def handle_request(self, raw_request, addr, sensor_addr): attack_event = attack.AttackEvent() attack_event.raw_request = raw_request attack_event.sensor_addr = sensor_addr attack_event.http_request = HTTPHandler(raw_request, addr, self.options['banner'], sys_version=' ') if self.options["proxy_enabled"] == "True": self._handle_proxy(attack_event, addr) else: attack_event.source_addr = addr logger.info("{0} requested {1} {2} on {3}:{4}".format( attack_event.source_addr[0], attack_event.http_request.command, attack_event.http_request.path, attack_event.sensor_addr[0], attack_event.sensor_addr[1])) # Handle the HTTP request method attack_event.matched_pattern = getattr( self.MethodHandlers, attack_event.http_request.command, self.MethodHandlers.GET)(attack_event.http_request) # Handle the request with the specific vulnerability module request_handler = RequestHandler(os.path.join(self.work_dir, 'data/')) emulator = request_handler.get_handler(attack_event.matched_pattern) emulator.handle(attack_event) # Logging the event #if self.profiler_available: # self.profiler.handle_event(attack_event) self.post_queue.put(attack_event) header = attack_event.http_request.get_response_header() body = attack_event.http_request.get_response_body() return header, body
def handle_request(self, raw_request, addr, connection): attack_event = attack.AttackEvent() attack_event.raw_request = raw_request attack_event.http_request = HTTPHandler(raw_request, addr) if self.options["proxy_enabled"] == "True": self._handle_proxy(attack_event) else: attack_event.source_addr = addr logger.info( "{0} requested {1} {2} on {3}".format( attack_event.source_addr[0], attack_event.http_request.command, attack_event.http_request.path, attack_event.http_request.headers.get("Host", "None"), ) ) # Handle the HTTP request method attack_event.matched_pattern = getattr( self.MethodHandlers, attack_event.http_request.command, self.MethodHandlers.GET )(attack_event.http_request) # Handle the request with the specific vulnerability module request_handler = RequestHandler(os.path.join(self.work_dir, "data/")) emulator = request_handler.get_handler(attack_event.matched_pattern) emulator.handle(attack_event) # Logging the event if self.profiler_available: self.profiler.handle_event(attack_event) self.post_queue.put(attack_event) header = attack_event.http_request.get_response_header() body = attack_event.http_request.get_response_body() return header, body
def handle_request(self, raw_request, addr, sensor_addr): attack_event = attack.AttackEvent() attack_event.raw_request = raw_request attack_event.sensor_addr = sensor_addr attack_event.http_request = HTTPHandler(raw_request, addr, self.options['banner'], sys_version=' ') if self.options["proxy_enabled"] == "True": self._handle_proxy(attack_event, addr) else: attack_event.source_addr = addr logger.info("{0} requested {1} {2} on {3}:{4}".format( attack_event.source_addr[0], attack_event.http_request.command, attack_event.http_request.path, attack_event.sensor_addr[0], attack_event.sensor_addr[1])) # Handle the HTTP request method attack_event.matched_pattern = getattr( self.MethodHandlers, attack_event.http_request.command, self.MethodHandlers.GET )(attack_event.http_request) #cascade emulators: session emulator to set cookie first attack_event = SessionEmulator(os.path.join(self.work_dir, 'data/')).handle(attack_event) # Handle the request with the specific vulnerability module request_handler = RequestHandler(os.path.join(self.work_dir, 'data/')) emulator = request_handler.get_handler(attack_event.matched_pattern) if(emulator.__class__.__name__ == "SQLinjectableEmulator" or emulator.__class__.__name__ == "CommentPoster"): emulator.handle(attack_event, self.attacker_connection_string) else: emulator.handle(attack_event) #end of emulator cascade -> take care about response attack_event.http_request.merge_and_send_response() # Logging the event if self.profiler_available: self.profiler.handle_event(attack_event) self.post_queue.put(attack_event) header = attack_event.http_request.get_response_header() body = attack_event.http_request.get_response_body() return header, body
def handle_request(self, raw_request, addr, sensor_addr): attack_event = attack.AttackEvent() attack_event.raw_request = raw_request attack_event.sensor_addr = sensor_addr # Add glastopf version attack_event.version = __version__ # Add sensor name attack_event.sensorid = self.options['sensorid'] attack_event.http_request = HTTPHandler(raw_request, addr, self.options['banner'], sys_version=' ') if self.options["proxy_enabled"] == "True": self._handle_proxy(attack_event, addr) else: attack_event.source_addr = addr logger.info("{0} requested {1} {2} on {3}:{4}".format( attack_event.source_addr[0], attack_event.http_request.command, attack_event.http_request.path, attack_event.sensor_addr[0], attack_event.sensor_addr[1])) # Handle the HTTP request method attack_event.matched_pattern = getattr( self.MethodHandlers, attack_event.http_request.command, self.MethodHandlers.GET )(attack_event.http_request) # Handle the request with the specific vulnerability module request_handler = RequestHandler(os.path.join(self.work_dir, 'data/')) emulator = request_handler.get_handler(attack_event.matched_pattern) emulator.handle(attack_event) # Logging the event #if self.profiler_available: # self.profiler.handle_event(attack_event) self.post_queue.put(attack_event) header = attack_event.http_request.get_response_header() body = attack_event.http_request.get_response_body() return header, body
def handle_request(self, raw_request, addr, connection): response_code = "200 OK" attack_event = attack.AttackEvent() #attack_event.sensor_addr = connection.sock.getsockname() attack_event.raw_request = raw_request # Parse the request try: attack_event.parsed_request = self.HTTP_parser.parse_request( raw_request) except util.ParsingError as e: response_code = e.response_code else: if self.options["proxy_enabled"] == "True": self._handle_proxy(attack_event) else: attack_event.source_addr = addr logger.info("{0} requested {1} {2} on {3}".format( attack_event.source_addr[0], attack_event.parsed_request.method, attack_event.parsed_request.url, attack_event.parsed_request.header.get('Host', "None") ) ) # Handle the HTTP request method attack_event.matched_pattern = getattr( self.MethodHandlers, attack_event.parsed_request.method, self.MethodHandlers.GET )(attack_event.parsed_request) # Handle the request with the specific vulnerability module request_handler = RequestHandler(os.path.join(self.work_dir, 'data/')) emulator = request_handler.get_handler(attack_event.matched_pattern) emulator.handle(attack_event) # Logging the event if self.profiler_available: self.profiler.handle_event(attack_event) self.post_queue.put(attack_event) response_code = "200 OK" response_util = util.HTTPServerResponse(response_code) attack_event.response = response_util.get_header(attack_event) + attack_event.response return attack_event.response