def onSend(self, data): if self.connectHost: analysis.incrementData(self.address[0], domainAnalysisType.outgoing, self.connectHost, len(data)) if self.mode == "http" and not self.getSendPending(): if self.httpMessageParse.connection() != "keep-alive": self.close() else: self.httpMessageParse.clear()
def onRecv(self, data): self.preConnectRecvCache += data if self.mode == "proxy": if self.serverAuthPass and self.preConnectRecvCache: if self.connectHost: analysis.incrementData(self.address[0], domainAnalysisType.incoming, self.connectHost, len(self.preConnectRecvCache)) self.sendDataToSymmetryConnect(self.preConnectRecvCache) self.preConnectRecvCache = "" return if self.httpMessageParse.appendData(data): method = self.httpMessageParse.method() path = self.httpMessageParse.path() self.connectName = self.filenoStr() + " " + method + " " + path if not path.startswith("http://") and method in ["GET", "POST"]: path = path.split("?") self.onHTTP(self.httpMessageParse.headers, method, path[0], path[1] if len(path) > 1 else "", self.httpMessageParse.getBody() if method == "POST" else "") self.mode = "http" else: self.mode = "proxy" connect = localToRemoteConnectManger.getConnect() if path.find("status.dddproxy.com")>0: try: connect = None jsonMessage = self.httpMessageParse.getBody() jsonBody = json.loads(jsonMessage) connectList = localToRemoteConnectManger.getConnectHost(jsonBody["host"],jsonBody["port"]) if connectList: for _,v in connectList.items(): connect = v except: pass if connect: connect.addLocalRealConnect(self) else: self.close() self.connectHost = parserUrlAddrPort("https://" + path if method == "CONNECT" else path)[0] analysis.incrementData(self.address[0], domainAnalysisType.connect, self.connectHost, 1) else: pass
def onRecv(self, data): self.preConnectRecvCache += data if self.mode == "proxy": if not self.connectHost and self.socksMode and len( self.preConnectRecvCache) > 4: _d = self.preConnectRecvCache port = 0 version = "Socks5" setConnectHost = False if (_d[0] == "\x05"): if _d[3] == '\x01': self.connectHost = "%d.%d.%d.%d" % (ord( _d[4]), ord(_d[5]), ord(_d[6]), ord(_d[7])) port = ord(_d[8]) * 0x100 + ord(_d[9]) setConnectHost = True elif _d[3] == "\x03": hostendindex = 5 + ord(_d[4]) self.connectHost = _d[5:hostendindex] port = ord(_d[hostendindex]) * 0x100 + ord( _d[hostendindex + 1]) setConnectHost = True elif _d[0] == "\x04": if _d[1] == '\x01' or _d[1] == '\x02': self.connectHost = "%d.%d.%d.%d" % (ord( _d[4]), ord(_d[5]), ord(_d[6]), ord(_d[7])) version = "Socks4" if self.connectHost.startswith("0.0.0.") and ord( _d[7]) != 0: # socks4a splits = _d[8:].split("\x00") self.connectHost = splits[-2] version = "Socks4a" setConnectHost = True port = ord(_d[2]) * 0x100 + ord(_d[3]) if setConnectHost: analysis.incrementData(self.address[0], domainAnalysisType.connect, self.connectHost, 1) self.connectName = self.symmetryConnectManager.filenoStr( ) + " < " + self.filenoStr( ) + " " + version + ":" + self.connectHost + ":%d" % (port) if self.serverAuthPass and self.preConnectRecvCache: if self.connectHost: analysis.incrementData(self.address[0], domainAnalysisType.incoming, self.connectHost, len(self.preConnectRecvCache)) self.sendDataToSymmetryConnect(self.preConnectRecvCache) self.preConnectRecvCache = "" return if data[0] == '\x05' or data[0] == '\x04': # socks5 if data[1] == '\x02' or data[1] == '\x01': self.setToProxyMode() self.socksMode = True else: print "local >> ", len(data), binascii.b2a_hex(data) pass else: httpmessagedone = self.httpMessageParse.appendData(data) if self.httpMessageParse.headerOk() and httpmessagedone: method = self.httpMessageParse.method() path = self.httpMessageParse.path() self.connectName = self.filenoStr() + " " + method + " " + path if not path.startswith("http://") and method in [ "GET", "POST" ]: path = path.split("?") self.onHTTP( self.httpMessageParse.headers, method, path[0], path[1] if len(path) > 1 else "", self.httpMessageParse.getBody() if method == "POST" else "") self.mode = "http" else: host = None port = None if path.find("status.dddproxy.com") > 0: jsonMessage = self.httpMessageParse.getBody() try: jsonBody = json.loads(jsonMessage) except: jsonBody = {} host = jsonBody["host"] port = jsonBody["port"] if self.setToProxyMode(host=host, port=port): self.connectHost = parserUrlAddrPort( "https://" + path if method == "CONNECT" else path)[0] analysis.incrementData(self.address[0], domainAnalysisType.connect, self.connectHost, 1)