/
proxy.py
89 lines (81 loc) · 2.16 KB
/
proxy.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
#!/usr/bin/env python
import re, httplib, base64, sys, binascii
import cherryproxy
def is_SSH_req(string):
if string == None:
return False
try :
if 'OpenSSH_' in base64.b64decode(string):
return True
except:
pass
try :
if 'OpenSSH_' in base64.b32decode(string):
return True
except:
pass
try :
if 'OpenSSH_' in base64.b16decode(string):
return True
except:
pass
try :
if 'OpenSSH_' in binascii.a2b_uu(string):
return True
except:
pass
try :
if 'OpenSSH_' in binascii.a2b_base64(string):
return True
except:
pass
try :
if 'OpenSSH_' in binascii.a2b_qp(string):
return True
except:
pass
try :
if 'OpenSSH_' in binascii.a2b_hqx(string):
return True
except:
pass
try :
if 'OpenSSH_' in binascii.a2b_hex(string):
return True
except:
pass
try :
if 'OpenSSH_' in string:
return True
except:
pass
return False
class Proxy(cherryproxy.CherryProxy):
def denie(self):
self.set_response_forbidden(reason="how about no?")
def filter_request(self):
global __proxy__
if is_SSH_req(self.req.data):
print "Ai-je bien lu 'SSH' ?"
self.denie()
def filter_request_headers(self):
accepted = True
headers = self.req.headers.keys()
if not ('user-agent' in headers):
print "User-Agent vide ou incorrect !"
accepted = False
if not re.match('.*(\:[80])?', self.req.netloc):
print "Je suis un proxy web ! Tu m'entends ? WEB !"
accepted = False
if is_SSH_req(self.req.query):
print "Ai-je bien lu 'SSH' ?"
accepted = False
if not accepted:
self.denie()
def filter_response(self):
headers = dict(self.resp.headers)
if 'content-encoding' in headers.keys():
if not headers['content-encoding'] in self.req.headers['accept-encoding'].split(','):
print "Tu sais quoi ? Ton serveur t'as repondu de la merde !"
self.denie()
cherryproxy.main(Proxy)