Hackish way to intercept and modify non-HTTP protocols through Burp & others with support for SSL and STARTTLS interception
This script is a very simple, quick and easy way to MiTM any arbitrary protocol through existing traffic interception software such as Burp Proxy or Proxenet. It can be particularly useful for thick clients security assessments. It saves you from the pain of having to configure specific setup to intercept exotic protocols, or protocols that can't be easily intercepted. TCP and UDP are supported.
STARTTLS is supported, which makes it usable against protocols like XMPP, IMAP, SMTP, IRC, etc.
It's "hackish" in the way that it was specifically designed to use interception and modification capabilities of existing proxies, but for arbitrary protocols. In order to achieve that, each client request and server response is wrapped into the body of a HTTP POST request, and sent to a local dummy "echo-back" web server via the proxy. Therefore, the HTTP responses or headers that you will see in your intercepting proxy are meaningless and can be disregarded. Yet the dummy web server is necessary in order for the interception tool to get the data back and feed it back to the tool.
This way, it is completely asynchronous. Meaning that if the server sends responses in successive packets it won't be a problem.
To intercept only server responses, configure your interception rules like so:
"Match and Replace" rules can be used. However, using other Burp features such as repeater, intruder or scanner is pointless. That would only target the dummy webserver used to echo the data back.
The normal request traffic flow during typical usage would be as below:
-r [local port]:[dest_host]:[dest_port]
usage: mitm_relay.py [-h] [-l