Beispiel #1
0
 def render_GET(self, request):
     try:
         flows = HoneyProxy.getProxyMaster().getFlowCollection().getFlowsSerialized()
         return json.dumps(flows,separators=(',',':'),encoding='latin1')
     except Exception as e:
         print e
         return "<html><body>Invalid request.</body></html>"         
Beispiel #2
0
 def read(data):
     f = HoneyProxy.getProxyMaster().getFlowCollection()
     if "id" in data and data["id"] != "all":
         self.factory.msg("read",{"id":data.get("id"), "data": f.getFlowsSerialized()[data.get("id")]},client=self)
     else:
         flows = f.getFlowsSerialized()
         self.factory.msg("read",{"id":"all","data": flows},client=self)
Beispiel #3
0
 def render_GET(self, request):
     try:
         flows = HoneyProxy.getProxyMaster().getFlowCollection(
         ).getFlowsSerialized()
         return json.dumps(flows, separators=(',', ':'), encoding='latin1')
     except Exception as e:
         return ServerErrorResource(e).render(request)
Beispiel #4
0
 def auth_func(self, request, *args, **kwargs):
     token = "invalid"
     if "token" in request.args:
         token = request.args["token"] 
     elif request.requestHeaders.hasHeader("X-Request-Token"):
         token = request.requestHeaders.getRawHeaders("X-Request-Token",[None])[0]
     if token == HoneyProxy.getApiAuthToken():
         return f(self, request, *args, **kwargs)
     else:
         return ForbiddenResource(message="Invalid response Token").render(request)
Beispiel #5
0
 def auth_func(self, request, *args, **kwargs):
     token = "invalid"
     if "token" in request.args:
         token = request.args["token"]
     elif request.requestHeaders.hasHeader("X-Request-Token"):
         token = request.requestHeaders.getRawHeaders(
             "X-Request-Token", [None])[0]
     if token == HoneyProxy.getApiAuthToken():
         return f(self, request, *args, **kwargs)
     else:
         return ForbiddenResource(
             message="Invalid response Token").render(request)
Beispiel #6
0
    def dataReceived(self, data):
        try:
            data = json.loads(data)
        except ValueError:
            self.factory.msg("Cannot decode WebSocket request.")
            return
        if not "action" in data:
            return

        #Handle Authentication
        if data.get("action") == "auth" and data.get(
                "key") == HoneyProxy.getAuthKey() and not self.authenticated:
            self.authenticated = True
            self.factory.clients.add(self)
            self.factory.msg("Authenticated.")
            return
        #Forbid unauthenticated requests
        if not self.authenticated:
            self.factory.msg("Unauthorized request to WebSocket API.")
            return

        def notImplemented():
            self.factory.msg("Unimplemented function call")
            raise NotImplementedError()

        def read(data):
            f = HoneyProxy.getProxyMaster().getFlowCollection()
            if "id" in data and data["id"] != "all":
                self.factory.msg("read", {
                    "id": data.get("id"),
                    "data": f.getFlowsSerialized()[data.get("id")]
                },
                                 client=self)
            else:
                flows = f.getFlowsSerialized()
                self.factory.msg("read", {
                    "id": "all",
                    "data": flows
                },
                                 client=self)

        try:
            {
                #'create': notImplemented,
                'read': read,
                #'update': notImplemented,
                #'delete': notImplemented,
            }[data.get("action")](data)
        except KeyError:
            notImplemented()
Beispiel #7
0
 def read(data):
     f = HoneyProxy.getProxyMaster().getFlowCollection()
     if "id" in data and data["id"] != "all":
         self.factory.msg("read", {
             "id": data.get("id"),
             "data": f.getFlowsSerialized()[data.get("id")]
         },
                          client=self)
     else:
         flows = f.getFlowsSerialized()
         self.factory.msg("read", {
             "id": "all",
             "data": flows
         },
                          client=self)
Beispiel #8
0
 def onMessage(self, data, binary):
     try:
         data = json.loads(data)
     except ValueError:
         self.factory.msg("Cannot decode WebSocket request.")
         return
     if not "action" in data:
         return
     
     #Handle Authentication
     if data.get("action") == "auth" and data.get("key") == HoneyProxy.getAuthKey() and not self.authenticated:
         self.authenticated = True
         self.factory.clients.add(self)
         self.factory.msg("Authenticated.")
         return
     #Forbid unauthenticated requests
     if not self.authenticated:
         self.factory.msg("Unauthorized request to WebSocket API.")
         return
     
     def notImplemented():
         self.factory.msg("Unimplemented function call")
         raise NotImplementedError()
     
     def read(data):
         f = HoneyProxy.getProxyMaster().getFlowCollection()
         if "id" in data and data["id"] != "all":
             self.factory.msg("read",{"id":data.get("id"), "data": f.getFlowsSerialized()[data.get("id")]},client=self)
         else:
             flows = f.getFlowsSerialized()
             self.factory.msg("read",{"id":"all","data": flows},client=self)
     
     try:
         {
             #'create': notImplemented,
             'read'  : read,
             #'update': notImplemented,
             #'delete': notImplemented,
         }[data.get("action")](data)
     except KeyError:
         notImplemented()
Beispiel #9
0
    def render_GET(self, request):
        try:
            if(len(request.postpath) != 3):
                raise Exception("invalid parameter length")
            flow = HoneyProxy.getProxyMaster().getFlowCollection().getFlow(int(request.postpath[0]))
            isResponse = request.postpath[1] == "response"
            
            obj = getattr(flow,request.postpath[1])
            
            isView = request.postpath[2] == "inline"
            if (isResponse):
                #add important headers from original request
                headers = ["Content-Type","Content-Encoding"]
                for h in headers:
                    if(h in obj.headers):
                        request.setHeader(h,obj.headers.get(h)[0])
                
                #this would fail on 301 redirects
                #fix responsecode      
                #request.setResponseCode(obj.code)
                
            #fix content disposition for attachment download
            cdisp = obj.headers.get("Content-Disposition")
            if(cdisp == None):
                #do minimal file name guessing
                cdisp = 'inline; filename="'+flow.request.path.split("?")[0].split("/")[-1]+'"'
            else:
                cdisp = cdisp[0]
            if isView:
                request.setHeader("Content-Disposition",cdisp.replace("attachment", "inline"))
            else:
                request.setHeader("Content-Disposition",cdisp.replace("inline", "attachment"))

            return obj.content
        except Exception as e:
            print e
            return "<html><body>Invalid request.</body></html>"         
 def __enter__(self):
     for flow in self.flows:
         for i in ["request", "response"]:
             flow[i]["content"] = HoneyProxy.getProxyMaster(
             ).getFlowCollection().getDecodedContents()[flow.get("id")][i]
Beispiel #11
0
 def render_GET(self, request):
     try:
         return json.dumps(HoneyProxy.getConfig())
     except Exception as e:
         return ServerErrorResource(e).render(request)
Beispiel #12
0
    def render_GET(self, request):
        try:
            allFlows = HoneyProxy.getProxyMaster().getFlowCollection().getFlowsSerialized()
            
            #take care of the "in" parameter, only search through specified flows (or all if not specified)
            flows = []
            if("in" in request.args):
                for flowId in json.loads(request.args["in"][0]):
                    flows.append(allFlows[flowId])
            else:
                flows = list(allFlows)
            
            #prepare conditions
            conditions = json.loads(request.args["filter"][0])
            for cond in conditions:
                cond["field"] = cond["field"].split(".")
                cond["not"] = cond["not"] if "not" in cond else False
                if(cond["type"] == "regexp"):
                    prog = re.compile(cond["value"],re.DOTALL)
                    cond["match"] = lambda s: prog.search(s)
                elif(cond["type"] == "containsStrict"):
                    cond["match"] = lambda s: cond["value"] in s
                elif(cond["type"] == "similarTo"):
                    cond["field"] = []
                    flow, level = cond["value"].split(",")
                    flow = allFlows[int(flow)]
                    level = int(level)
                    cond["match"] = lambda s: similarTo(flow,s,level)
                else: #if(cond["type"] == "contains"):
                    value = cond["value"].lower()
                    cond["match"] = lambda s: value in s.lower()
            
            def similarTo(this,other,level):
                if(this == other):
                    return True #Include own flow.
                diff = ((this.get("request").get("host")               != other.get("request").get("host")) * 4 +
                        (this.get("request").get("method")             != other.get("request").get("method")) * 4 +
                        (this.get("request").get("path")               != other.get("request").get("path")) * 4 +
                        (this.get("request").get("contentLength")      != other.get("request").get("contentLength")) +
                        (this.get("response").get("code")              != other.get("response").get("code")) +
                        (this.get("response").get("contentLength")     != other.get("response").get("contentLength")))
                if(diff <= level):
                    return True
                else:
                    return False
            
            #helper function get an attribute recursively
            def rec_getattr(obj,attr):
                if(len(attr) == 0):
                    return obj
                else:
                    if type(obj) is dict:
                        obj = obj.get(attr[0])
                    else:
                        obj = getattr(obj,str(attr[0]))
                    return rec_getattr(obj,attr[1:])
            
            #helper function to determine whether the given condition matches any attribute
            def matchesAny(obj,cond):
                if type(obj) is list or type(obj) is tuple:
                    return any(matchesAny(v,cond) for v in obj)
                elif type(obj) is dict:
                    return any(matchesAny(v,cond) for v in obj.keys()+obj.values())
                else:
                    try:
                        if not type(obj) is str:
                            obj = str(obj)
                        return cond["match"](obj)
                    except:
                        import traceback
                        print traceback.format_exc()
                        return False
            
            #filter a specific flows for all conditions        
            def filterFunc(flow):
                for cond in conditions:
                    try:
                        if(cond["field"] == ["any"]):
                            if not matchesAny(flow,cond) ^ cond["not"]:
                                return False
                        else:
                            attr = rec_getattr(flow,cond["field"])
                            if not cond["match"](attr) ^ cond["not"]:
                                return False
                    except:
                        return False
                return True
            
            if("includeContent" in request.args and request.args["includeContent"][0].lower() == "true"):
                with includeDecodedContent(flows):
                    filteredFlows = filter(filterFunc,flows)
            else:
                filteredFlows = filter(filterFunc,flows)
            
            if(not("idsOnly" in request.args) or request.args["idsOnly"][0].lower() != "false"):
                filteredFlows = map(lambda flow: flow.get("id"), filteredFlows)

            return json.dumps(filteredFlows,separators=(',',':'),encoding='latin1')
        except Exception as e:
            return ServerErrorResource(e).render(request)
Beispiel #13
0
 def render_GET(self, request):
     try:
         return json.dumps(HoneyProxy.getConfig())
     except Exception as e:
         return ServerErrorResource(e).render(request)
Beispiel #14
0
 def render_GET(self, request):
     try:
         flows = HoneyProxy.getProxyMaster().getFlowCollection().getFlowsSerialized()
         return json.dumps(flows,separators=(',',':'),encoding='latin1')
     except Exception as e:
         return ServerErrorResource(e).render(request)
Beispiel #15
0
 def render_GET(self, request):
     return json.dumps({"token": HoneyProxy.getApiAuthToken()})
Beispiel #16
0
 def render_GET(self, request):
     return json.dumps({"token": HoneyProxy.getApiAuthToken()})
Beispiel #17
0
 def __enter__(self):
     for flow in self.flows:
         for i in ["request","response"]:
             flow[i]["content"] = HoneyProxy.getProxyMaster().getFlowCollection().getDecodedContents()[flow.get("id")][i]
Beispiel #18
0
 def render_GET(self, request):
     try:
         return json.dumps(HoneyProxy.getConfig())
     except Exception as e:
         print e
         return "<html><body>Invalid request.</body></html>"
Beispiel #19
0
    def render_GET(self, request):
        try:
            allFlows = HoneyProxy.getProxyMaster().getFlowCollection(
            ).getFlowsSerialized()

            #take care of the "in" parameter, only search through specified flows (or all if not specified)
            flows = []
            if ("in" in request.args):
                for flowId in json.loads(request.args["in"][0]):
                    flows.append(allFlows[flowId])
            else:
                flows = list(allFlows)

            #prepare conditions
            conditions = json.loads(request.args["filter"][0])
            for cond in conditions:
                cond["field"] = cond["field"].split(".")
                cond["not"] = cond["not"] if "not" in cond else False
                if (cond["type"] == "regexp"):
                    prog = re.compile(cond["value"], re.DOTALL)
                    cond["match"] = lambda s: prog.search(s)
                elif (cond["type"] == "containsStrict"):
                    cond["match"] = lambda s: cond["value"] in s
                elif (cond["type"] == "similarTo"):
                    cond["field"] = []
                    flow, level = cond["value"].split(",")
                    flow = allFlows[int(flow)]
                    level = int(level)
                    cond["match"] = lambda s: similarTo(flow, s, level)
                else:  #if(cond["type"] == "contains"):
                    value = cond["value"].lower()
                    cond["match"] = lambda s: value in s.lower()

            def similarTo(this, other, level):
                if (this == other):
                    return True  #Include own flow.
                diff = ((this.get("request").get("host") !=
                         other.get("request").get("host")) * 4 +
                        (this.get("request").get("method") !=
                         other.get("request").get("method")) * 4 +
                        (this.get("request").get("path") !=
                         other.get("request").get("path")) * 4 +
                        (this.get("request").get("contentLength") !=
                         other.get("request").get("contentLength")) +
                        (this.get("response").get("code") !=
                         other.get("response").get("code")) +
                        (this.get("response").get("contentLength") !=
                         other.get("response").get("contentLength")))
                if (diff <= level):
                    return True
                else:
                    return False

            #helper function get an attribute recursively
            def rec_getattr(obj, attr):
                if (len(attr) == 0):
                    return obj
                else:
                    if type(obj) is dict:
                        obj = obj.get(attr[0])
                    else:
                        obj = getattr(obj, str(attr[0]))
                    return rec_getattr(obj, attr[1:])

            #helper function to determine whether the given condition matches any attribute
            def matchesAny(obj, cond):
                if type(obj) is list or type(obj) is tuple:
                    return any(matchesAny(v, cond) for v in obj)
                elif type(obj) is dict:
                    return any(
                        matchesAny(v, cond) for v in obj.keys() + obj.values())
                else:
                    try:
                        if not type(obj) is str:
                            obj = str(obj)
                        return cond["match"](obj)
                    except:
                        import traceback
                        print traceback.format_exc()
                        return False

            #filter a specific flows for all conditions
            def filterFunc(flow):
                for cond in conditions:
                    try:
                        if (cond["field"] == ["any"]):
                            if not matchesAny(flow, cond) ^ cond["not"]:
                                return False
                        else:
                            attr = rec_getattr(flow, cond["field"])
                            if not cond["match"](attr) ^ cond["not"]:
                                return False
                    except:
                        return False
                return True

            if ("includeContent" in request.args
                    and request.args["includeContent"][0].lower() == "true"):
                with includeDecodedContent(flows):
                    filteredFlows = filter(filterFunc, flows)
            else:
                filteredFlows = filter(filterFunc, flows)

            if (not ("idsOnly" in request.args)
                    or request.args["idsOnly"][0].lower() != "false"):
                filteredFlows = map(lambda flow: flow.get("id"), filteredFlows)

            return json.dumps(filteredFlows,
                              separators=(',', ':'),
                              encoding='latin1')
        except Exception as e:
            return ServerErrorResource(e).render(request)
Beispiel #20
0
    
    dumpoptions = dump.Options(dumpdir=options.dumpdir,**mcmdline.get_common_options(options))
    
    #set up proxy server
    proxyconfig = mproxy.process_proxy_options(parser, options)
    
    if options.no_server:
        server = mproxy.DummyServer(proxyconfig)
    else:
        try:
            server = mproxy.ProxyServer(proxyconfig, options.port, options.addr)
        except mproxy.ProxyServerError, v:
            print >> sys.stderr, "%(name)s: %(args)s" % {"name": version.NAME, "args": v.args[0]}
            sys.exit(1)

    HoneyProxy.setAuthKey(options.apiauth)
    if options.readonly:
        HoneyProxy.apiAuthToken = None
    #set up HoneyProxy GUI
    guiSessionFactory = session.GuiSessionFactory("ws://*****:*****@localhost:"+str(options.guiport)+"/"
    guiURL = httpGui +"app/"
    HoneyProxy.setConfig({
Beispiel #21
0
    
    dumpoptions = dump.Options(dumpdir=options.dumpdir,**mcmdline.get_common_options(options))
    
    #set up proxy server
    proxyconfig = mproxy.process_proxy_options(parser, options)
    
    if options.no_server:
        server = mproxy.DummyServer(proxyconfig)
    else:
        try:
            server = mproxy.ProxyServer(proxyconfig, options.port, options.addr)
        except mproxy.ProxyServerError, v:
            print >> sys.stderr, "%(name)s: %(args)s" % {"name": version.NAME, "args": v.args[0]}
            sys.exit(1)

    HoneyProxy.setAuthKey(options.apiauth)
    if options.readonly:
        HoneyProxy.apiAuthToken = None
    #set up HoneyProxy GUI
    guiSessionFactory = session.GuiSessionFactory()
    
    #WebSocket
    websocketRes = WebSocketsResource(guiSessionFactory)
    reactor.listenTCP(options.apiport, Site(websocketRes))
    
    #Config
    wsPort = str(options.apiport)
    urlauth = "honey:"+HoneyProxy.getAuthKey()+"@" if HoneyProxy.getAuthKey() != "NO_AUTH" else ""
    httpGui = "http://"+urlauth+"localhost:"+str(options.guiport)+"/"
    guiURL = httpGui +"app/"
    HoneyProxy.setConfig({