BDFProxy – Patch Binaries via MiTM – BackdoorFactory + mitmproxy


BDFProxy allows you to patch binaries via MiTM with The Backdoor Factory combined with mitmproxy enabling on the fly patching of binary downloads (software updates for example) from vendors that don’t validate data integrity.

BDFProxy - Patch Binaries via MITM - BackdoorFactory + mitmProxy


The Backdoor Factory allows you to patch binaries with shell-code so combining that with mitmproxy, which is a Python proxy-server that can catch HTTP, change traffic on the fly, replay traffic, decode and render primitive data types – gives you BDFProxy.

A lot of security tool websites still serve binaries via non-SSL/TLS means – plus imagine how many do it outside of the security space (e.g. sysinternals, malwarebytes, sourceforce, wireshark etc).

BDFProxy – Patch Binaries via MiTM – Installation and Requirements

Tested on all Kali Linux builds, whether a physically beefy laptop, a Raspberry Pi, or a VM, each can run BDFProxy.

Requires:

  • Pefile – most recent
  • ConfigObj
  • mitmProxy – Kali Build .10
  • BDF – most current
  • Capstone (part of BDF)

To install on Kali:

Docker:

Testing:

Suppose you want to use your browser with Firefox and FoxyProxy to connect to test your setup.

Update your config as follows:

Configure FoxyProxy to use BDFProxy as a proxy, default port in the config is 8080.

BDFProxy – Patch Binaries via MiTM – Logging

There is logging in BDFProxy, the proxy window will quickly fill with massive amounts of cat links depending on the client you are testing. Use tail -f proxy.log to see what is getting patched and blocked by your blacklist settings. However, keep an eye on the main proxy window if you have chosen to patch binaries manually, things move fast and behind the scenes there is multi-threading of traffic, but the initial requests and responses are locking for your viewing pleasure.

You can download BDFProxy here:

BDFProxy-0.3.9.zip

Or read more here.

Posted in: Hacking Tools


Latest Posts:


Aclpwn.Py - Exploit ACL Based Privilege Escalation Paths in Active Directory Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.py is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths.
Vulhub - Pre-Built Vulnerable Docker Environments For Learning To Hack Vulhub – Pre-Built Vulnerable Docker Environments For Learning To Hack
Vulhub is an open-source collection of pre-built vulnerable docker environments for learning to hack. No pre-existing knowledge of docker is required, just execute two simple commands.
LibInjection - Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) LibInjection – Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS)
LibInjection is a C library to Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) through lexical analysis of real-world Attacks.
Grype - Vulnerability Scanner For Container Images & Filesystems Grype – Vulnerability Scanner For Container Images & Filesystems
Grype is a vulnerability scanner for container images and filesystems with an easy to install binary that supports the packages for most major *nix based OS.
APT-Hunter - Threat Hunting Tool via Windows Event Log APT-Hunter – Threat Hunting Tool via Windows Event Log
APT-Hunter is a threat hunting tool for windows event logs made from the perspective of the purple team mindset to provide detection for APT movements hidden in the sea of windows event logs.
GitLab Watchman - Audit Gitlab For Sensitive Data & Credentials GitLab Watchman – Audit Gitlab For Sensitive Data & Credentials
GitLab Watchman is an app that uses the GitLab API to audit GitLab for sensitive data and credentials exposed internally, this includes code, commits, wikis etc


Comments are closed.