def onResponse(self, proxy, response): self.response = response if self.host and self.host.startswith("summonerswar") and \ self.host.endswith("com2us.net") and \ self.request and self.request.url.path.startswith("/api/"): try: req_plain = decrypt_request(self.request.body) req_json = json.loads(req_plain) resp_plain = decrypt_response(response.body) resp_json = json.loads(resp_plain) if 'command' not in resp_json: return for plugin in ProxyCallback.plugins: try: plugin.plugin_object.process_request( req_json, resp_json, ProxyCallback.plugins) except Exception as e: logger.exception('Exception while executing plugin "%s": %s' \ % (plugin.plugin_object.__class__.__name__, e)) if resp_json['command'] == 'HubUserLogin' or resp_json[ 'command'] == 'GuestLogin': parse_login_data(resp_json, ProxyCallback.plugins) print "Monsters and Runes data generated" elif resp_json['command'] == 'VisitFriend': parse_visit_data(resp_json, ProxyCallback.plugins) print "Visit Friend data generated" elif resp_json['command'] == 'GetUnitCollection': collection = resp_json['collection'] print "Your collection has %d/%d monsters" % (sum( [y['open'] for y in collection]), len(collection)) except: pass
def onResponse(self, proxy, response): self.response = response if ( self.host and self.host.startswith("summonerswar") and self.host.endswith("com2us.net") and self.request and self.request.url.path.startswith("/api/") ): try: req_plain = decrypt_request(self.request.body) req_json = json.loads(req_plain) resp_plain = decrypt_response(response.body) resp_json = json.loads(resp_plain) print "Found Summoners War API request : %s" % req_json["command"] if resp_json["command"] == "HubUserLogin" or resp_json["command"] == "GuestLogin": print "Monsters and Runes data generated" parse_login_data(resp_json) elif resp_json["command"] == "VisitFriend": print "Visit Friend data generated" parse_visit_data(resp_json) elif resp_json["command"] == "GetUnitCollection": collection = resp_json["collection"] print "Your collection has %d/%d monsters" % (sum([y["open"] for y in collection]), len(collection)) except: pass
def onResponse(self, proxy, response): self.response = response if self.host and self.host.startswith("summonerswar") and \ self.host.endswith("com2us.net") and \ self.request and self.request.url.path.startswith("/api/"): try: req_plain = decrypt_request(self.request.body) req_json = json.loads(req_plain) resp_plain = decrypt_response(response.body) resp_json = json.loads(resp_plain) if 'command' not in resp_json: return for plugin in ProxyCallback.plugins: try: plugin.plugin_object.process_request(req_json, resp_json, ProxyCallback.plugins) except Exception as e: logger.exception('Exception while executing plugin "%s": %s' \ % (plugin.plugin_object.__class__.__name__, e)) if resp_json['command'] == 'HubUserLogin' or resp_json['command'] == 'GuestLogin': parse_login_data(resp_json, ProxyCallback.plugins) print "Monsters and Runes data generated" elif resp_json['command'] == 'VisitFriend': parse_visit_data(resp_json, ProxyCallback.plugins) print "Visit Friend data generated" elif resp_json['command'] == 'GetUnitCollection': collection = resp_json['collection'] print "Your collection has %d/%d monsters" % (sum([y['open'] for y in collection]), len(collection)) except: pass
def onResponse(self, proxy, response): self.response = response if self.host and self.host.startswith("summonerswar") and \ self.host.endswith("com2us.net") and \ self.request and self.request.url.path.startswith("/api/"): try: req_plain = decrypt_request(self.request.body) req_json = json.loads(req_plain) resp_plain = decrypt_response(response.body) resp_json = json.loads(resp_plain) print "Found Summoners War API request : %s" % req_json[ 'command'] if resp_json['command'] == 'HubUserLogin': print "Monsters and Runes data generated" parse_login_data(resp_json) elif resp_json['command'] == 'VisitFriend': print "Visit Friend data generated" parse_visit_data(resp_json) elif resp_json['command'] == 'GetUnitCollection': collection = resp_json['collection'] print "Your collection has %d/%d monsters" % (sum( [y['open'] for y in collection]), len(collection)) except: pass
def _parse_response(self, response): """ takes a response body, returns the decrypted plain and json """ plain = decrypt_response(response.body, 2 if '_c2.php' in self.request.url.path else 1) return plain, json.loads(plain)
def parse_pcap(filename): streams = dict() # Connections with current buffer with open(filename, "rb") as f: pcap = dpkt.pcap.Reader(f) for ts, buf in pcap: eth = dpkt.ethernet.Ethernet(buf) if eth.type != dpkt.ethernet.ETH_TYPE_IP: continue ip = eth.data if not isinstance(ip, dpkt.ip.IP): try: ip = dpkt.ip.IP(ip) except: continue if ip.p != dpkt.ip.IP_PROTO_TCP: continue tcp = ip.data if not isinstance(tcp, dpkt.tcp.TCP): try: tcp = dpkt.tcp.TCP(tcp) except: continue tupl = (ip.src, ip.dst, tcp.sport, tcp.dport) if tupl in streams: streams[tupl] = streams[tupl] + tcp.data else: streams[tupl] = tcp.data if (tcp.flags & dpkt.tcp.TH_FIN) != 0 and \ (tcp.dport == 80 or tcp.sport == 80) and \ len(streams[tupl]) > 0: other_tupl = (ip.dst, ip.src, tcp.dport, tcp.sport) stream1 = streams[tupl] del streams[tupl] try: stream2 = streams[other_tupl] del streams[other_tupl] except: stream2 = "" if tcp.dport == 80: requests = stream1 responses = stream2 else: requests = stream2 responses = stream1 while len(requests): try: request = dpkt.http.Request(requests) #print request.method, request.uri except: request = '' requests = '' try: response = dpkt.http.Response(responses) #print response.status except: response = '' responses = '' requests = requests[len(request):] responses = requests[len(responses):] if len(request) > 0 and len(response) > 0 and \ request.method == 'POST' and \ request.uri == '/api/gateway.php' and \ response.status == '200': try: req_plain = decrypt_request(request.body) resp_plain = decrypt_response(response.body) req_json = json.loads(req_plain) resp_json = json.loads(resp_plain) if 'command' not in resp_json: return try: SWPlugin.call_plugins('process_request', (req_json, resp_json)) except Exception as e: logger.exception('Exception while executing plugin : {}'.format(e)) except: import traceback e = sys.exc_info()[0] traceback.print_exc() elif (tcp.flags & dpkt.tcp.TH_FIN) != 0: del streams[tupl]
def _parse_response(self, response): """ takes a response body, returns the decrypted plain and json """ plain = decrypt_response(response.body) return plain, json.loads(plain)
def _parse_response(self, flow): plain = decrypt_response( flow.request.get_text(), 2 if '_c2.php' in flow.request.pretty_url else 1) return plain, json.loads(plain)