory + mitmproxy


BDFProxy allows you to patch binaries via MiTM with The Backdoor Factory combined with mitmproxy enabling on the fly patching of binary downloads (software updates for example) from vendors that don’t validate data integrity.

BDFProxy - Patch Binaries via MITM - BackdoorFactory + mitmProxy


The Backdoor Factory allows you to patch binaries with shell-code so combining that with mitmproxy, which is a Python proxy-server that can catch HTTP, change traffic on the fly, replay traffic, decode and render primitive data types – gives you BDFProxy.

A lot of security tool websites still serve binaries via non-SSL/TLS means – plus imagine how many do it outside of the security space (e.g. sysinternals, malwarebytes, sourceforce, wireshark etc).

BDFProxy – Patch Binaries via MiTM – Installation and Requirements

Tested on all Kali Linux builds, whether a physically beefy laptop, a Raspberry Pi, or a VM, each can run BDFProxy.

Requires:

  • Pefile – most recent
  • ConfigObj
  • mitmProxy – Kali Build .10
  • BDF – most current
  • Capstone (part of BDF)

To install on Kali:

Docker:

Testing:

Suppose you want to use your browser with Firefox and FoxyProxy to connect to test your setup.

Update your config as follows:

Configure FoxyProxy to use BDFProxy as a proxy, default port in the config is 8080.

BDFProxy – Patch Binaries via MiTM – Logging

There is logging in BDFProxy, the proxy window will quickly fill with massive amounts of cat links depending on the client you are testing. Use tail -f proxy.log to see what is getting patched and blocked by your blacklist settings. However, keep an eye on the main proxy window if you have chosen to patch binaries manually, things move fast and behind the scenes there is multi-threading of traffic, but the initial requests and responses are locking for your viewing pleasure.

You can download BDFProxy here:

BDFProxy-0.3.9.zip

Or read more here.

Posted in: Hacking Tools


Latest Posts:


truffleHog - Search Git for High Entropy Strings with Commit History truffleHog – Search Git for High Entropy Strings with Commit History
truffleHog is a Python-based tool to search Git for high entropy strings, digging deep into commit history and branches. This is effective at finding secrets accidentally committed.
AIEngine - AI-driven Network Intrusion Detection System AIEngine – AI-driven Network Intrusion Detection System
AIEngine is a next-generation interactive/programmable Python/Ruby/Java/Lua and Go AI-driven Network Intrusion Detection System engine with many capabilities.
Sooty - SOC Analyst All-In-One CLI Tool Sooty – SOC Analyst All-In-One CLI Tool
Sooty is a tool developed with the task of aiding a SOC analyst to automate parts of their workflow and speed up their process.
UBoat - Proof Of Concept PoC HTTP Botnet Project UBoat – Proof Of Concept PoC HTTP Botnet Project
UBoat is a PoC HTTP Botnet designed to replicate a full weaponised commercial botnet like the famous large scale infectors Festi, Grum, Zeus and SpyEye.
LambdaGuard - AWS Lambda Serverless Security Scanner LambdaGuard – AWS Lambda Serverless Security Scanner
LambdaGuard is a tool which allows you to visualise and audit the security of your serverless assets, an open-source AWS Lambda Serverless Security Scanner.
exe2powershell - Convert EXE to BAT Files exe2powershell – Convert EXE to BAT Files
exe2powershell is used to convert EXE to BAT files, the previously well known tool for this was exe2bat, this is a version for modern Windows.


Comments are closed.