def send_verify(self, cert, cbhostname, cvr): conn = SingleTrustHTTPS(cert, cbhostname, 443) conn.request("POST", "/verifyCert.jsp", MessageList.getBytesForMessage(cvr)) response = conn.getresponse() if response.status != 200: print( "Failed to verify certificate. Received HTTP error code: %d" % (response.status)) return content = response.read() ml = MessageList(content) if not MessageUtils.verify(ml, cert): print("Error: Returned MessageList failed to verify.") return None # Return CertVerifyRes. TODO: Use PIP, timestamp message and # other stuff. This requeres some restructuring of the PyHunter code. ret = None for msg in ml.allMessages(): if msg.getType() == messageTypes["CERT_VERIFY_RESULT"]: ret = msg if ret == None: print( "Error: CertificateVerifyRequest response did not contain a CertificateVerifyResponse!" ) return ret
def fetch(self): """ Fetch the current list of Hunting Tasks from the Crossbear server. To this end, connect via TLS and verify if the received server certificate is the one we have stored for Crossbear. """ # Open HTTPs connection to Crossbear server conn = SingleTrustHTTPS(self.servCert, self.servHost, self.servPort) # Now request the current hunting task list conn.request("GET", "/getHuntingTaskList.jsp") resp = conn.getresponse() ml = MessageList(resp.read()) if (MessageUtils.verify(ml, self.servCert)): return ml else: print "Message verification failed." return None
def send_verify(self, cert, cbhostname, cvr): conn = SingleTrustHTTPS(cert, cbhostname, 443) conn.request("POST", "/verifyCert.jsp", MessageList.getBytesForMessage(cvr)) response = conn.getresponse() if response.status != 200: print("Failed to verify certificate. Received HTTP error code: %d" % (response.status)) return content = response.read() ml = MessageList(content) if not MessageUtils.verify(ml, cert): print("Error: Returned MessageList failed to verify.") return None # Return CertVerifyRes. TODO: Use PIP, timestamp message and # other stuff. This requeres some restructuring of the PyHunter code. ret = None for msg in ml.allMessages(): if msg.getType() == messageTypes["CERT_VERIFY_RESULT"]: ret = msg if ret == None: print("Error: CertificateVerifyRequest response did not contain a CertificateVerifyResponse!") return ret