def taste(tcp):
((src, sport), (dst, dport)) = tcp.addr
if len(tcp.module_data['options']['ports']):
ports = tcp.module_data['options']['ports']
if sport not in ports and dport not in ports:
return False
if tcp.module_data['options']['verbose']:
chop.tsprnt("New session: %s:%s->%s:%s" % (src, sport, dst, dport))
tcp.stream_data['htpy_obj'] = {
'options': tcp.module_data['options'],
'timestamp': None,
'temp': {},
'transaction': {},
'lines': Queue.Queue(),
'ready': False,
'flowStart': tcp.timestamp
}
tcp.stream_data['connparser'] = htpy.init()
tcp.stream_data['connparser'].set_obj(tcp.stream_data['htpy_obj'])
tcp.stream_data['connparser'].register_log(log)
tcp.stream_data['connparser'].register_request_headers(request_headers)
tcp.stream_data['connparser'].register_response_headers(response_headers)
tcp.stream_data['connparser'].register_request_body_data(request_body)
tcp.stream_data['connparser'].register_response_body_data(response_body)
tcp.stream_data['connparser'].register_request_complete(request_complete)
tcp.stream_data['connparser'].register_response_complete(response_complete)
return True
def taste(tcp):
((src, sport), (dst, dport)) = tcp.addr
if len(tcp.module_data['options']['ports']):
ports = tcp.module_data['options']['ports']
if sport not in ports and dport not in ports:
return False
if tcp.module_data['options']['verbose']:
chop.tsprnt("New session: %s:%s->%s:%s" % (src, sport, dst, dport))
tcp.stream_data['htpy_obj'] = {
'options': tcp.module_data['options'],
'timestamp': None,
'temp': {},
'transaction': {},
'lines': Queue.Queue(),
'ready': False,
'flowStart': tcp.timestamp
}
tcp.stream_data['connparser'] = htpy.init()
tcp.stream_data['connparser'].set_obj(tcp.stream_data['htpy_obj'])
tcp.stream_data['connparser'].register_log(log)
tcp.stream_data['connparser'].register_request_headers(request_headers)
tcp.stream_data['connparser'].register_response_headers(response_headers)
tcp.stream_data['connparser'].register_request_body_data(request_body)
tcp.stream_data['connparser'].register_response_body_data(response_body)
tcp.stream_data['connparser'].register_request_complete(request_complete)
tcp.stream_data['connparser'].register_response_complete(response_complete)
return True
def register_connparser():
connparser = htpy.init()
connparser.register_log(log)
connparser.register_request_headers(request_headers)
connparser.register_response_headers(response_headers)
connparser.register_request_body_data(request_body)
connparser.register_response_body_data(response_body)
connparser.register_request_complete(request_complete)
connparser.register_response_complete(response_complete)
return connparser
def register_connparser():
connparser = htpy.init()
connparser.register_log(log)
connparser.register_request_headers(request_headers)
connparser.register_response_headers(response_headers)
connparser.register_request_body_data(request_body)
connparser.register_response_body_data(response_body)
connparser.register_request_complete(request_complete)
connparser.register_response_complete(response_complete)
return connparser
def register_connparser(options):
connparser = htpy.init()
if options['disable-decompression']:
try:
connparser.cfg.response_decompression = 0
except AttributeError as e:
# Errors should have been checked in in the init
# so this should be unnecessary
pass
connparser.register_log(log)
connparser.register_request_headers(request_headers)
connparser.register_response_headers(response_headers)
connparser.register_request_body_data(request_body)
connparser.register_response_body_data(response_body)
connparser.register_request_complete(request_complete)
connparser.register_response_complete(response_complete)
return connparser
def register_connparser(options):
connparser = htpy.init()
if options['disable-decompression']:
try:
connparser.cfg.response_decompression = 0
except AttributeError as e:
# Errors should have been checked in in the init
# so this should be unnecessary
pass
connparser.register_log(log)
connparser.register_request_headers(request_headers)
connparser.register_response_headers(response_headers)
connparser.register_request_body_data(request_body)
connparser.register_response_body_data(response_body)
connparser.register_request_complete(request_complete)
connparser.register_response_complete(response_complete)
return connparser
def taste(tcp):
((src, sport), (dst, dport)) = tcp.addr
if sport != 80 and dport != 80:
return False
tcp.stream_data['cp'] = htpy.init()
tcp.stream_data['cp'].set_obj({'stream_data': tcp.stream_data, 'module_data': tcp.module_data})
tcp.stream_data['cp'].register_log(log)
tcp.stream_data['cp'].register_request_headers(request_headers)
tcp.stream_data['cp'].register_response_headers(response_headers)
if 'blen' in tcp.module_data:
tcp.stream_data['cp'].register_request_body_data(request_body)
tcp.stream_data['cp'].register_response_body_data(response_body)
tcp.stream_data['d'] = {
'timestamp': packet_timedate(tcp.timestamp),
'src': src,
'sport': sport,
'dst': dst,
'dport': dport,
}
return True
def taste(tcp):
((src, sport), (dst, dport)) = tcp.addr
if sport != 80 and dport != 80:
return False
if tcp.module_data['verbose']:
chop.tsprnt("New session: %s:%s->%s:%s" % (src, sport, dst, dport))
d = {
'timestamp': packet_timedate(tcp.timestamp),
'src': src,
'sport': sport,
'dst': dst,
'dport': dport,
}
tcp.stream_data['cp'] = htpy.init()
tcp.stream_data['cp'].set_obj({'module_data': tcp.module_data, 'd': d})
tcp.stream_data['cp'].register_log(log)
tcp.stream_data['cp'].register_request_headers(request_headers)
tcp.stream_data['cp'].register_response_headers(response_headers)
if 'blen' in tcp.module_data:
tcp.stream_data['cp'].register_request_body_data(request_body)
tcp.stream_data['cp'].register_response_body_data(response_body)
return True
def taste(tcp):
((src, sport), (dst, dport)) = tcp.addr
if sport != 80 and dport != 80:
return False
if tcp.module_data['verbose']:
chop.tsprnt("New session: %s:%s->%s:%s" % (src, sport, dst, dport))
d = {
'timestamp': packet_timedate(tcp.timestamp),
'src': src,
'sport': sport,
'dst': dst,
'dport': dport,
}
tcp.stream_data['cp'] = htpy.init()
tcp.stream_data['cp'].set_obj({'module_data': tcp.module_data, 'd': d})
tcp.stream_data['cp'].register_log(log)
tcp.stream_data['cp'].register_request_headers(request_headers)
tcp.stream_data['cp'].register_response_headers(response_headers)
if 'blen' in tcp.module_data:
tcp.stream_data['cp'].register_request_body_data(request_body)
tcp.stream_data['cp'].register_response_body_data(response_body)
return True
def init(module_data):
module_options = {'proto': [{'tcp': 'http'},
{'sslim': 'http'}]}
parser = OptionParser()
parser.add_option("-v", "--verbose", action="store_true", dest="verbose",
default=False, help=("Be verbose about incoming "
"packets and errors"))
parser.add_option("-b", "--no-body", action="store_true", dest="nobody",
default=False, help="Do not store http bodies")
parser.add_option("-s", "--suppress", action="store_true", dest="suppress",
default=False, help="Suppress htpy log output")
parser.add_option("-l", "--length", action="store", dest="length",
type="int", default=5242880,
help=("Maximum length of bodies in bytes (Default: "
"5MB, set to 0 to process all body data)"))
parser.add_option("-a", "--hash-function", action="store",
dest="hash_function", default="md5",
help=("Hash Function to use on bodies (default 'md5', "
"available: 'sha1', 'sha256', 'sha512')"))
parser.add_option("-p", "--ports", action="store", dest="ports",
default="80",
help=("List of ports to check comma separated, e.g., "
"\"80,8080\", pass an empty string \"\" to scan "
"all ports (default '80')"))
parser.add_option("-c", "--disable-decompression", action="store_true",
default=False, dest="disable_decompression",
help=("Disable decompression of response bodies"))
parser.add_option("-B", "--beast", action="store_false", dest="beast",
default=True,
help=("By default, this module attempts to account for "
"beast mitigations, i.e., the 1/n-1 traffic "
"pattern, which seems to cause issues with "
"body reconstruction. Settings this flag "
"disables that action"))
(options, lo) = parser.parse_args(module_data['args'])
if options.disable_decompression:
try:
parser = htpy.init()
parser.cfg.response_decompression = 1
except AttributeError as e:
module_options['error'] = \
("Version of htpy installed does not support disabling "
"decompression. Please upgrade htpy or do not use the "
"'-c/--disable-decompression' option")
return module_options
except Exception as e:
module_options['error'] = ("Unknown error attempting to test htpy")
return module_options
global __hash_function__
if options.hash_function == 'sha1':
__hash_function__ = hashlib.sha1
elif options.hash_function == 'sha256':
__hash_function__ = hashlib.sha256
elif options.hash_function == 'sha512':
__hash_function__ = hashlib.sha512
else:
options.hash_function = 'md5'
__hash_function__ = hashlib.md5
if options.ports == '':
ports = []
else:
ports = options.ports.split(",")
try: # This will except if ports is empty or malformed
ports = [int(port) for port in ports]
except Exception as e:
module_options['error'] = \
"Malformed port list '%s'" % (options.ports)
return module_options
module_data['counter'] = 0
module_data['options'] = {'verbose': options.verbose,
'suppress': options.suppress,
'no-body': options.nobody,
'length': options.length,
'hash_function': options.hash_function,
'beast': options.beast,
'disable-decompression':
options.disable_decompression,
'ports': ports}
return module_options
def init(module_data):
module_options = {'proto': [{'tcp': 'http'}, {'sslim': 'http'}]}
parser = OptionParser()
parser.add_option("-v",
"--verbose",
action="store_true",
dest="verbose",
default=False,
help=("Be verbose about incoming "
"packets and errors"))
parser.add_option("-b",
"--no-body",
action="store_true",
dest="nobody",
default=False,
help="Do not store http bodies")
parser.add_option("-s",
"--suppress",
action="store_true",
dest="suppress",
default=False,
help="Suppress htpy log output")
parser.add_option("-l",
"--length",
action="store",
dest="length",
type="int",
default=5242880,
help=("Maximum length of bodies in bytes (Default: "
"5MB, set to 0 to process all body data)"))
parser.add_option("-a",
"--hash-function",
action="store",
dest="hash_function",
default="md5",
help=("Hash Function to use on bodies (default 'md5', "
"available: 'sha1', 'sha256', 'sha512')"))
parser.add_option("-p",
"--ports",
action="store",
dest="ports",
default="80",
help=("List of ports to check comma separated, e.g., "
"\"80,8080\", pass an empty string \"\" to scan "
"all ports (default '80')"))
parser.add_option("-c",
"--disable-decompression",
action="store_true",
default=False,
dest="disable_decompression",
help=("Disable decompression of response bodies"))
parser.add_option("-B",
"--beast",
action="store_false",
dest="beast",
default=True,
help=("By default, this module attempts to account for "
"beast mitigations, i.e., the 1/n-1 traffic "
"pattern, which seems to cause issues with "
"body reconstruction. Settings this flag "
"disables that action"))
(options, lo) = parser.parse_args(module_data['args'])
if options.disable_decompression:
try:
parser = htpy.init()
parser.cfg.response_decompression = 1
except AttributeError as e:
module_options['error'] = \
("Version of htpy installed does not support disabling "
"decompression. Please upgrade htpy or do not use the "
"'-c/--disable-decompression' option")
return module_options
except Exception as e:
module_options['error'] = ("Unknown error attempting to test htpy")
return module_options
global __hash_function__
if options.hash_function == 'sha1':
__hash_function__ = hashlib.sha1
elif options.hash_function == 'sha256':
__hash_function__ = hashlib.sha256
elif options.hash_function == 'sha512':
__hash_function__ = hashlib.sha512
else:
options.hash_function = 'md5'
__hash_function__ = hashlib.md5
if options.ports == '':
ports = []
else:
ports = options.ports.split(",")
try: # This will except if ports is empty or malformed
ports = [int(port) for port in ports]
except Exception as e:
module_options['error'] = \
"Malformed port list '%s'" % (options.ports)
return module_options
module_data['counter'] = 0
module_data['options'] = {
'verbose': options.verbose,
'suppress': options.suppress,
'no-body': options.nobody,
'length': options.length,
'hash_function': options.hash_function,
'beast': options.beast,
'disable-decompression': options.disable_decompression,
'ports': ports
}
return module_options
print(uri["path"])
return htpy.HTP_OK
def request_headers_callback(cp):
host = cp.get_request_header("Host")
if host:
print(host)
return htpy.HTP_OK
def request_body_data_callback(data, length):
if not data is None:
print(data)
return htpy.HTP_OK
def request_complete_callback(cp):
print("Request complete.")
print(cp.get_all_request_headers())
return htpy.HTP_OK
print(htpy.HTPY_VERSION)
cp = htpy.init()
cp.register_request_uri_normalize(uri_callback)
cp.register_request_headers(request_headers_callback)
cp.register_request_body_data(request_body_data_callback)
cp.register_request_complete(request_complete_callback)
with open("request.txt", "rb") as f:
req = f.read()
cp.req_data(req)
