def request(flow: http.HTTPFlow) -> None: # pretty_host takes the "Host" header of the request into account, # which is useful in transparent mode where we usually only have the IP # otherwise. if flow.request.pretty_host == "base.micro.server.matocloud.com": ctx.log.error( ''' -------------------------------- \ ^__^ \ (oo)\_______ (__)\ )\/ ||----w | || || Time: %s Request:%s param:%s --------------------------------\n''' % (time.strftime('%Y.%m.%d %H:%M:%S', time.localtime( time.time())), flow.request, flow.request.text)) flow.request.host = "base.micro.server.matocloud.com" elif flow.request.pretty_host == "mitm.it": flow.request.host = "mitm.it" else: flow.kill()
def error(self, flow: http.HTTPFlow): """Kills the flow if it has an error different to HTTPSyntaxException. Sometimes, web scanners generate malformed HTTP syntax on purpose and we do not want to kill these requests. """ if flow.error is not None and not isinstance(flow.error, HttpSyntaxException): flow.kill()
def request(self, flow: http.HTTPFlow) -> None: # redirects all requests to api.github.com to local server (flask instance) if flow.request.host == "api.github.com": if val.get_type() != 'ConnectionError': flow.request.host = "gitty.local" else: val.pop_type() flow.kill()
def response(flow: http.HTTPFlow) -> None: print("RES|", flow.response) data = dict(request=flow.request, response=flow.response) zmq_socket.send_multipart((b"RES|", pickle.dumps(data))) _, action = zmq_socket.recv_multipart() if action == b'DROP': print("BACKCHAN killing response!") flow.kill()
def request(self, flow: HTTPFlow) -> None: """Route the request and set `X-Caller` and `X-Callee` headers.""" req = flow.request self._logger.debug("incoming request %s, headers: %s", req, req.headers) try: server_addr = req.headers["X-Server-Addr"] server_port = int(req.headers["X-Server-Port"]) remote_addr = req.headers["X-Remote-Addr"] node_name = self._node_names[remote_addr] if server_port == YAGNA_REST_PORT: # It's a provider agent calling a yagna daemon # Since we assume that the provider agent runs on the same container # as the provider daemon, we route this request to that container's # host-mapped daemon port req.host = "127.0.0.1" req.port = self._ports[remote_addr][server_port] req.headers[CALLER_HEADER] = f"{node_name}:agent" req.headers[CALLEE_HEADER] = f"{node_name}:daemon" elif HOST_REST_PORT_START <= server_port <= HOST_REST_PORT_END: # It's a requestor agent calling a yagna daemon. # We use localhost as the address together with the original port, # since each daemon has its API port mapped to a port on the host # chosen from the specified range. req.host = "127.0.0.1" req.port = server_port req.headers[CALLER_HEADER] = f"{node_name}:agent" req.headers[CALLEE_HEADER] = f"{node_name}:daemon" else: flow.kill() raise ValueError(f"Invalid server port: {server_port}") self._logger.debug( "Request from %s for %s:%d/%s routed to %s at %s:%d", # request caller: req.headers[CALLER_HEADER], # original host, port and path: server_addr, server_port, req.path, # request recipient: req.headers[CALLEE_HEADER], # rewritten host and port: req.host, req.port, ) except (KeyError, ValueError) as ex: self._logger.error("Invalid request: %s, error: %s", req, ex.args[0]) flow.kill() raise
def request(self, flow: http.HTTPFlow) -> None: if flow.response or flow.error or not flow.live: return for spec in self.items: if spec.matches(flow): flow.metadata['blocklisted'] = True if spec.status_code == NO_RESPONSE: flow.kill() else: flow.response = http.Response.make( spec.status_code, headers={"Server": version.MITMPROXY})
def request(flow: http.HTTPFlow) -> None: config = utils.readFile(CONFIG_FILE) method = flow.request.method url = flow.request.url if config is not None: for matchMethod in config: if matchMethod == method: for patternURL in config[matchMethod]: if re.match(patternURL, url) is not None: ctx.log.warn('>>> FOUND request to kill: ' + method + ' ' + url) flow.kill()
def request(self, f: http.HTTPFlow) -> None: if self.flowmap: rflow = self.next_flow(f) if rflow: assert rflow.response response = rflow.response.copy() if ctx.options.server_replay_refresh: response.refresh() f.response = response f.is_replay = "response" elif ctx.options.server_replay_kill_extra: ctx.log.warn( "server_playback: killed non-replay request {}".format( f.request.url)) f.kill()
def request(flow: http.HTTPFlow) -> None: if flow.request.method == "POST": address = flow.client_conn.address[0] ip = regex.sub(r'^.*:', '', address) host = flow.request.pretty_host ext = tldextract.extract(host) domain = ext.domain + "." + ext.suffix checkExpiration(ip, domain) cursor.execute( "SELECT RandToken, Credential, ExpiresAt FROM ProxySwaps WHERE Ip=? AND Domain=?", ip, domain) rows = cursor.fetchall() ctx.log.info(ip) ctx.log.info("ip: %s" % ip) for row in rows: ctx.log.info("row: %s" % row) form = flow.request.urlencoded_form if (form is not None): keys = form.keys() for key in keys: values = form.get_all(key) for row in rows: randToken = row[0] Credential = row[1] expiration = row[2] ctx.log.info(randToken) if (randToken and Credential): if randToken in values: if (expiration is None): form.set_all(key, [Credential]) expiration = datetime.now() + timedelta( minutes=1) expiration = expiration.strftime( '%Y-%m-%d %H:%M:%S.%f') cursor.execute( "UPDATE ProxySwaps SET ExpiresAt=? WHERE Ip=? AND Domain=? AND RandToken=?", expiration, ip, domain, randToken) cnxn.commit() ctx.log.info( 'ip: %s, domain: %s, token: %s, credential: %s' % (ip, domain, randToken, Credential)) else: flow.kill() ctx.log.info('request killed') else: for row in rows: randToken = row[0] Credential = row[1] if (randToken and Credential): flow.request.content = flow.request.content.replace( bytes(randToken, encoding='utf-8'), bytes(Credential, encoding='utf-8'))
def request(flow: http.HTTPFlow) -> None: ctx.log.info('{} {}'.format(flow.request.method, flow.request.url)) flow.kill()
def request(self, flow: http.HTTPFlow): request = flow.request url = request.pretty_url # ctx.log.info(request.get_text()) if "/api/sns/v1/followfeed/note" in url: # 关注页,页面数据 self.num = self.num + 1 ctx.log.info(request.get_text()) ctx.log.info(u"拉取关注页数据 %d 次" % self.num) #cdn host = request.host if "img.xiaohongshu.com" in host: flow.client_conn.connection.send(b'HTTP/1.1 403 Forbidden ...') flow.kill() if "img.xiaohongshu.com" in host: flow.client_conn.connection.send(b'HTTP/1.1 403 Forbidden ...') flow.kill() elif "qimg.xiaohongshu.com" in host: flow.kill() elif "apm-track.xiaohongshu.com" in host: flow.kill() # elif "ci.xiaohongshu.com" in host: # flow.response = http.HTTPResponse.make(404) if "sns-img-ws.xhscdn.com" in host: flow.client_conn.connection.send(b'HTTP/1.1 403 Forbidden ...') flow.kill() elif "sns-img-qc.xhscdn.com" in host: flow.client_conn.connection.send(b'HTTP/1.1 403 Forbidden ...') flow.kill() elif "v.xiaohongshu.com" in host: flow.client_conn.connection.send(b'HTTP/1.1 403 Forbidden ...') flow.kill() elif "sns-img-anim-qc.xhscdn.com" in host: flow.client_conn.connection.send(b'HTTP/1.1 403 Forbidden ...') flow.kill() elif "crash.xiaohongshu.com" in host: flow.client_conn.connection.send(b'HTTP/1.1 403 Forbidden ...') flow.kill() elif "ci.xiaohongshu.com" in host: flow.client_conn.connection.send(b'HTTP/1.1 403 Forbidden ...') flow.kill() elif "fp-it.fengkongcloud.com" in host: flow.client_conn.connection.send(b'HTTP/1.1 403 Forbidden ...') flow.kill() elif "119.29.29.29" in host: flow.client_conn.connection.send(b'HTTP/1.1 403 Forbidden ...') flow.kill() elif "sns-img-bd.xhscdn.com" in host: flow.client_conn.connection.send(b'HTTP/1.1 403 Forbidden ...') flow.kill() elif "sns-img-anim-bd.xhscdn.com" in host: flow.client_conn.connection.send(b'HTTP/1.1 403 Forbidden ...') flow.kill()