Exemple #1
0
  def processProxyMessage(self,messageIsRequest,message):
    request_http_service=message.getMessageInfo().getHttpService()
    request_byte_array=message.getMessageInfo().getRequest()
    request_object=self._helpers.analyzeRequest(request_http_service, request_byte_array)

    #Extract hostname from header
    hostname=webcommon.get_host_header_from_request(self,request_object)

    #Check if the URL is NOT in scope. We want to look at referers for the requests that are made to OTHER domains.
    if (hostname) and (hostname[1] not in urls_in_scope):
      #Extract referer from header
      referer=webcommon.get_referer_header_from_request(self,request_object)
      if referer:
        t1=referer[1].split('/')
        if t1[2] in urls_in_scope:
          print referer[1]
Exemple #2
0
  def detect_valid_referer(self,messageIsRequest,message):
    #Only process requests as that's where the valid Referer should be 
    request_http_service=message.getMessageInfo().getHttpService()
    request_byte_array=message.getMessageInfo().getRequest()
    requestInfo=self._helpers.analyzeRequest(request_http_service, request_byte_array)
    request_url=requestInfo.getUrl()

    if messageIsRequest:
      #Extract hostname from header
      hostname=webcommon.get_host_header_from_request(self,requestInfo)

      #Check if the URL is in scope. This is to eliminate stray traffic.
      if hostname and hostname[1] in urls_in_scope:
        #Extract referer. If it's not a referer from the same site - print it out and let the engineer decide if it is unsafe.
        referer=webcommon.get_referer_header_from_request(self,requestInfo)
        if not referer[1].startswith(referer_header_value):
          print str(request_url)+'\t\t'+str(referer[1])