def send_verify(self, cert, cbhostname, cvr): conn = SingleTrustHTTPS(cert, cbhostname, 443) conn.request("POST", "/verifyCert.jsp", MessageList.getBytesForMessage(cvr)) response = conn.getresponse() if response.status != 200: print( "Failed to verify certificate. Received HTTP error code: %d" % (response.status)) return content = response.read() ml = MessageList(content) if not MessageUtils.verify(ml, cert): print("Error: Returned MessageList failed to verify.") return None # Return CertVerifyRes. TODO: Use PIP, timestamp message and # other stuff. This requeres some restructuring of the PyHunter code. ret = None for msg in ml.allMessages(): if msg.getType() == messageTypes["CERT_VERIFY_RESULT"]: ret = msg if ret == None: print( "Error: CertificateVerifyRequest response did not contain a CertificateVerifyResponse!" ) return ret
def get_hosts(self): conn = SingleTrustHTTPS(self.cert, self.cbhostname, 443) url = self.protector_url + "?" + urllib.urlencode({"country": self.protector_country}) conn.request("GET", url) response = conn.getresponse() if response.status != 200: print("Error retrieving list of observation URLs from %s/%s: Error %d, %s" % (self.cbhostname, url, response.status, response.reason)) return content = response.read() return [x.strip() for x in re.split(" |\n", content.strip())]
def get_hosts(self): conn = SingleTrustHTTPS(self.cert, self.cbhostname, 443) url = self.protector_url + "?" + urllib.urlencode( {"country": self.protector_country}) conn.request("GET", url) response = conn.getresponse() if response.status != 200: print( "Error retrieving list of observation URLs from %s/%s: Error %d, %s" % (self.cbhostname, url, response.status, response.reason)) return content = response.read() return [x.strip() for x in re.split(" |\n", content.strip())]
def fetch(self): """ Fetch the current list of Hunting Tasks from the Crossbear server. To this end, connect via TLS and verify if the received server certificate is the one we have stored for Crossbear. """ # Open HTTPs connection to Crossbear server conn = SingleTrustHTTPS(self.servCert, self.servHost, self.servPort) # Now request the current hunting task list conn.request("GET", "/getHuntingTaskList.jsp") resp = conn.getresponse() ml = MessageList(resp.read()) if (MessageUtils.verify(ml, self.servCert)): return ml else: print "Message verification failed." return None
def send_result(self, ht): """sends the results to the CB server""" conn = SingleTrustHTTPS(self.cbServerCert, self.cbServerHostName, 443) conn.request("POST", "/reportHTResults.jsp", MessageList.getBytesForMessage(ht)) response = conn.getresponse() if response.status != 200: print "Error submitting hunting task results. Error code: %s, %s" % ( response.status, response.reason) conn.close()
def send_verify(self, cert, cbhostname, cvr): conn = SingleTrustHTTPS(cert, cbhostname, 443) conn.request("POST", "/verifyCert.jsp", MessageList.getBytesForMessage(cvr)) response = conn.getresponse() if response.status != 200: print("Failed to verify certificate. Received HTTP error code: %d" % (response.status)) return content = response.read() ml = MessageList(content) if not MessageUtils.verify(ml, cert): print("Error: Returned MessageList failed to verify.") return None # Return CertVerifyRes. TODO: Use PIP, timestamp message and # other stuff. This requeres some restructuring of the PyHunter code. ret = None for msg in ml.allMessages(): if msg.getType() == messageTypes["CERT_VERIFY_RESULT"]: ret = msg if ret == None: print("Error: CertificateVerifyRequest response did not contain a CertificateVerifyResponse!") return ret
def send_result(self, ht): """sends the results to the CB server""" conn = SingleTrustHTTPS(self.cbServerCert, self.cbServerHostName, 443) conn.request("POST", "/reportHTResults.jsp", MessageList.getBytesForMessage(ht)) response = conn.getresponse() if response.status != 200: print "Error submitting hunting task results. Error code: %s, %s" % (response.status, response.reason) conn.close()
self.hostname = hostname self.ip = ip self.port = port def getBytes(self): certstring = "".join(self.certchain) hoststring = "%s|%s|%s" % (self.hostname, self.ip, self.port) formatstring = ">BB%ds%ds" % (len(certstring), len(hoststring)) return pack(formatstring, self.options, len(self.certchain), certstring, hoststring) if __name__ == "__main__": import cbutils.CertUtils import cbmessaging.MessageList from cbutils.SingleTrustHTTPS import SingleTrustHTTPS c = cbutils.CertUtils.get_chain("www.google.de", 443) req = CertVerifyReq() req.createFromValues(0, c, "www.google.de", "173.194.44.56", 443) print(len(c)) b = cbmessaging.MessageList.MessageList.getBytesForMessage(req) with open("message.bin", "w") as f: f.write(b) conn = SingleTrustHTTPS("../cbserver.crt", "crossbear.net.in.tum.de", 443) conn.request("POST", "/verifyCert.jsp", b) response = conn.getresponse() content = response.read() ml = cbmessaging.MessageList.MessageList(content) for msg in ml.allMessages(): print msg.type_name
Message.createFromValues(self, messageTypes['CERT_VERIFY_REQUEST'], 4 + chainlength + len(hostname) + len(ip) + len(str(port))) self.options = options self.hostname = hostname self.ip = ip self.port = port def getBytes(self): certstring = "".join(self.certchain) hoststring = "%s|%s|%s" % (self.hostname, self.ip, self.port) formatstring = ">BB%ds%ds" % (len(certstring), len(hoststring)) return pack(formatstring, self.options, len(self.certchain), certstring, hoststring) if __name__ == "__main__": import cbutils.CertUtils import cbmessaging.MessageList from cbutils.SingleTrustHTTPS import SingleTrustHTTPS c = cbutils.CertUtils.get_chain("www.google.de", 443) req = CertVerifyReq() req.createFromValues(0, c, "www.google.de", "173.194.44.56", 443) print(len(c)) b = cbmessaging.MessageList.MessageList.getBytesForMessage(req) with open("message.bin", "w") as f: f.write(b) conn = SingleTrustHTTPS("../cbserver.crt", "crossbear.net.in.tum.de", 443) conn.request("POST", "/verifyCert.jsp", b) response = conn.getresponse() content = response.read() ml = cbmessaging.MessageList.MessageList(content) for msg in ml.allMessages(): print msg.type_name