def onResponse(self, proxy, response):
self.response = response
if self.host and self.host.startswith("summonerswar") and \
self.host.endswith("com2us.net") and \
self.request and self.request.url.path.startswith("/api/"):
try:
req_plain = decrypt_request(self.request.body)
req_json = json.loads(req_plain)
resp_plain = decrypt_response(response.body)
resp_json = json.loads(resp_plain)
if 'command' not in resp_json:
return
for plugin in ProxyCallback.plugins:
try:
plugin.plugin_object.process_request(
req_json, resp_json, ProxyCallback.plugins)
except Exception as e:
logger.exception('Exception while executing plugin "%s": %s' \
% (plugin.plugin_object.__class__.__name__, e))
if resp_json['command'] == 'HubUserLogin' or resp_json[
'command'] == 'GuestLogin':
parse_login_data(resp_json, ProxyCallback.plugins)
print "Monsters and Runes data generated"
elif resp_json['command'] == 'VisitFriend':
parse_visit_data(resp_json, ProxyCallback.plugins)
print "Visit Friend data generated"
elif resp_json['command'] == 'GetUnitCollection':
collection = resp_json['collection']
print "Your collection has %d/%d monsters" % (sum(
[y['open'] for y in collection]), len(collection))
except:
pass
def onResponse(self, proxy, response):
self.response = response
if (
self.host
and self.host.startswith("summonerswar")
and self.host.endswith("com2us.net")
and self.request
and self.request.url.path.startswith("/api/")
):
try:
req_plain = decrypt_request(self.request.body)
req_json = json.loads(req_plain)
resp_plain = decrypt_response(response.body)
resp_json = json.loads(resp_plain)
print "Found Summoners War API request : %s" % req_json["command"]
if resp_json["command"] == "HubUserLogin" or resp_json["command"] == "GuestLogin":
print "Monsters and Runes data generated"
parse_login_data(resp_json)
elif resp_json["command"] == "VisitFriend":
print "Visit Friend data generated"
parse_visit_data(resp_json)
elif resp_json["command"] == "GetUnitCollection":
collection = resp_json["collection"]
print "Your collection has %d/%d monsters" % (sum([y["open"] for y in collection]), len(collection))
except:
pass
def onResponse(self, proxy, response):
self.response = response
if self.host and self.host.startswith("summonerswar") and \
self.host.endswith("com2us.net") and \
self.request and self.request.url.path.startswith("/api/"):
try:
req_plain = decrypt_request(self.request.body)
req_json = json.loads(req_plain)
resp_plain = decrypt_response(response.body)
resp_json = json.loads(resp_plain)
if 'command' not in resp_json:
return
for plugin in ProxyCallback.plugins:
try:
plugin.plugin_object.process_request(req_json, resp_json, ProxyCallback.plugins)
except Exception as e:
logger.exception('Exception while executing plugin "%s": %s' \
% (plugin.plugin_object.__class__.__name__, e))
if resp_json['command'] == 'HubUserLogin' or resp_json['command'] == 'GuestLogin':
parse_login_data(resp_json, ProxyCallback.plugins)
print "Monsters and Runes data generated"
elif resp_json['command'] == 'VisitFriend':
parse_visit_data(resp_json, ProxyCallback.plugins)
print "Visit Friend data generated"
elif resp_json['command'] == 'GetUnitCollection':
collection = resp_json['collection']
print "Your collection has %d/%d monsters" % (sum([y['open'] for y in collection]), len(collection))
except:
pass
def onResponse(self, proxy, response):
self.response = response
if self.host and self.host.startswith("summonerswar") and \
self.host.endswith("com2us.net") and \
self.request and self.request.url.path.startswith("/api/"):
try:
req_plain = decrypt_request(self.request.body)
req_json = json.loads(req_plain)
resp_plain = decrypt_response(response.body)
resp_json = json.loads(resp_plain)
print "Found Summoners War API request : %s" % req_json[
'command']
if resp_json['command'] == 'HubUserLogin':
print "Monsters and Runes data generated"
parse_login_data(resp_json)
elif resp_json['command'] == 'VisitFriend':
print "Visit Friend data generated"
parse_visit_data(resp_json)
elif resp_json['command'] == 'GetUnitCollection':
collection = resp_json['collection']
print "Your collection has %d/%d monsters" % (sum(
[y['open'] for y in collection]), len(collection))
except:
pass
def _parse_response(self, response):
""" takes a response body, returns the decrypted plain and json """
plain = decrypt_response(response.body, 2 if '_c2.php' in self.request.url.path else 1)
return plain, json.loads(plain)
def parse_pcap(filename):
streams = dict() # Connections with current buffer
with open(filename, "rb") as f:
pcap = dpkt.pcap.Reader(f)
for ts, buf in pcap:
eth = dpkt.ethernet.Ethernet(buf)
if eth.type != dpkt.ethernet.ETH_TYPE_IP:
continue
ip = eth.data
if not isinstance(ip, dpkt.ip.IP):
try:
ip = dpkt.ip.IP(ip)
except:
continue
if ip.p != dpkt.ip.IP_PROTO_TCP:
continue
tcp = ip.data
if not isinstance(tcp, dpkt.tcp.TCP):
try:
tcp = dpkt.tcp.TCP(tcp)
except:
continue
tupl = (ip.src, ip.dst, tcp.sport, tcp.dport)
if tupl in streams:
streams[tupl] = streams[tupl] + tcp.data
else:
streams[tupl] = tcp.data
if (tcp.flags & dpkt.tcp.TH_FIN) != 0 and \
(tcp.dport == 80 or tcp.sport == 80) and \
len(streams[tupl]) > 0:
other_tupl = (ip.dst, ip.src, tcp.dport, tcp.sport)
stream1 = streams[tupl]
del streams[tupl]
try:
stream2 = streams[other_tupl]
del streams[other_tupl]
except:
stream2 = ""
if tcp.dport == 80:
requests = stream1
responses = stream2
else:
requests = stream2
responses = stream1
while len(requests):
try:
request = dpkt.http.Request(requests)
#print request.method, request.uri
except:
request = ''
requests = ''
try:
response = dpkt.http.Response(responses)
#print response.status
except:
response = ''
responses = ''
requests = requests[len(request):]
responses = requests[len(responses):]
if len(request) > 0 and len(response) > 0 and \
request.method == 'POST' and \
request.uri == '/api/gateway.php' and \
response.status == '200':
try:
req_plain = decrypt_request(request.body)
resp_plain = decrypt_response(response.body)
req_json = json.loads(req_plain)
resp_json = json.loads(resp_plain)
if 'command' not in resp_json:
return
try:
SWPlugin.call_plugins('process_request', (req_json, resp_json))
except Exception as e:
logger.exception('Exception while executing plugin : {}'.format(e))
except:
import traceback
e = sys.exc_info()[0]
traceback.print_exc()
elif (tcp.flags & dpkt.tcp.TH_FIN) != 0:
del streams[tupl]
def _parse_response(self, response):
""" takes a response body, returns the decrypted plain and json """
plain = decrypt_response(response.body, 2 if '_c2.php' in self.request.url.path else 1)
return plain, json.loads(plain)
def parse_pcap(filename):
streams = dict() # Connections with current buffer
with open(filename, "rb") as f:
pcap = dpkt.pcap.Reader(f)
for ts, buf in pcap:
eth = dpkt.ethernet.Ethernet(buf)
if eth.type != dpkt.ethernet.ETH_TYPE_IP:
continue
ip = eth.data
if not isinstance(ip, dpkt.ip.IP):
try:
ip = dpkt.ip.IP(ip)
except:
continue
if ip.p != dpkt.ip.IP_PROTO_TCP:
continue
tcp = ip.data
if not isinstance(tcp, dpkt.tcp.TCP):
try:
tcp = dpkt.tcp.TCP(tcp)
except:
continue
tupl = (ip.src, ip.dst, tcp.sport, tcp.dport)
if tupl in streams:
streams[tupl] = streams[tupl] + tcp.data
else:
streams[tupl] = tcp.data
if (tcp.flags & dpkt.tcp.TH_FIN) != 0 and \
(tcp.dport == 80 or tcp.sport == 80) and \
len(streams[tupl]) > 0:
other_tupl = (ip.dst, ip.src, tcp.dport, tcp.sport)
stream1 = streams[tupl]
del streams[tupl]
try:
stream2 = streams[other_tupl]
del streams[other_tupl]
except:
stream2 = ""
if tcp.dport == 80:
requests = stream1
responses = stream2
else:
requests = stream2
responses = stream1
while len(requests):
try:
request = dpkt.http.Request(requests)
#print request.method, request.uri
except:
request = ''
requests = ''
try:
response = dpkt.http.Response(responses)
#print response.status
except:
response = ''
responses = ''
requests = requests[len(request):]
responses = requests[len(responses):]
if len(request) > 0 and len(response) > 0 and \
request.method == 'POST' and \
request.uri == '/api/gateway.php' and \
response.status == '200':
try:
req_plain = decrypt_request(request.body)
resp_plain = decrypt_response(response.body)
req_json = json.loads(req_plain)
resp_json = json.loads(resp_plain)
if 'command' not in resp_json:
return
try:
SWPlugin.call_plugins('process_request', (req_json, resp_json))
except Exception as e:
logger.exception('Exception while executing plugin : {}'.format(e))
except:
import traceback
e = sys.exc_info()[0]
traceback.print_exc()
elif (tcp.flags & dpkt.tcp.TH_FIN) != 0:
del streams[tupl]
def _parse_response(self, response):
""" takes a response body, returns the decrypted plain and json """
plain = decrypt_response(response.body)
return plain, json.loads(plain)
def _parse_response(self, response):
""" takes a response body, returns the decrypted plain and json """
plain = decrypt_response(response.body)
return plain, json.loads(plain)
def _parse_response(self, flow):
plain = decrypt_response(
flow.request.get_text(),
2 if '_c2.php' in flow.request.pretty_url else 1)
return plain, json.loads(plain)