def __init__(self, client_host, remote_host):
self.parse_config = config.get_config()
self.buf = StringIO()
self.client_host = client_host
self.remote_host = remote_host
self.uri = ""
self.req = ""
self.req_headerdict = dict()
self.req_head = ""
self.req_body = ""
self.res_body = ""
self.orig_resp = ""
self.orig_chunked_resp = ""
self.res_headerdict = dict()
self.res_head = ""
self.res_num = ""
self.res_type = ""
self.redirect_to = ""
self.host = ""
self.referer = ""
self.user_agent = ""
self.filename = ""
self.method = ""
self.req_len = 0
self.res_len = 0
self.time = 0
def __init__(self, client_host, remote_host):
self.parse_config = config.get_config()
self.buf = StringIO()
self.client_host = client_host
self.remote_host = remote_host
self.uri = ""
self.req = ""
self.req_headerdict = dict()
self.req_head = ""
self.req_body = ""
self.res_body = ""
self.orig_resp = ""
self.orig_chunked_resp = ""
self.res_headerdict = dict()
self.res_head = ""
self.res_num = ""
self.res_type = ""
self.redirect_to = ""
self.host = ""
self.referer = ""
self.user_agent = ""
self.filename = ""
self.method = ""
self.req_len = 0
self.res_len = 0
self.time = 0
def main():
parser = argparse.ArgumentParser()
parser.add_argument("-l", "--listen",
help="the IP of the interface which the proxy listened on")
parser.add_argument("-p", "--port", type=int,
help="the port of the interface which the proxy listened on")
parser.add_argument("-6", "--ipv6", help="use ipv6", action="store_true")
parser.add_argument("-v", "--verbosity", help="increase output verbosity(-vv is recommended)",
action="count")
parser.add_argument("-g", "--group", help="group http request/response by connection",
action="store_true")
parser.add_argument("-o", "--output", help="output to file instead of stdout")
parser.add_argument("-e", "--encoding", help="decode the data use specified encodings.")
parser.add_argument("-b", "--beauty", help="output json in a pretty way.", action="store_true")
args = parser.parse_args()
setting = {"IPv6": args.ipv6}
if args.listen:
setting["host"] = args.listen
if args.port:
setting["port"] = args.port
if args.output:
setting["output"] = args.output
# output config
parse_config = config.get_config()
if args.verbosity:
parse_config.level = args.verbosity
if args.encoding:
parse_config.encoding = args.encoding
parse_config.pretty = args.beauty
parse_config.group = args.group
start_server(**setting)
def on_http_resp(self, resp_header, resp_body):
"""
:type resp_header: HttpResponseHeader
:type resp_body: bytes
"""
if self.parse_config.level == OutputLevel.ONLY_URL:
self._println(resp_header.status_line)
elif self.parse_config.level == OutputLevel.HEADER:
self._println(resp_header.raw_data)
self._println()
elif self.parse_config.level >= OutputLevel.TEXT_BODY:
self._println(resp_header.raw_data)
self._println()
mime, charset = utils.parse_content_type(resp_header.content_type)
# usually charset is not set in http post
output_body = self._if_output(mime)
if self.parse_config.encoding and not charset:
charset = self.parse_config.encoding
if not resp_header.gzip:
# if is gzip by content magic header
# someone missed the content-encoding header
resp_header.gzip = utils.gzipped(resp_body)
if output_body:
self._print_body(resp_body, resp_header.gzip, mime, charset)
self._println()
if not config.get_config().group:
self._do_output()
def on_http_resp(self, resp_header, resp_body):
"""
:type resp_header: HttpResponseHeader
:type resp_body: bytes
"""
if self.parse_config.level == OutputLevel.ONLY_URL:
self._println(resp_header.status_line)
elif self.parse_config.level == OutputLevel.HEADER:
self._println(resp_header.raw_data)
self._println()
elif self.parse_config.level >= OutputLevel.TEXT_BODY:
self._println(resp_header.raw_data)
self._println()
mime, charset = utils.parse_content_type(resp_header.content_type)
# usually charset is not set in http post
output_body = self._if_output(mime)
if self.parse_config.encoding and not charset:
charset = self.parse_config.encoding
if not resp_header.gzip:
# if is gzip by content magic header
# someone missed the content-encoding header
resp_header.gzip = utils.gzipped(resp_body)
if output_body:
self._print_body(resp_body, resp_header.gzip, mime, charset)
self._println()
if not config.get_config().group:
self._do_output()
def main():
config.init()
c = config.get_config()
maps = {'http': handle_http, 'info': handle_info, 'tcp': handle_tcp}
handle = maps.get(c.args.target)
if handle:
handle(c)
def main():
parser = argparse.ArgumentParser()
parser.add_argument("infile", nargs='?', help="the pcap file to parse")
parser.add_argument("-i", "--ip", help="only parse packages with specified source OR dest ip")
parser.add_argument("-p", "--port", type=int,
help="only parse packages with specified source OR dest port")
parser.add_argument("-v", "--verbosity", help="increase output verbosity(-vv is recommended)",
action="count")
parser.add_argument("-g", "--group", help="group http request/response by connection",
action="store_true")
parser.add_argument("-o", "--output", help="output to file instead of stdout")
parser.add_argument("-e", "--encoding", help="decode the data use specified encodings.")
parser.add_argument("-b", "--beauty", help="output json in a pretty way.", action="store_true")
parser.add_argument("-d", "--domain", help="filter http data by request domain")
parser.add_argument("-u", "--uri", help="filter http data by request uri pattern")
args = parser.parse_args()
file_path = "-" if args.infile is None else args.infile
_filter = config.get_filter()
_filter.ip = args.ip
_filter.port = args.port
_filter.domain = args.domain
_filter.uri_pattern = args.uri
# deal with configs
parse_config = config.get_config()
if args.verbosity:
parse_config.level = args.verbosity
if args.encoding:
parse_config.encoding = args.encoding
parse_config.pretty = args.beauty
parse_config.group = args.group
if args.output:
output_file = open(args.output, "w+")
else:
output_file = sys.stdout
config.out = output_file
conn_dict = OrderedDict()
try:
if file_path != '-':
infile = io.open(file_path, "rb")
else:
infile = sys.stdin
try:
pcap_file(conn_dict, infile)
finally:
infile.close()
finally:
for conn in conn_dict.values():
conn.finish()
if args.output:
output_file.close()
def handle_http(c):
def printheaders(headers):
l = 0
for k in headers.keys():
if l < len(k):
l = len(k)
for k, v in headers.items():
utils.print(k.ljust(l))
utils.print(': ')
utils.print(v)
utils.print('\n')
filter = config.get_filter()
level = config.get_config().level
for tcpcon in get_tcpconn(c.infile):
if filter.index != None and tcpcon.index not in filter.index:
continue
if not (filter.by_con_tuple(tcpcon.con_tuple)):
continue
http = HttpParser(tcpcon)
if not http.msgs:
continue
tcp = http.tcp
tcp_msg = "\033[31;2m%s [%s:%d] -- -- --> [%s:%d]\033[0m\n" % \
(tcp.index, tcp.con_tuple[0], tcp.con_tuple[1],
tcp.con_tuple[2], tcp.con_tuple[3])
utils.print(tcp_msg)
if level == OutputLevel.ONLY_URL:
for msg in http.msgs:
if msg.is_request:
utils.print(msg.reqline["method"] + ' ' + msg.URI())
utils.print('\n')
else:
for i, msg in enumerate(http.msgs):
if msg.is_request and i != 0:
utils.print('\033[31;2m')
utils.print('-' * 80)
utils.print('\033[0m')
utils.print('\n')
utils.print(''.join(msg.raw_headers))
utils.print('\n')
if level == OutputLevel.ALL_BODY:
utils.print(msg.body.getvalue())
def main():
parser = argparse.ArgumentParser()
parser.add_argument(
"-l",
"--listen",
help="the IP of the interface which the proxy listened on")
parser.add_argument(
"-p",
"--port",
type=int,
help="the port of the interface which the proxy listened on")
parser.add_argument("-6", "--ipv6", help="use ipv6", action="store_true")
parser.add_argument("-v",
"--verbosity",
help="increase output verbosity(-vv is recommended)",
action="count")
parser.add_argument("-g",
"--group",
help="group http request/response by connection",
action="store_true")
parser.add_argument("-o",
"--output",
help="output to file instead of stdout")
parser.add_argument("-e",
"--encoding",
help="decode the data use specified encodings.")
parser.add_argument("-b",
"--beauty",
help="output json in a pretty way.",
action="store_true")
args = parser.parse_args()
setting = {"IPv6": args.ipv6}
if args.listen:
setting["host"] = args.listen
if args.port:
setting["port"] = args.port
if args.output:
setting["output"] = args.output
# output config
parse_config = config.get_config()
if args.verbosity:
parse_config.level = args.verbosity
if args.encoding:
parse_config.encoding = args.encoding
parse_config.pretty = args.beauty
parse_config.group = args.group
start_server(**setting)
def on_http_resp(self, resp_header, resp_body, orig_chunked_resp,
header_dict):
"""
:type resp_header: HttpResponseHeader
:type resp_body: bytes
"""
self.res_headerdict = header_dict
if self.parse_config.level == OutputLevel.ONLY_URL:
self._println(resp_header.status_line)
elif self.parse_config.level == OutputLevel.HEADER:
self._println(resp_header.raw_data)
self._println()
elif self.parse_config.level >= OutputLevel.TEXT_BODY:
self._println(resp_header.raw_data)
#self._println()
self.res_head = resp_header.raw_data
self.orig_chunked_resp = orig_chunked_resp
self.res_type = resp_header.content_type
self.res_len = resp_header.content_len
self.res_num = resp_header.status_line[resp_header.status_line.
find(' ') + 1:]
self.redirect_to = resp_header.redirect_to
self.filename = resp_header.filename
mime, charset = utils.parse_content_type(resp_header.content_type)
# usually charset is not set in http post
output_body = self._if_output(mime)
if self.parse_config.encoding and not charset:
charset = self.parse_config.encoding
if resp_header.compress == Compress.IDENTITY:
# if is gzip by content magic header
# someone missed the content-encoding header
if utils.gzipped(resp_body):
resp_header.compress = Compress.GZIP
if output_body:
self._print_body(resp_body, resp_header.compress, mime,
charset)
#self._println()
self.orig_resp = resp_body
if self.res_body == b"":
self.res_body = resp_body
if (self.res_body is not None) and (len(self.res_body) >
0) and (self.res_len == 0):
self.res_len = len(self.res_body)
if not config.get_config().group:
self._do_output()
def __init__(self, client_host, remote_host):
self.parse_config = config.get_config()
self.buf = StringIO()
self.client_host = client_host
self.remote_host = remote_host
self.uri = ""
self.req_head = ""
self.res_body = ""
self.orig_resp = ""
self.res_head = ""
self.res_num = ""
self.res_type = ""
self.host = ""
self.referer = ""
self.filename = ""
self.res_len = ""
def __init__(self, client_host, remote_host):
self.parse_config = config.get_config()
self.buf = StringIO()
self.client_host = client_host
self.remote_host = remote_host
self.uri = ""
self.req_head = ""
self.res_body = ""
self.orig_resp = ""
self.res_head = ""
self.res_num = ""
self.res_type = ""
self.host = ""
self.referer = ""
self.filename = ""
self.res_len = ""
def on_http_resp(self, resp_header, resp_body, orig_chunked_resp, header_dict):
"""
:type resp_header: HttpResponseHeader
:type resp_body: bytes
"""
self.res_headerdict = header_dict
if self.parse_config.level == OutputLevel.ONLY_URL:
self._println(resp_header.status_line)
elif self.parse_config.level == OutputLevel.HEADER:
self._println(resp_header.raw_data)
self._println()
elif self.parse_config.level >= OutputLevel.TEXT_BODY:
self._println(resp_header.raw_data)
#self._println()
self.res_head = resp_header.raw_data
self.orig_chunked_resp = orig_chunked_resp
self.res_type = resp_header.content_type
self.res_len = resp_header.content_len
self.res_num = resp_header.status_line[resp_header.status_line.find(' ') + 1:]
self.redirect_to = resp_header.redirect_to
self.filename = resp_header.filename
mime, charset = utils.parse_content_type(resp_header.content_type)
# usually charset is not set in http post
output_body = self._if_output(mime)
if self.parse_config.encoding and not charset:
charset = self.parse_config.encoding
if resp_header.compress == Compress.IDENTITY:
# if is gzip by content magic header
# someone missed the content-encoding header
if utils.gzipped(resp_body):
resp_header.compress = Compress.GZIP
if output_body:
self._print_body(resp_body, resp_header.compress, mime, charset)
#self._println()
self.orig_resp = resp_body
if self.res_body == b"":
self.res_body = resp_body
if (self.res_body is not None) and (len(self.res_body) > 0) and (self.res_len == 0):
self.res_len = len(self.res_body)
if not config.get_config().group:
self._do_output()
def main():
parser = argparse.ArgumentParser()
parser.add_argument("infile", nargs='?', help="the pcap file to parse")
parser.add_argument(
"-i",
"--ip",
help="only parse packages with specified source OR dest ip")
parser.add_argument(
"-p",
"--port",
type=int,
help="only parse packages with specified source OR dest port")
parser.add_argument("-v",
"--verbosity",
help="increase output verbosity(-vv is recommended)",
action="count")
parser.add_argument("-g",
"--group",
help="group http request/response by connection",
action="store_true")
parser.add_argument("-o",
"--output",
help="output to file instead of stdout")
parser.add_argument("-e",
"--encoding",
help="decode the data use specified encodings.")
parser.add_argument("-b",
"--beauty",
help="output json in a pretty way.",
action="store_true")
parser.add_argument("-d",
"--domain",
help="filter http data by request domain")
parser.add_argument("-u",
"--uri",
help="filter http data by request uri pattern")
args = parser.parse_args()
file_path = "-" if args.infile is None else args.infile
_filter = config.get_filter()
_filter.ip = args.ip
_filter.port = args.port
_filter.domain = args.domain
_filter.uri_pattern = args.uri
# deal with configs
parse_config = config.get_config()
if args.verbosity:
parse_config.level = args.verbosity
if args.encoding:
parse_config.encoding = args.encoding
parse_config.pretty = args.beauty
parse_config.group = args.group
if args.output:
output_file = open(args.output, "w+")
else:
output_file = sys.stdout
config.out = output_file
try:
if file_path != '-':
infile = io.open(file_path, "rb")
else:
infile = sys.stdin
try:
parse_pcap_file(infile)
finally:
infile.close()
finally:
if args.output:
output_file.close()
def __init__(self, client_host, remote_host):
self.parse_config = config.get_config()
self.buf = StringIO()
self.client_host = client_host
self.remote_host = remote_host
def __init__(self, client_host, remote_host):
self.parse_config = config.get_config()
self.buf = StringIO()
self.client_host = client_host
self.remote_host = remote_host
