Ejemplo n.º 1
0
def color_string(data, color):
    # Setup a TerminalController for formatted output
    term = TerminalController()

    result = term.render("${" + color.upper() + "}" + data + "${NORMAL}")
    return result
Ejemplo n.º 2
0
def main():
    import optparse

    parser = optparse.OptionParser()
    # Shall we fuzz the request, response, or both?
    # Set via optparse in main
    global sr_request  # search/replace tuple for requests - (True, [search, replace]) where true means to use regex
    global sr_response  # search/replace tuple for responses - (True, [search, replace]) where true means to use regex
    global fuzz_request
    global fuzz_response

    # Other module-wide variables
    global debug
    global term
    global logger
    global fwdr

    parser.add_option("-l", "--local-addr", dest="local_addr", default="127.0.0.1", help="Local address to bind to")
    parser.add_option("-p", "--local-port", type="int", dest="local_port", default=1234, help="Local port to bind to")
    parser.add_option("-r", "--remote-addr", dest="remote_addr", help="Remote address to bind to")
    parser.add_option("-P", "--remote-port", type="int", dest="remote_port", default=80, help="Remote port to bind to")

    parser.add_option(
        "--search-request",
        dest="search_request",
        default="",
        help="String that if found will be replaced by --replace-request's value",
    )
    parser.add_option(
        "--replace-request", dest="replace_request", default="", help="String to replace the value of --search-request"
    )
    parser.add_option(
        "--search-response",
        dest="search_response",
        default="",
        help="String that if found will be replaced by --replace-request's value",
    )
    parser.add_option(
        "--replace-response",
        dest="replace_response",
        default="",
        help="String to replace the value of --search-request",
    )

    parser.add_option(
        "--regex-request",
        action="store_true",
        dest="request_use_regex",
        help="Requests: Use regular expressions for search and replace instead of string constants",
    )
    parser.add_option(
        "--regex-response",
        action="store_true",
        dest="response_use_regex",
        help="Responses: Use regular expressions for search and replace instead of string constants",
    )

    parser.add_option(
        "--fuzz-request",
        action="store_true",
        dest="fuzz_request",
        help="Fuzz the request which the proxy gets from the connecting client \
            prior to sending it to the remote host",
    )
    parser.add_option(
        "--fuzz-response",
        action="store_true",
        dest="fuzz_response",
        help="Fuzz the response which the proxy gets from the remote host prior \
            to sending it to the conecting client",
    )

    parser.add_option(
        "-i",
        "--run-info",
        dest="run_info",
        default="",
        help="Additional information string to add to database run_info entry",
    )

    parser.add_option(
        "-d",
        "--debug",
        type="int",
        dest="debug",
        default=0,
        help="Debug level (0-5, 0: No debugging; 1: Simple conneciton \
            information; 2: Simple data information; 3: Listener data display; 4: \
            Sender data display; 5: All data display)",
    )

    (options, args) = parser.parse_args()

    if not options.remote_addr or not options.remote_port:
        parser.print_help()
        exit(1)

    # Validate options for search/replace
    if (options.search_request and not options.replace_request) or (
        options.replace_request and not options.search_request
    ):
        print >> sys.stderr, "Both --search-request and --replace-request must be provided together"
        exit(1)

    if (options.search_response and not options.replace_response) or (
        options.replace_response and not options.search_response
    ):
        print >> sys.stderr, "Both --search-response and --replace-response must be provided together"
        exit(1)

    # Setup a TerminalController for formatted output
    term = TerminalController()

    # Print the current run information
    print (
        term.render(
            """\nSetting up asynch. TCP proxy with the following settings:
    ${GREEN}Local binding Address: %s
    Local binding Port:    %s${NORMAL}

    ${RED}Remote host address:   %s
    Remote host port:      %s${NORMAL}
    """
        )
        % (options.local_addr, options.local_port, options.remote_addr, options.remote_port)
    )

    # Set the debug value
    debug = options.debug

    # If run info was passed in on the command line, use that for the run_info table
    # additional info field (It will have what's being fuzzed prepended to it as well)
    run_additional_info = options.run_info

    # Print the selected debug value
    if debug > 0:
        if debug == 1:
            print ("    Debug: Level 1 (Show simple connection information)")
        elif debug == 2:
            print ("    Debug: Level 2 (Show simple data information, such as the size of sent/received messages)")
        elif debug == 3:
            print ("    Debug: Level 3 (Show listener data and size of sent/received messages)")
        elif debug == 4:
            print ("    Debug: Level 4 (Show sender data and size of sent/received messages)")
        elif debug == 5:
            print (
                "    Debug: Level 5 (Show all possible information, including the size of sent/received messages, and their data for listener and sender)"
            )
    print ("")

    # Display and setup search/replace things
    if options.search_request and options.replace_request:
        sr_request = [
            None,
            options.search_request.decode("string-escape"),
            options.replace_request.decode("string-escape"),
        ]
        # Check if we want to use regex instead of string constants
        if options.request_use_regex:
            # Use regex instead of string replace
            print (
                term.render(
                    "Running regex search/replace on ${BOLD}REQUESTS${NORMAL} with regex: 's/%s/%s'"
                    % (sr_request[1], sr_request[2])
                )
            )
            sr_request[0] = True
        else:
            print (
                term.render(
                    "Running string search/replace on ${BOLD}REQUESTS${NORMAL} with search/replace: 's/%s/%s'"
                    % (sr_request[1], sr_request[2])
                )
            )
            sr_request[0] = False
    else:
        sr_request = None

    if options.search_response and options.replace_response:
        sr_response = [
            None,
            options.search_response.decode("string-escape"),
            options.replace_response.decode("string-escape"),
        ]
        # Check if we want to use regex instead of string constants
        if options.response_use_regex:
            print (
                term.render(
                    "Running regex search/replace on ${BOLD}RESPONSES${NORMAL} with regex: 's/%s/%s'"
                    % (sr_response[1], sr_response[2])
                )
            )
            sr_response[0] = True
        else:
            print (
                term.render(
                    "Running string search/replace on ${BOLD}RESPONSES${NORMAL} with search/replace: 's/%s/%s'"
                    % (sr_response[1], sr_response[2])
                )
            )
            sr_response[0] = False
    else:
        sr_response = None

    # Setup which to fuzz - request, response, neither, both?
    if options.fuzz_request:
        fuzz_request = options.fuzz_request
        run_additional_info = "Fuzzing REQUESTS; " + run_additional_info
        print (term.render("Fuzzing ${BOLD}REQUESTS${NORMAL}"))
    else:
        fuzz_request = False

    if options.fuzz_response:
        fuzz_response = options.fuzz_response
        run_additional_info = "Fuzzing RESPONSES; " + run_additional_info
        print (term.render("Fuzzing ${BOLD}RESPONSES${NORMAL}"))
    else:
        fuzz_response = False

    if not (options.fuzz_response or options.fuzz_request):
        run_additional_info = "Fuzzing NONE; " + run_additional_info
        print (
            term.render(
                "Fuzzing ${BOLD}<NOTHING>${NORMAL} (Maybe you wanted ${BOLD}--fuzz-request or --fuzz-response${NORMAL}?)"
            )
        )

    if fuzz_request and fuzz_response:
        print (
            term.render(
                "${YELLOW}\nWARNING! WARNING!\n${BOLD}Fuzzing BOTH the request and response is probably a bad idea, ensure this is what you want to do!${NORMAL}${YELLOW}\nWARNING! WARNING!\n${NORMAL}"
            )
        )

    # host, db, username, passwd
    if logging_enabled:
        logger = postgresLogger("postgreshost", "dbname", "dbuser", "dbpass")

        logger.log_run_info("CompanyName", "ProjectName-v1.2.3", run_additional_info)

    # create object that spawns reciever/sender pairs upon connection
    fwdr = forwarder(options.local_addr, options.local_port, options.remote_addr, options.remote_port)
    print ("Listener running...")
    # asyncore.loop()

    # A quick hack to be able to control fuzz on/off while running
    # separate asyncore.loop into its own thread so we can have terminal control
    asyncThread = Thread(target=asyncore.loop)
    asyncThread.start()

    # start a console (ipython)
    from IPython.terminal.interactiveshell import TerminalInteractiveShell

    shell = TerminalInteractiveShell(user_ns=globals())
    shell.mainloop()

    # cleanup otherwise thread wont die and program hangs
    fwdr.close()
    # asyncore.close_all()
    asyncThread._Thread__stop()
Ejemplo n.º 3
0
def color_string(data, color):
    # Setup a TerminalController for formatted output
    term = TerminalController()

    result = term.render("${" + color.upper() + "}" + data + "${NORMAL}")
    return (result)
Ejemplo n.º 4
0
def main():
    import optparse
    parser = optparse.OptionParser()
    # Shall we fuzz the request, response, or both?
    # Set via optparse in main
    global sr_request   # search/replace tuple for requests - (True, [search, replace]) where true means to use regex
    global sr_response  # search/replace tuple for responses - (True, [search, replace]) where true means to use regex
    global fuzz_request
    global fuzz_response

    # Other module-wide variables
    global debug
    global term
    global logger
    global fwdr

    parser.add_option( '-l','--local-addr', dest='local_addr',default='127.0.0.1', help='Local address to bind to')
    parser.add_option( '-p','--local-port', type='int',dest='local_port',default=1234, help='Local port to bind to')
    parser.add_option( '-r','--remote-addr',dest='remote_addr', help='Remote address to bind to')
    parser.add_option( '-P','--remote-port', type='int',dest='remote_port',default=80, help='Remote port to bind to')

    parser.add_option( '--search-request', dest='search_request',default='', help='String that if found will be replaced by --replace-request\'s value')
    parser.add_option( '--replace-request', dest='replace_request',default='', help='String to replace the value of --search-request')
    parser.add_option( '--search-response', dest='search_response',default='', help='String that if found will be replaced by --replace-request\'s value')
    parser.add_option( '--replace-response', dest='replace_response',default='', help='String to replace the value of --search-request')

    parser.add_option( '--regex-request', action='store_true' ,dest='request_use_regex', help='Requests: Use regular expressions for search and replace instead of string constants')
    parser.add_option( '--regex-response', action='store_true' ,dest='response_use_regex', help='Responses: Use regular expressions for search and replace instead of string constants')

    parser.add_option( '--fuzz-request', action='store_true' ,dest='fuzz_request', help='Fuzz the request which the proxy gets from the connecting client \
            prior to sending it to the remote host')
    parser.add_option( '--fuzz-response', action='store_true' ,dest='fuzz_response', help='Fuzz the response which the proxy gets from the remote host prior \
            to sending it to the conecting client')

    parser.add_option( '-i','--run-info', dest='run_info',default='', help='Additional information string to add to database run_info entry')

    parser.add_option( '-d','--debug', type='int',dest='debug',default=0, help='Debug level (0-5, 0: No debugging; 1: Simple conneciton \
            information; 2: Simple data information; 3: Listener data display; 4: \
            Sender data display; 5: All data display)')

    (options, args) = parser.parse_args()

    if not options.remote_addr or not options.remote_port:
        parser.print_help()
        exit(1)

    # Validate options for search/replace
    if (options.search_request and not options.replace_request) or (options.replace_request and not options.search_request):
        print >>sys.stderr, "Both --search-request and --replace-request must be provided together"
        exit(1)

    if (options.search_response and not options.replace_response) or (options.replace_response and not options.search_response):
        print >>sys.stderr, "Both --search-response and --replace-response must be provided together"
        exit(1)

    # Setup a TerminalController for formatted output
    term = TerminalController()

    # Print the current run information
    print(term.render("""\nSetting up asynch. TCP proxy with the following settings:
    ${GREEN}Local binding Address: %s
    Local binding Port:    %s${NORMAL}

    ${RED}Remote host address:   %s
    Remote host port:      %s${NORMAL}
    """) % (options.local_addr, options.local_port, options.remote_addr, options.remote_port))

    # Set the debug value
    debug = options.debug

    # If run info was passed in on the command line, use that for the run_info table
    # additional info field (It will have what's being fuzzed prepended to it as well)
    run_additional_info = options.run_info

    # Print the selected debug value
    if(debug > 0):
        if(debug == 1):
            print("    Debug: Level 1 (Show simple connection information)")
        elif(debug == 2):
            print("    Debug: Level 2 (Show simple data information, such as the size of sent/received messages)")
        elif(debug == 3):
            print("    Debug: Level 3 (Show listener data and size of sent/received messages)")
        elif(debug == 4):
            print("    Debug: Level 4 (Show sender data and size of sent/received messages)")
        elif(debug == 5):
            print("    Debug: Level 5 (Show all possible information, including the size of sent/received messages, and their data for listener and sender)")
    print("")

    # Display and setup search/replace things
    if options.search_request and options.replace_request:
        sr_request = [None, options.search_request.decode('string-escape'), options.replace_request.decode('string-escape')]
        # Check if we want to use regex instead of string constants
        if options.request_use_regex:
            # Use regex instead of string replace
            print(term.render("Running regex search/replace on ${BOLD}REQUESTS${NORMAL} with regex: 's/%s/%s'" % (sr_request[1], sr_request[2])))
            sr_request[0] = True
        else:
            print(term.render("Running string search/replace on ${BOLD}REQUESTS${NORMAL} with search/replace: 's/%s/%s'" % (sr_request[1], sr_request[2])))
            sr_request[0] = False
    else:
        sr_request = None

    if options.search_response and options.replace_response:
        sr_response = [None, options.search_response.decode('string-escape'), options.replace_response.decode('string-escape')]
        # Check if we want to use regex instead of string constants
        if options.response_use_regex:
            print(term.render("Running regex search/replace on ${BOLD}RESPONSES${NORMAL} with regex: 's/%s/%s'" % (sr_response[1], sr_response[2])))
            sr_response[0] = True
        else:
            print(term.render("Running string search/replace on ${BOLD}RESPONSES${NORMAL} with search/replace: 's/%s/%s'" % (sr_response[1], sr_response[2])))
            sr_response[0] = False
    else:
        sr_response = None

    # Setup which to fuzz - request, response, neither, both?
    if(options.fuzz_request):
        fuzz_request = options.fuzz_request
        run_additional_info = "Fuzzing REQUESTS; " + run_additional_info
        print(term.render("Fuzzing ${BOLD}REQUESTS${NORMAL}"))
    else:
        fuzz_request = False

    if(options.fuzz_response):
        fuzz_response = options.fuzz_response
        run_additional_info = "Fuzzing RESPONSES; " + run_additional_info
        print(term.render("Fuzzing ${BOLD}RESPONSES${NORMAL}"))
    else:
        fuzz_response = False

    if(not(options.fuzz_response or options.fuzz_request)):
        run_additional_info = "Fuzzing NONE; " + run_additional_info
        print(term.render("Fuzzing ${BOLD}<NOTHING>${NORMAL} (Maybe you wanted ${BOLD}--fuzz-request or --fuzz-response${NORMAL}?)"))

    if(fuzz_request and fuzz_response):
        print(term.render("${YELLOW}\nWARNING! WARNING!\n${BOLD}Fuzzing BOTH the request and response is probably a bad idea, ensure this is what you want to do!${NORMAL}${YELLOW}\nWARNING! WARNING!\n${NORMAL}"))

    # host, db, username, passwd
    if logging_enabled:
        logger = postgresLogger("postgreshost", "dbname", "dbuser", "dbpass")

        logger.log_run_info("CompanyName", "ProjectName-v1.2.3", run_additional_info)

    # create object that spawns reciever/sender pairs upon connection
    fwdr = forwarder(options.local_addr,options.local_port,options.remote_addr,options.remote_port)
    print("Listener running...")
    #asyncore.loop()

    # A quick hack to be able to control fuzz on/off while running
    # separate asyncore.loop into its own thread so we can have terminal control
    asyncThread = Thread(target=asyncore.loop)
    asyncThread.start()

    # start a console (ipython)
    from IPython.terminal.interactiveshell import TerminalInteractiveShell
    shell = TerminalInteractiveShell(user_ns=globals())
    shell.mainloop()

    # cleanup otherwise thread wont die and program hangs
    fwdr.close()
    #asyncore.close_all()
    asyncThread._Thread__stop()