def websocket_handshake(flow: http.HTTPFlow):
if VERBOSE_LEVEL == 1:
print(colproto["WebSockets"] + " [{} -> {}]\t {}".format(
format_addr(flow.client_conn.address),
format_addr(flow.server_conn.address),
flow.request)
)
def request(flow: http.HTTPFlow):
if VERBOSE_LEVEL == 1:
if flow.server_conn.address:
print(colproto["HTTP"] + " [{} -> {}]\t {}".format(
format_addr(flow.client_conn.address),
format_addr(flow.server_conn.address),
flow.request)
)
def websocket_message(flow: websocket.WebSocketFlow):
message = flow.messages[-1]
if VERBOSE_LEVEL == 1:
print(colproto["WebSockets"] + " [{} -> {}]\t {}".format(
format_addr(flow.client_conn.address) if message.from_client else format_addr(flow.server_conn.address),
format_addr(flow.server_conn.address) if message.from_client else format_addr(flow.client_conn.address),
message)
)
def tcp_message(flow: tcp.TCPFlow):
message = flow.messages[-1]
if VERBOSE_LEVEL == 1:
print(colproto["TCP"] + " [{} -> {}]\t {}".format(
format_addr(flow.client_conn.address) if message.from_client else format_addr(flow.server_conn.address),
format_addr(flow.server_conn.address) if message.from_client else format_addr(flow.client_conn.address),
message)
)
def response(flow: http.HTTPFlow):
global packets_dump
global redis_queue
global redis_packet_queue
global redis_worker_queue
if flow.server_conn and flow.response and flow.request:
if VERBOSE_LEVEL == 1:
print(colproto["HTTP"] + ' Parsing response and associated request')
print(colproto["HTTP"] + ' Status code: {}'.format(flow.response.status_code))
print(colproto["HTTP"] + ' Request method: {}'.format(flow.request.method))
print(colproto["HTTP"] + ' HTTP version: {}'.format(flow.request.http_version))
print(colproto["HTTP"] + ' HTTP scheme: {}'.format(flow.request.scheme))
print(colproto["HTTP"] + ' Content length: {}'.format(len(flow.request.get_content())))
print('Delta request time: {}'.format(flow.request.timestamp_end - flow.request.timestamp_start))
print('Delta response time: {}'.format(flow.response.timestamp_end - flow.response.timestamp_start))
print('Delta response - request: {}'.format(flow.response.timestamp_end - flow.request.timestamp_start))
print('Port: {}'.format(flow.request.port))
print('Client adress: {}'.format(flow.client_conn.ip_address))
print('Server address: {}'.format(flow.server_conn.ip_address))
print('{} {}'.format(dir(flow.client_conn), dir(flow.server_conn)))
print('Request entropy: {}'.format(entropy(flow.request.content)))
print('Response entropy: {}'.format(entropy(flow.response.content)))
client_connection = format_addr(flow.client_conn.ip_address)
server_connection = format_addr(flow.server_conn.ip_address)
packet_to_add = [(flow.response.status_code, methods[flow.request.method],
versions[flow.request.http_version], schemes[flow.request.scheme], len(flow.request.content),
len(flow.response.content), entropy(flow.request.content), entropy(flow.response.content), small_hash(client_connection), small_hash(server_connection))]
packets_dump.append(packet_to_add)
# Send to proxy
packet_msg = json.dumps({'packet':packet_to_add, 'id':secrets.randbits(256), \
'src':format_addr(flow.client_conn.ip_address).replace('::ffff:', ''), 'dst':format_addr(flow.server_conn.ip_address)})
print('Enqueueing ', packet_msg, type(packet_msg))
redis_packet_queue.put(packet_msg)
if VERBOSE_LEVEL == 1:
print(colproto["HTTP"] + " [{} <- {}]\t {}".format(
format_addr(flow.client_conn.address),
format_addr(flow.server_conn.address),
flow.response)
)
print(colproto["HTTP"] + " Response -> {}\n{} Request -> {}\n".format(flow.response, colproto["HTTP"], flow.request))
def http_connect(flow: http.HTTPFlow):
if VERBOSE_LEVEL == 1:
print(colproto["HTTPS"] + " [{} <- CONNECT ->]".format(
format_addr(flow.client_conn.address))
)
def websocket_end(flow: websocket.WebSocketFlow):
if VERBOSE_LEVEL == 1:
print(colproto["WebSockets"] + " [{} <- END]".format(
format_addr(flow.client_conn.address))
)
def websocket_error(flow: websocket.WebSocketFlow):
if VERBOSE_LEVEL == 1:
print(colproto["WebSockets"] + " [{} <- ERROR -> {}]\t".format(
format_addr(flow.client_conn.address),
format_addr(flow.server_conn.address))
)
def tcp_end(flow: tcp.TCPFlow):
if VERBOSE_LEVEL == 1:
print(colproto["TCP"] + " END [{} <-> {}]".format(
format_addr(flow.client_conn.address),
format_addr(flow.server_conn.address))
)
def tcp_start(flow: tcp.TCPFlow):
if VERBOSE_LEVEL == 1:
print(colproto["TCP"] + " [{} <- HANDSHAKE -> {}]".format(
format_addr(flow.client_conn.address),
format_addr(flow.server_conn.address))
)