def send_verify(self, cert, cbhostname, cvr): conn = SingleTrustHTTPS(cert, cbhostname, 443) conn.request("POST", "/verifyCert.jsp", MessageList.getBytesForMessage(cvr)) response = conn.getresponse() if response.status != 200: print( "Failed to verify certificate. Received HTTP error code: %d" % (response.status)) return content = response.read() ml = MessageList(content) if not MessageUtils.verify(ml, cert): print("Error: Returned MessageList failed to verify.") return None # Return CertVerifyRes. TODO: Use PIP, timestamp message and # other stuff. This requeres some restructuring of the PyHunter code. ret = None for msg in ml.allMessages(): if msg.getType() == messageTypes["CERT_VERIFY_RESULT"]: ret = msg if ret == None: print( "Error: CertificateVerifyRequest response did not contain a CertificateVerifyResponse!" ) return ret
def sendPublicIPR(self, ipv, pipReq): """ Sends the Public IP Notification Request. Arguments: ipv -- IP version, 4 or 6 (integer) pipReq -- the Public IP Notification Request (PipReq) Returns: content of request (requests.content) """ # Simplified - RH if ((ipv == 6 and self.serverIPv6 == None) or (ipv == 4 and self.serverIPv4 == None)): # TODO: log print "Couldn't connect to the crossbear server using IPv%d" % ipv return None # TODO: do we still need the try/catch? # Actually send via HTTP POST try: if ipv == 6: ips = "[%s]" % self.serverIPv6 else: ips = self.serverIPv4 # send using the Python requests module data = MessageList.getBytesForMessage(pipReq) r = requests.post(url="http://%s/getPublicIP.jsp" % ips, data=data) return r.content except IOError, e: # TODO Log usefully what happend print "Couldn't connect to the crossbear server using IPv%d" % ipv print e return None
def send_result(self, ht): """sends the results to the CB server""" conn = SingleTrustHTTPS(self.cbServerCert, self.cbServerHostName, 443) conn.request("POST", "/reportHTResults.jsp", MessageList.getBytesForMessage(ht)) response = conn.getresponse() if response.status != 200: print "Error submitting hunting task results. Error code: %s, %s" % (response.status, response.reason) conn.close()
def send_result(self, ht): """sends the results to the CB server""" conn = SingleTrustHTTPS(self.cbServerCert, self.cbServerHostName, 443) conn.request("POST", "/reportHTResults.jsp", MessageList.getBytesForMessage(ht)) response = conn.getresponse() if response.status != 200: print "Error submitting hunting task results. Error code: %s, %s" % ( response.status, response.reason) conn.close()
def send_verify(self, cert, cbhostname, cvr): conn = SingleTrustHTTPS(cert, cbhostname, 443) conn.request("POST", "/verifyCert.jsp", MessageList.getBytesForMessage(cvr)) response = conn.getresponse() if response.status != 200: print("Failed to verify certificate. Received HTTP error code: %d" % (response.status)) return content = response.read() ml = MessageList(content) if not MessageUtils.verify(ml, cert): print("Error: Returned MessageList failed to verify.") return None # Return CertVerifyRes. TODO: Use PIP, timestamp message and # other stuff. This requeres some restructuring of the PyHunter code. ret = None for msg in ml.allMessages(): if msg.getType() == messageTypes["CERT_VERIFY_RESULT"]: ret = msg if ret == None: print("Error: CertificateVerifyRequest response did not contain a CertificateVerifyResponse!") return ret
def fetch(self): """ Fetch the current list of Hunting Tasks from the Crossbear server. To this end, connect via TLS and verify if the received server certificate is the one we have stored for Crossbear. """ # Open HTTPs connection to Crossbear server conn = SingleTrustHTTPS(self.servCert, self.servHost, self.servPort) # Now request the current hunting task list conn.request("GET", "/getHuntingTaskList.jsp") resp = conn.getresponse() ml = MessageList(resp.read()) if (MessageUtils.verify(ml, self.servCert)): return ml else: print "Message verification failed." return None
def sendPublicIPR(self, ipv, pipReq): """ Sends the Public IP Notification Request. Arguments: ipv -- IP version, 4 or 6 (integer) pipReq -- the Public IP Notification Request (PipReq) Returns: content of request (requests.content) """ # Simplified - RH if ((ipv == 6 and self.serverIPv6 == None) or (ipv == 4 and self.serverIPv4 == None)): # TODO: log print "Couldn't connect to the crossbear server using IPv%d" % ipv return None # TODO: do we still need the try/catch? # Actually send via HTTP POST try: if ipv == 6: ips = "[%s]" % self.serverIPv6 else: ips = self.serverIPv4 # send using the Python requests module data = MessageList.getBytesForMessage(pipReq) r = requests.post(url = "http://%s/getPublicIP.jsp" % ips, data = data) return r.content except IOError, e: # TODO Log usefully what happend print "Couldn't connect to the crossbear server using IPv%d" % ipv print e return None