def send_verify(self, cert, cbhostname, cvr):
conn = SingleTrustHTTPS(cert, cbhostname, 443)
conn.request("POST", "/verifyCert.jsp",
MessageList.getBytesForMessage(cvr))
response = conn.getresponse()
if response.status != 200:
print(
"Failed to verify certificate. Received HTTP error code: %d" %
(response.status))
return
content = response.read()
ml = MessageList(content)
if not MessageUtils.verify(ml, cert):
print("Error: Returned MessageList failed to verify.")
return None
# Return CertVerifyRes. TODO: Use PIP, timestamp message and
# other stuff. This requeres some restructuring of the PyHunter code.
ret = None
for msg in ml.allMessages():
if msg.getType() == messageTypes["CERT_VERIFY_RESULT"]:
ret = msg
if ret == None:
print(
"Error: CertificateVerifyRequest response did not contain a CertificateVerifyResponse!"
)
return ret
def sendPublicIPR(self, ipv, pipReq):
"""
Sends the Public IP Notification Request.
Arguments:
ipv -- IP version, 4 or 6 (integer)
pipReq -- the Public IP Notification Request (PipReq)
Returns:
content of request (requests.content)
"""
# Simplified - RH
if ((ipv == 6 and self.serverIPv6 == None)
or (ipv == 4 and self.serverIPv4 == None)):
# TODO: log
print "Couldn't connect to the crossbear server using IPv%d" % ipv
return None
# TODO: do we still need the try/catch?
# Actually send via HTTP POST
try:
if ipv == 6:
ips = "[%s]" % self.serverIPv6
else:
ips = self.serverIPv4
# send using the Python requests module
data = MessageList.getBytesForMessage(pipReq)
r = requests.post(url="http://%s/getPublicIP.jsp" % ips, data=data)
return r.content
except IOError, e:
# TODO Log usefully what happend
print "Couldn't connect to the crossbear server using IPv%d" % ipv
print e
return None
def send_result(self, ht):
"""sends the results to the CB server"""
conn = SingleTrustHTTPS(self.cbServerCert, self.cbServerHostName, 443)
conn.request("POST", "/reportHTResults.jsp",
MessageList.getBytesForMessage(ht))
response = conn.getresponse()
if response.status != 200:
print "Error submitting hunting task results. Error code: %s, %s" % (response.status, response.reason)
conn.close()
def send_result(self, ht):
"""sends the results to the CB server"""
conn = SingleTrustHTTPS(self.cbServerCert, self.cbServerHostName, 443)
conn.request("POST", "/reportHTResults.jsp",
MessageList.getBytesForMessage(ht))
response = conn.getresponse()
if response.status != 200:
print "Error submitting hunting task results. Error code: %s, %s" % (
response.status, response.reason)
conn.close()
def send_verify(self, cert, cbhostname, cvr):
conn = SingleTrustHTTPS(cert, cbhostname, 443)
conn.request("POST", "/verifyCert.jsp",
MessageList.getBytesForMessage(cvr))
response = conn.getresponse()
if response.status != 200:
print("Failed to verify certificate. Received HTTP error code: %d" % (response.status))
return
content = response.read()
ml = MessageList(content)
if not MessageUtils.verify(ml, cert):
print("Error: Returned MessageList failed to verify.")
return None
# Return CertVerifyRes. TODO: Use PIP, timestamp message and
# other stuff. This requeres some restructuring of the PyHunter code.
ret = None
for msg in ml.allMessages():
if msg.getType() == messageTypes["CERT_VERIFY_RESULT"]:
ret = msg
if ret == None:
print("Error: CertificateVerifyRequest response did not contain a CertificateVerifyResponse!")
return ret
def fetch(self):
"""
Fetch the current list of Hunting Tasks from the Crossbear
server. To this end, connect via TLS and verify if the
received server certificate is the one we have stored for
Crossbear.
"""
# Open HTTPs connection to Crossbear server
conn = SingleTrustHTTPS(self.servCert, self.servHost, self.servPort)
# Now request the current hunting task list
conn.request("GET", "/getHuntingTaskList.jsp")
resp = conn.getresponse()
ml = MessageList(resp.read())
if (MessageUtils.verify(ml, self.servCert)):
return ml
else:
print "Message verification failed."
return None
def sendPublicIPR(self, ipv, pipReq):
"""
Sends the Public IP Notification Request.
Arguments:
ipv -- IP version, 4 or 6 (integer)
pipReq -- the Public IP Notification Request (PipReq)
Returns:
content of request (requests.content)
"""
# Simplified - RH
if ((ipv == 6 and self.serverIPv6 == None)
or (ipv == 4 and self.serverIPv4 == None)):
# TODO: log
print "Couldn't connect to the crossbear server using IPv%d" % ipv
return None
# TODO: do we still need the try/catch?
# Actually send via HTTP POST
try:
if ipv == 6:
ips = "[%s]" % self.serverIPv6
else:
ips = self.serverIPv4
# send using the Python requests module
data = MessageList.getBytesForMessage(pipReq)
r = requests.post(url = "http://%s/getPublicIP.jsp" % ips,
data = data)
return r.content
except IOError, e:
# TODO Log usefully what happend
print "Couldn't connect to the crossbear server using IPv%d" % ipv
print e
return None