""" import cherryproxy from pyclamd import pyclamd # you may need to change this CLAMD_SOCKET = '/var/run/clamav/clamd.ctl' class CherryProxyAV(cherryproxy.CherryProxy): def __init__(self, *args, **kwargs): super(CherryProxyAV, self).__init__(*args, **kwargs) try: self.av = pyclamd.ClamdUnixSocket(CLAMD_SOCKET) self.av.ping() except pyclamd.ConnectionError: raise ValueError('Could not connect to clamd server is %s' % CLAMD_SOCKET) def filter_response(self): result = self.av.scan_stream(self.resp.data) if result: msg = 'Response blocked due to potential threat' body = '%s\n\n%r' % (msg, result) self.req.log.warning("%r" % msg) self.set_response_forbidden(reason=msg, data=body) if __name__ == "__main__": cherryproxy.main(CherryProxyAV)
count_get = a[0] status_get = a[1] pcap_name = a[2] content_length = int(a[3]) wait_time = int(ceil(content_length / float(10000))) list_item = int(pcap_enum[pcap_name]) #print ">>>>", pcap_enum, type(list_item) #print a[0] data_get = responses_list[list_item][a[0] - 1] #print responses_list[list_item][39] resp_header = responses_list[list_item] #print len(responses_list[list_item]) type_get = responses_headers_list[list_item][a[0] - 1]['content-type'] #print type_get #print data_get self.set_response(int(status_get), "Response", data=data_get, content_type=type_get) time.sleep(wait_time) else: self.set_response(404, "Response", data="madmax", content_type='text/plain') cherryproxy.main(CherryProxy_tcpreplay)
def filter_response_headers(self): pass def filter_response(self): global request_uri global req_method global req_uri global conunt_index global req_path global req_host #print "**********" #print ">>>" + request_uri #print "##########" sys.stdout.flush() con = sqlite3.connect('newdb.db') cur = con.cursor() cur.execute('''SELECT Count, Response FROM http WHERE Request = ?''', (request_uri, )) a = cur.fetchone() con.close() if a != None: count_get = a[0] status_get = a[1] data_get = fry.responses[a[0]-1] type_get = fry.responses_headers[a[0]-1]['content-type'] self.set_response(int(status_get), "Response", data = data_get, content_type = type_get) else: self.set_response(200, "Response", data = "madmax", content_type='text/plain') cherryproxy.main(CherryProxy_tcpreplay)
Sample CherryProxy class demonstrating how to adapt a response. This demo simply blocks EXE files and allows everything else. """ def filter_request_headers(self): # extract filename extension from URL: ext = os.path.splitext(self.req.path)[1] self.log.debug('extension: %s' % ext) if str(ext).lower() == '.exe': msg = 'Request blocked due to filename with executable extension in URL' self.log.warning(msg) self.set_response_forbidden(reason=msg) def filter_response_headers(self): # check content-type if self.resp.content_type == 'application/octet-stream': # it's an exe file, return a 403 Forbidden response: msg = 'Response blocked due to executable content-type' self.log.warning(msg) self.set_response_forbidden(reason=msg) def filter_response(self): # check if data starts with "MZ": if isinstance(self.resp.data, str) and self.resp.data.startswith('MZ'): # it's an exe file, return a 403 Forbidden response: msg = 'Response blocked due to potentially executable content' self.log.warning(msg) self.set_response_forbidden(reason=msg) cherryproxy.main(CherryProxy_blockexe)
referer = query['referer'][0] response = self.makeRequest(requested_url, referer) if response.status_code == 304: self.set_response(304) return self.set_response(response.status_code, data=response.raw.read(), content_type=response.headers['content-type']) self.resp.headers = [] for header in response.headers.keys(): self.resp.headers.append((header, response.headers[header])) def makeRequest(self, url, referer): headers = {} for header in self.req.headers.keys(): if header == "host": continue headers[header] = self.req.headers[header] if not referer is None: headers['Referer'] = referer return requests.get(url, headers=headers, stream=True) cherryproxy.main(ProxyReferer)
if not ('user-agent' in headers): print "User-Agent vide ou incorrect !" accepted = False if not re.match('.*(\:[80|443])?', self.req.netloc): print "Je suis un proxy web ! Tu m'entends ? WEB !" accepted = False if is_SSH_req(self.req.query): print "Ai-je bien lu 'SSH' ?" accepted = False if not accepted: self.denie() def filter_response(self): headers = dict(self.resp.headers) if 'content-encoding' in headers.keys(): if not headers['content-encoding'] in self.req.headers['accept-encoding'].split(','): print "Tu sais quoi ? Ton serveur t'as repondu de la merde !" self.denie() if __name__ == '__main__': global __proxy__ for i in range(0, len(sys.argv)): if sys.argv[i] == '-f': __proxy__ = sys.argv[i+1] elif re.match('--forward=.*', sys.argv[i]): __proxy__ = sys.argv[i].split("=")[1] else: __proxy__ = "" cherryproxy.main(Proxy)
def filter_request_headers(self): logging.debug("Filtering the headers.") for f in self.__filter_header: if f(self): self.set_response_forbidden(reason="I don't want to.") break def filter_request(self): logging.debug("Filtering the request.") for f in self.__filter_request: if f(self): self.set_response_forbidden(status=403, reason="I don't want to.") break logging.debug("Forwarding the request.") def filter_response(self): logging.debug("New reponse received") for f in self.__filter_response: if f(self): self.set_response_forbidden(status=403, reason="I don't want to.") break logging.debug("Forwarding the request.") if __name__ == "__main__": #logging.basicConfig(format='%(levelname)8s:%(asctime)s:%(funcName)20s():%(message)s', # filename='proxy.log', level=logging.DEBUG) cherryproxy.main(FilteringProxy)
referer = None if 'referer' in query.keys(): referer = query['referer'][0] response = self.makeRequest(requested_url, referer) if response.status_code == 304: self.set_response(304) return self.set_response(response.status_code, data=response.raw.read(), content_type=response.headers['content-type']) self.resp.headers = [] for header in response.headers.keys(): self.resp.headers.append((header, response.headers[header])) def makeRequest(self, url, referer): headers = {} for header in self.req.headers.keys(): if header == "host": continue headers[header] = self.req.headers[header] if not referer is None: headers['Referer'] = referer return requests.get(url, headers=headers, stream=True) cherryproxy.main(ProxyReferer)
str(ext)) rows3 = cur.fetchall() #rows3[0] = rows3[0][0] print rows3[0][1] self.req.netloc = rows3[0][1] + ':5000' self.req.source = rows3[0][0] elif str(ext) not in rows1: self.req.netloc = '192.168.1.25:5000' self.req.source = '192.168.1.24' #if str(ext) in rows2: # cur.execute("SELECT ip_src FROM matching WHERE cache='2';") # rows4 = cur.fetchall() # rows4[0] = rows4[0][0] #print rows4 #self.req.netloc = '192.168.1.27:5000' # self.req.source = rows4[0] #elif str(ext) not in rows1 and str(ext) not in rows2: # cur.execute("SELECT ip_src FROM matching WHERE cache='0';") # rows3 = cur.fetchall() #rows3[0] = rows3[0][0] #print rows3[0] #self.req.netloc = '192.168.1.25:5000' #self.req.source = rows3[0] cherryproxy.main(CherryProxy_redirect)
if str(ext) in rows1: print ' in rows1' cur.execute("SELECT ip_src, host FROM matching WHERE name ='%s' ;"% str(ext)) rows3 = cur.fetchall() #rows3[0] = rows3[0][0] print rows3[0][1] self.req.netloc = rows3[0][1]+':5000' self.req.source = rows3[0][0] elif str(ext) not in rows1: self.req.netloc = '192.168.1.25:5000' self.req.source = '192.168.1.24' #if str(ext) in rows2: # cur.execute("SELECT ip_src FROM matching WHERE cache='2';") # rows4 = cur.fetchall() # rows4[0] = rows4[0][0] #print rows4 #self.req.netloc = '192.168.1.27:5000' # self.req.source = rows4[0] #elif str(ext) not in rows1 and str(ext) not in rows2: # cur.execute("SELECT ip_src FROM matching WHERE cache='0';") # rows3 = cur.fetchall() #rows3[0] = rows3[0][0] #print rows3[0] #self.req.netloc = '192.168.1.25:5000' #self.req.source = rows3[0] cherryproxy.main(CherryProxy_redirect)