Beispiel #1
0
 def send_verify(self, cert, cbhostname, cvr):
     conn = SingleTrustHTTPS(cert, cbhostname, 443)
     conn.request("POST", "/verifyCert.jsp",
                  MessageList.getBytesForMessage(cvr))
     response = conn.getresponse()
     if response.status != 200:
         print(
             "Failed to verify certificate. Received HTTP error code: %d" %
             (response.status))
         return
     content = response.read()
     ml = MessageList(content)
     if not MessageUtils.verify(ml, cert):
         print("Error:  Returned MessageList failed to verify.")
         return None
     # Return CertVerifyRes.  TODO: Use PIP, timestamp message and
     # other stuff. This requeres some restructuring of the PyHunter code.
     ret = None
     for msg in ml.allMessages():
         if msg.getType() == messageTypes["CERT_VERIFY_RESULT"]:
             ret = msg
     if ret == None:
         print(
             "Error: CertificateVerifyRequest response did not contain a CertificateVerifyResponse!"
         )
     return ret
Beispiel #2
0
    def sendPublicIPR(self, ipv, pipReq):
        """
        Sends the Public IP Notification Request.

        Arguments:
        ipv -- IP version, 4 or 6 (integer)
        pipReq -- the Public IP Notification Request (PipReq)

        Returns:
        content of request (requests.content)
        """

        # Simplified - RH
        if ((ipv == 6 and self.serverIPv6 == None)
                or (ipv == 4 and self.serverIPv4 == None)):
            # TODO: log
            print "Couldn't connect to the crossbear server using IPv%d" % ipv
            return None

        # TODO: do we still need the try/catch?
        # Actually send via HTTP POST
        try:
            if ipv == 6:
                ips = "[%s]" % self.serverIPv6
            else:
                ips = self.serverIPv4
            # send using the Python requests module
            data = MessageList.getBytesForMessage(pipReq)
            r = requests.post(url="http://%s/getPublicIP.jsp" % ips, data=data)
            return r.content
        except IOError, e:
            # TODO Log usefully what happend
            print "Couldn't connect to the crossbear server using IPv%d" % ipv
            print e
            return None
Beispiel #3
0
 def send_result(self, ht):
     """sends the results to the CB server"""
     conn = SingleTrustHTTPS(self.cbServerCert, self.cbServerHostName, 443)
     conn.request("POST", "/reportHTResults.jsp",
                  MessageList.getBytesForMessage(ht))
     response = conn.getresponse()
     if response.status != 200:
         print "Error submitting hunting task results. Error code: %s, %s" % (response.status, response.reason)
     conn.close()
Beispiel #4
0
 def send_result(self, ht):
     """sends the results to the CB server"""
     conn = SingleTrustHTTPS(self.cbServerCert, self.cbServerHostName, 443)
     conn.request("POST", "/reportHTResults.jsp",
                  MessageList.getBytesForMessage(ht))
     response = conn.getresponse()
     if response.status != 200:
         print "Error submitting hunting task results. Error code: %s, %s" % (
             response.status, response.reason)
     conn.close()
Beispiel #5
0
 def send_verify(self, cert, cbhostname, cvr):
     conn = SingleTrustHTTPS(cert, cbhostname, 443)
     conn.request("POST", "/verifyCert.jsp",
                  MessageList.getBytesForMessage(cvr))
     response = conn.getresponse()
     if response.status != 200:
         print("Failed to verify certificate. Received HTTP error code: %d" % (response.status))
         return
     content = response.read()
     ml = MessageList(content)
     if not MessageUtils.verify(ml, cert):
         print("Error:  Returned MessageList failed to verify.")
         return None
     # Return CertVerifyRes.  TODO: Use PIP, timestamp message and
     # other stuff. This requeres some restructuring of the PyHunter code.
     ret = None
     for msg in ml.allMessages():
         if msg.getType() == messageTypes["CERT_VERIFY_RESULT"]:
             ret = msg
     if ret == None:
         print("Error: CertificateVerifyRequest response did not contain a CertificateVerifyResponse!")
     return ret
Beispiel #6
0
    def fetch(self):
        """
        Fetch the current list of Hunting Tasks from the Crossbear
        server. To this end, connect via TLS and verify if the
        received server certificate is the one we have stored for
        Crossbear.
        """
        # Open HTTPs connection to Crossbear server
        conn = SingleTrustHTTPS(self.servCert, self.servHost, self.servPort)

        # Now request the current hunting task list
        conn.request("GET", "/getHuntingTaskList.jsp")
        resp = conn.getresponse()
        ml = MessageList(resp.read())
        if (MessageUtils.verify(ml, self.servCert)):
            return ml
        else:
            print "Message verification failed."
            return None
Beispiel #7
0
    def sendPublicIPR(self, ipv, pipReq):
        """
        Sends the Public IP Notification Request.

        Arguments:
        ipv -- IP version, 4 or 6 (integer)
        pipReq -- the Public IP Notification Request (PipReq)

        Returns:
        content of request (requests.content)
        """
        
        # Simplified - RH
        if ((ipv == 6 and self.serverIPv6 == None) 
            or (ipv == 4 and self.serverIPv4 == None)):
            # TODO: log
            print "Couldn't connect to the crossbear server using IPv%d" % ipv
            return None
        
        # TODO: do we still need the try/catch?
        # Actually send via HTTP POST
        try:
            if ipv == 6:
                ips = "[%s]" % self.serverIPv6
            else:
                ips = self.serverIPv4
            # send using the Python requests module
            data = MessageList.getBytesForMessage(pipReq)
            r = requests.post(url = "http://%s/getPublicIP.jsp" % ips,
                             data = data)
            return r.content
        except IOError, e:
            # TODO Log usefully what happend
            print "Couldn't connect to the crossbear server using IPv%d" % ipv
            print e
            return None