def taste(tcp): ((src, sport), (dst, dport)) = tcp.addr if len(tcp.module_data['options']['ports']): ports = tcp.module_data['options']['ports'] if sport not in ports and dport not in ports: return False if tcp.module_data['options']['verbose']: chop.tsprnt("New session: %s:%s->%s:%s" % (src, sport, dst, dport)) tcp.stream_data['htpy_obj'] = { 'options': tcp.module_data['options'], 'timestamp': None, 'temp': {}, 'transaction': {}, 'lines': Queue.Queue(), 'ready': False, 'flowStart': tcp.timestamp } tcp.stream_data['connparser'] = htpy.init() tcp.stream_data['connparser'].set_obj(tcp.stream_data['htpy_obj']) tcp.stream_data['connparser'].register_log(log) tcp.stream_data['connparser'].register_request_headers(request_headers) tcp.stream_data['connparser'].register_response_headers(response_headers) tcp.stream_data['connparser'].register_request_body_data(request_body) tcp.stream_data['connparser'].register_response_body_data(response_body) tcp.stream_data['connparser'].register_request_complete(request_complete) tcp.stream_data['connparser'].register_response_complete(response_complete) return True
def register_connparser(): connparser = htpy.init() connparser.register_log(log) connparser.register_request_headers(request_headers) connparser.register_response_headers(response_headers) connparser.register_request_body_data(request_body) connparser.register_response_body_data(response_body) connparser.register_request_complete(request_complete) connparser.register_response_complete(response_complete) return connparser
def register_connparser(options): connparser = htpy.init() if options['disable-decompression']: try: connparser.cfg.response_decompression = 0 except AttributeError as e: # Errors should have been checked in in the init # so this should be unnecessary pass connparser.register_log(log) connparser.register_request_headers(request_headers) connparser.register_response_headers(response_headers) connparser.register_request_body_data(request_body) connparser.register_response_body_data(response_body) connparser.register_request_complete(request_complete) connparser.register_response_complete(response_complete) return connparser
def taste(tcp): ((src, sport), (dst, dport)) = tcp.addr if sport != 80 and dport != 80: return False tcp.stream_data['cp'] = htpy.init() tcp.stream_data['cp'].set_obj({'stream_data': tcp.stream_data, 'module_data': tcp.module_data}) tcp.stream_data['cp'].register_log(log) tcp.stream_data['cp'].register_request_headers(request_headers) tcp.stream_data['cp'].register_response_headers(response_headers) if 'blen' in tcp.module_data: tcp.stream_data['cp'].register_request_body_data(request_body) tcp.stream_data['cp'].register_response_body_data(response_body) tcp.stream_data['d'] = { 'timestamp': packet_timedate(tcp.timestamp), 'src': src, 'sport': sport, 'dst': dst, 'dport': dport, } return True
def taste(tcp): ((src, sport), (dst, dport)) = tcp.addr if sport != 80 and dport != 80: return False if tcp.module_data['verbose']: chop.tsprnt("New session: %s:%s->%s:%s" % (src, sport, dst, dport)) d = { 'timestamp': packet_timedate(tcp.timestamp), 'src': src, 'sport': sport, 'dst': dst, 'dport': dport, } tcp.stream_data['cp'] = htpy.init() tcp.stream_data['cp'].set_obj({'module_data': tcp.module_data, 'd': d}) tcp.stream_data['cp'].register_log(log) tcp.stream_data['cp'].register_request_headers(request_headers) tcp.stream_data['cp'].register_response_headers(response_headers) if 'blen' in tcp.module_data: tcp.stream_data['cp'].register_request_body_data(request_body) tcp.stream_data['cp'].register_response_body_data(response_body) return True
def init(module_data): module_options = {'proto': [{'tcp': 'http'}, {'sslim': 'http'}]} parser = OptionParser() parser.add_option("-v", "--verbose", action="store_true", dest="verbose", default=False, help=("Be verbose about incoming " "packets and errors")) parser.add_option("-b", "--no-body", action="store_true", dest="nobody", default=False, help="Do not store http bodies") parser.add_option("-s", "--suppress", action="store_true", dest="suppress", default=False, help="Suppress htpy log output") parser.add_option("-l", "--length", action="store", dest="length", type="int", default=5242880, help=("Maximum length of bodies in bytes (Default: " "5MB, set to 0 to process all body data)")) parser.add_option("-a", "--hash-function", action="store", dest="hash_function", default="md5", help=("Hash Function to use on bodies (default 'md5', " "available: 'sha1', 'sha256', 'sha512')")) parser.add_option("-p", "--ports", action="store", dest="ports", default="80", help=("List of ports to check comma separated, e.g., " "\"80,8080\", pass an empty string \"\" to scan " "all ports (default '80')")) parser.add_option("-c", "--disable-decompression", action="store_true", default=False, dest="disable_decompression", help=("Disable decompression of response bodies")) parser.add_option("-B", "--beast", action="store_false", dest="beast", default=True, help=("By default, this module attempts to account for " "beast mitigations, i.e., the 1/n-1 traffic " "pattern, which seems to cause issues with " "body reconstruction. Settings this flag " "disables that action")) (options, lo) = parser.parse_args(module_data['args']) if options.disable_decompression: try: parser = htpy.init() parser.cfg.response_decompression = 1 except AttributeError as e: module_options['error'] = \ ("Version of htpy installed does not support disabling " "decompression. Please upgrade htpy or do not use the " "'-c/--disable-decompression' option") return module_options except Exception as e: module_options['error'] = ("Unknown error attempting to test htpy") return module_options global __hash_function__ if options.hash_function == 'sha1': __hash_function__ = hashlib.sha1 elif options.hash_function == 'sha256': __hash_function__ = hashlib.sha256 elif options.hash_function == 'sha512': __hash_function__ = hashlib.sha512 else: options.hash_function = 'md5' __hash_function__ = hashlib.md5 if options.ports == '': ports = [] else: ports = options.ports.split(",") try: # This will except if ports is empty or malformed ports = [int(port) for port in ports] except Exception as e: module_options['error'] = \ "Malformed port list '%s'" % (options.ports) return module_options module_data['counter'] = 0 module_data['options'] = {'verbose': options.verbose, 'suppress': options.suppress, 'no-body': options.nobody, 'length': options.length, 'hash_function': options.hash_function, 'beast': options.beast, 'disable-decompression': options.disable_decompression, 'ports': ports} return module_options
def init(module_data): module_options = {'proto': [{'tcp': 'http'}, {'sslim': 'http'}]} parser = OptionParser() parser.add_option("-v", "--verbose", action="store_true", dest="verbose", default=False, help=("Be verbose about incoming " "packets and errors")) parser.add_option("-b", "--no-body", action="store_true", dest="nobody", default=False, help="Do not store http bodies") parser.add_option("-s", "--suppress", action="store_true", dest="suppress", default=False, help="Suppress htpy log output") parser.add_option("-l", "--length", action="store", dest="length", type="int", default=5242880, help=("Maximum length of bodies in bytes (Default: " "5MB, set to 0 to process all body data)")) parser.add_option("-a", "--hash-function", action="store", dest="hash_function", default="md5", help=("Hash Function to use on bodies (default 'md5', " "available: 'sha1', 'sha256', 'sha512')")) parser.add_option("-p", "--ports", action="store", dest="ports", default="80", help=("List of ports to check comma separated, e.g., " "\"80,8080\", pass an empty string \"\" to scan " "all ports (default '80')")) parser.add_option("-c", "--disable-decompression", action="store_true", default=False, dest="disable_decompression", help=("Disable decompression of response bodies")) parser.add_option("-B", "--beast", action="store_false", dest="beast", default=True, help=("By default, this module attempts to account for " "beast mitigations, i.e., the 1/n-1 traffic " "pattern, which seems to cause issues with " "body reconstruction. Settings this flag " "disables that action")) (options, lo) = parser.parse_args(module_data['args']) if options.disable_decompression: try: parser = htpy.init() parser.cfg.response_decompression = 1 except AttributeError as e: module_options['error'] = \ ("Version of htpy installed does not support disabling " "decompression. Please upgrade htpy or do not use the " "'-c/--disable-decompression' option") return module_options except Exception as e: module_options['error'] = ("Unknown error attempting to test htpy") return module_options global __hash_function__ if options.hash_function == 'sha1': __hash_function__ = hashlib.sha1 elif options.hash_function == 'sha256': __hash_function__ = hashlib.sha256 elif options.hash_function == 'sha512': __hash_function__ = hashlib.sha512 else: options.hash_function = 'md5' __hash_function__ = hashlib.md5 if options.ports == '': ports = [] else: ports = options.ports.split(",") try: # This will except if ports is empty or malformed ports = [int(port) for port in ports] except Exception as e: module_options['error'] = \ "Malformed port list '%s'" % (options.ports) return module_options module_data['counter'] = 0 module_data['options'] = { 'verbose': options.verbose, 'suppress': options.suppress, 'no-body': options.nobody, 'length': options.length, 'hash_function': options.hash_function, 'beast': options.beast, 'disable-decompression': options.disable_decompression, 'ports': ports } return module_options
print(uri["path"]) return htpy.HTP_OK def request_headers_callback(cp): host = cp.get_request_header("Host") if host: print(host) return htpy.HTP_OK def request_body_data_callback(data, length): if not data is None: print(data) return htpy.HTP_OK def request_complete_callback(cp): print("Request complete.") print(cp.get_all_request_headers()) return htpy.HTP_OK print(htpy.HTPY_VERSION) cp = htpy.init() cp.register_request_uri_normalize(uri_callback) cp.register_request_headers(request_headers_callback) cp.register_request_body_data(request_body_data_callback) cp.register_request_complete(request_complete_callback) with open("request.txt", "rb") as f: req = f.read() cp.req_data(req)