def setUp(self):
meta = {}
run_args = argparse.ArgumentParser()
run_args.add_argument("--tanner")
run_args.add_argument("--page-dir")
self.main_page_path = generate_unique_path()
os.makedirs(self.main_page_path)
page_dir = self.main_page_path.rsplit('/')[-1]
args = run_args.parse_args(['--page-dir', page_dir])
snare_uuid = '9c10172f-7ce2-4fb4-b1c6-abc70141db56'.encode('utf-8')
args.no_dorks = True
self.handler = TannerHandler(args, meta, snare_uuid)
headers = {
'Host': 'test_host',
'status': 200,
'Cookie': 'sess_uuid=prev_test_uuid; test_cookie=test'
}
message = RawRequestMessage(method='POST',
path='/',
version=HttpVersion(major=1, minor=1),
headers=headers,
raw_headers=None,
should_close=None,
compression=None,
upgrade=None,
chunked=None,
url=URL('http://test_url/'))
loop = asyncio.get_event_loop()
RequestHandler = Mock()
protocol = RequestHandler()
self.request = web.Request(message=message,
payload=None,
protocol=protocol,
payload_writer=None,
task='POST',
loop=loop)
self.request.transport.get_extra_info = Mock(
return_value=(['test_ip', 'test_port']))
self.response_status = "test_status"
self.data = None
self.expected_data = {
'method': 'POST',
'path': 'http://test_url/',
'headers': {
'Host': 'test_host',
'status': 200,
'Cookie': 'sess_uuid=prev_test_uuid; test_cookie=test'
},
'uuid': '9c10172f-7ce2-4fb4-b1c6-abc70141db56',
'peer': {
'ip': 'test_ip',
'port': 'test_port'
},
'status': 'test_status',
'cookies': {
'sess_uuid': 'prev_test_uuid',
' test_cookie': 'test'
}
}
def __init__(self, meta, run_args, snare_uuid, debug=False, keep_alive=75, **kwargs):
self.run_args = run_args
self.dir = run_args.full_page_path
self.meta = meta
self.snare_uuid = snare_uuid
self.logger = logging.getLogger(__name__)
self.sroute = StaticRoute(name=None, prefix="/", directory=self.dir)
self.tanner_handler = TannerHandler(run_args, meta, snare_uuid)
def setUp(self):
meta = {}
run_args = argparse.ArgumentParser()
run_args.add_argument("--tanner")
run_args.add_argument("--page-dir")
self.main_page_path = generate_unique_path()
os.makedirs(self.main_page_path)
page_dir = self.main_page_path.rsplit("/")[-1]
args = run_args.parse_args(["--page-dir", page_dir])
args_dict = vars(args)
args_dict["full_page_path"] = self.main_page_path
snare_uuid = "9c10172f-7ce2-4fb4-b1c6-abc70141db56".encode("utf-8")
args.no_dorks = True
self.handler = TannerHandler(args, meta, snare_uuid)
headers = {
"Host": "test_host",
"status": 200,
"Cookie": "sess_uuid=prev_test_uuid; test_cookie=test",
}
message = RawRequestMessage(
method="POST",
path="/",
version=HttpVersion(major=1, minor=1),
headers=headers,
raw_headers=None,
should_close=None,
compression=None,
upgrade=None,
chunked=None,
url=URL("http://test_url/"),
)
loop = asyncio.get_event_loop()
RequestHandler = Mock()
protocol = RequestHandler()
self.request = web.Request(
message=message,
payload=None,
protocol=protocol,
payload_writer=None,
task="POST",
loop=loop,
)
self.request.transport.get_extra_info = Mock(return_value=(["test_ip", "test_port"]))
self.response_status = "test_status"
self.data = None
self.expected_data = {
"method": "POST",
"path": "http://test_url/",
"headers": {
"Host": "test_host",
"status": 200,
"Cookie": "sess_uuid=prev_test_uuid; test_cookie=test",
},
"uuid": "9c10172f-7ce2-4fb4-b1c6-abc70141db56",
"peer": {"ip": "test_ip", "port": "test_port"},
"status": "test_status",
"cookies": {"sess_uuid": "prev_test_uuid", " test_cookie": "test"},
}
def setUp(self):
run_args = argparse.ArgumentParser()
run_args.add_argument("--tanner")
run_args.add_argument("--page-dir")
self.main_page_path = generate_unique_path()
os.makedirs(self.main_page_path)
page_dir = self.main_page_path.rsplit('/')[-1]
meta_content = {"/index.html": {"hash": "hash_name", "content_type": "text/html"}}
self.page_content = "<html><body></body></html>"
self.content_type = "text/html"
with open(os.path.join(self.main_page_path, "hash_name"), 'w') as f:
f.write(self.page_content)
with open(os.path.join(self.main_page_path, "meta.json"), 'w') as f:
json.dump(meta_content, f)
args = run_args.parse_args(['--page-dir', page_dir])
args.index_page = '/index.html'
args.no_dorks = True
args.tanner = "tanner.mushmush.org"
uuid = "test_uuid"
self.handler = TannerHandler(args, meta_content, uuid)
self.requested_name = '/'
self.loop = asyncio.get_event_loop()
self.handler.html_handler.handle_content = AsyncMock(return_value=self.page_content)
self.res1 = None
self.res2 = None
self.res3 = None
self.res4 = None
self.detection = None
self.expected_content = None
self.call_content = None
def __init__(self,
meta,
run_args,
snare_uuid,
debug=False,
keep_alive=75,
**kwargs):
self.run_args = run_args
self.dir = '/opt/snare/pages/{}'.format(run_args.page_dir)
self.meta = meta
self.snare_uuid = snare_uuid
self.logger = logging.getLogger(__name__)
self.sroute = StaticRoute(name=None, prefix='/', directory=self.dir)
self.tanner_handler = TannerHandler(run_args, meta, snare_uuid)
if run_args.server_header:
self.server_header = run_args.server_header
else:
self.server_header = meta['cloned_metadata']['Server'] if meta[
'cloned_metadata']['Server'] else 'nginx/1.3.8'
def __init__(self, meta, run_args, snare_uuid, debug=False, keep_alive=75, **kwargs):
self.run_args = run_args
self.dir = '/opt/snare/pages/{}'.format(run_args.page_dir)
self.meta = meta
self.snare_uuid = snare_uuid
self.logger = logging.getLogger(__name__)
self.sroute = StaticRoute(
name=None, prefix='/',
directory=self.dir
)
self.tanner_handler = TannerHandler(run_args, meta, snare_uuid)
def setUp(self):
meta = {}
run_args = argparse.ArgumentParser()
run_args.add_argument("--tanner")
run_args.add_argument("--page-dir")
self.main_page_path = generate_unique_path()
os.makedirs(self.main_page_path)
page_dir = self.main_page_path.rsplit("/")[-1]
args = run_args.parse_args(["--page-dir", page_dir])
args_dict = vars(args)
args_dict["full_page_path"] = self.main_page_path
self.loop = asyncio.new_event_loop()
self.data = {
"method": "GET",
"path": "/",
"headers": {
"Host": "test_host",
"Connection": "keep-alive",
"Upgrade-Insecure-Requests": "1",
"User-Agent": "test_agent",
"Accept": "text/html",
"Accept-Encoding": "test_encoding",
"Accept-Language": "test_lang",
"Cookie": "test_cookie",
},
"uuid": "test_uuid",
"peer": {
"ip": "::1",
"port": 80
},
"status": 200,
"cookies": "test_cookies",
"sess_uuid": "test_uuid",
}
aiohttp.ClientSession.post = AsyncMock(
return_value=aiohttp.ClientResponse(
url=yarl.URL("http://www.example.com"),
method="GET",
writer=None,
continue100=1,
timer=None,
request_info=None,
traces=None,
loop=self.loop,
session=None,
))
uuid = "test_uuid"
args.tanner = "tanner.mushmush.org"
args.no_dorks = True
self.handler = TannerHandler(args, meta, uuid)
self.result = None
def setUp(self):
meta = {}
run_args = argparse.ArgumentParser()
run_args.add_argument("--tanner")
run_args.add_argument("--page-dir")
self.main_page_path = generate_unique_path()
os.makedirs(self.main_page_path)
page_dir = self.main_page_path.rsplit('/')[-1]
args = run_args.parse_args(['--page-dir', page_dir])
args_dict = vars(args)
args_dict['full_page_path'] = self.main_page_path
self.loop = asyncio.new_event_loop()
self.data = {
'method': 'GET',
'path': '/',
'headers': {
'Host': 'test_host',
'Connection': 'keep-alive',
'Upgrade-Insecure-Requests': '1',
'User-Agent': 'test_agent',
'Accept': 'text/html',
'Accept-Encoding': 'test_encoding',
'Accept-Language': 'test_lang',
'Cookie': 'test_cookie'
},
'uuid': 'test_uuid',
'peer': {
'ip': '::1',
'port': 80
},
'status': 200,
'cookies': 'test_cookies',
'sess_uuid': 'test_uuid'
}
aiohttp.ClientSession.post = AsyncMock(
return_value=aiohttp.ClientResponse(url=yarl.URL(
"http://www.example.com"),
method="GET",
writer=None,
continue100=1,
timer=None,
request_info=None,
traces=None,
loop=self.loop,
session=None))
uuid = "test_uuid"
args.tanner = "tanner.mushmush.org"
args.no_dorks = True
self.handler = TannerHandler(args, meta, uuid)
self.result = None
def setUp(self):
run_args = argparse.ArgumentParser()
run_args.add_argument("--tanner")
run_args.add_argument("--page-dir")
self.main_page_path = generate_unique_path()
os.makedirs(self.main_page_path)
page_dir = self.main_page_path.rsplit("/")[-1]
meta_content = {
"/index.html": {
"hash": "hash_name",
"headers": [{
"Content-Type": "text/html"
}],
}
}
self.page_content = "<html><body></body></html>"
self.headers = multidict.CIMultiDict([("Content-Type", "text/html")])
self.status_code = 200
self.content_type = "text/html"
with open(os.path.join(self.main_page_path, "hash_name"), "w") as f:
f.write(self.page_content)
with open(os.path.join(self.main_page_path, "meta.json"), "w") as f:
json.dump(meta_content, f)
self.args = run_args.parse_args(["--page-dir", page_dir])
args_dict = vars(self.args)
args_dict["full_page_path"] = self.main_page_path
self.args.index_page = "/index.html"
self.args.no_dorks = True
self.args.tanner = "tanner.mushmush.org"
self.uuid = "test_uuid"
self.handler = TannerHandler(self.args, meta_content, self.uuid)
self.requested_name = "/"
self.loop = asyncio.get_event_loop()
self.handler.html_handler.handle_content = AsyncMock(
return_value=self.page_content)
self.res1 = None
self.res2 = None
self.res3 = None
self.detection = None
self.expected_content = None
self.call_content = None
class HttpRequestHandler():
def __init__(self,
meta,
run_args,
snare_uuid,
debug=False,
keep_alive=75,
**kwargs):
self.run_args = run_args
self.dir = '/opt/snare/pages/{}'.format(run_args.page_dir)
self.meta = meta
self.snare_uuid = snare_uuid
self.logger = logging.getLogger(__name__)
self.sroute = StaticRoute(name=None, prefix='/', directory=self.dir)
self.tanner_handler = TannerHandler(run_args, meta, snare_uuid)
async def submit_slurp(self, data):
try:
async with aiohttp.ClientSession(connector=aiohttp.TCPConnector(
verify_ssl=False)) as session:
r = await session.post(
'https://{0}:8080/api?auth={1}&chan=snare_test&msg={2}'.
format(self.run_args.slurp_host, self.run_args.slurp_auth,
data),
data=json.dumps(data),
timeout=10.0)
assert r.status == 200
r.close()
except Exception as e:
self.logger.error('Error submitting slurp: %s', e)
async def handle_request(self, request):
self.logger.info('Request path: {0}'.format(request.path_qs))
data = self.tanner_handler.create_data(request, 200)
if request.method == 'POST':
post_data = await request.post()
self.logger.info('POST data:')
for key, val in post_data.items():
self.logger.info('\t- {0}: {1}'.format(key, val))
data['post_data'] = dict(post_data)
# Submit the event to the TANNER service
event_result = await self.tanner_handler.submit_data(data)
# Log the event to slurp service if enabled
if self.run_args.slurp_enabled:
await self.submit_slurp(request.path_qs)
content, content_type, headers, status_code = await self.tanner_handler.parse_tanner_response(
request.path_qs, event_result['response']['message']['detection'])
response_headers = multidict.CIMultiDict()
for name, val in headers.items():
response_headers.add(name, val)
response_headers.add('Server', self.run_args.server_header)
if 'cookies' in data and 'sess_uuid' in data['cookies']:
previous_sess_uuid = data['cookies']['sess_uuid']
else:
previous_sess_uuid = None
if event_result is not None and (
'sess_uuid' in event_result['response']['message']):
cur_sess_id = event_result['response']['message']['sess_uuid']
if previous_sess_uuid is None or not previous_sess_uuid.strip(
) or previous_sess_uuid != cur_sess_id:
response_headers.add('Set-Cookie', 'sess_uuid=' + cur_sess_id)
if not content_type:
response_content_type = 'text/plain'
else:
response_content_type = content_type
response = web.Response(body=content,
status=status_code,
headers=response_headers,
content_type=response_content_type)
return response
async def start(self):
app = web.Application()
app.add_routes([web.route('*', '/{tail:.*}', self.handle_request)])
aiohttp_jinja2.setup(app, loader=jinja2.FileSystemLoader(self.dir))
middleware = SnareMiddleware(self.meta['/status_404']['hash'],
self.run_args.server_header)
middleware.setup_middlewares(app)
self.runner = web.AppRunner(app)
await self.runner.setup()
site = web.TCPSite(self.runner, self.run_args.host_ip,
self.run_args.port)
await site.start()
names = sorted(str(s.name) for s in self.runner.sites)
print("======== Running on {} ========\n"
"(Press CTRL+C to quit)".format(', '.join(names)))
async def stop(self):
await self.runner.cleanup()
class HttpRequestHandler:
def __init__(self, meta, run_args, snare_uuid, debug=False, keep_alive=75, **kwargs):
self.run_args = run_args
self.dir = run_args.full_page_path
self.meta = meta
self.snare_uuid = snare_uuid
self.logger = logging.getLogger(__name__)
self.sroute = StaticRoute(name=None, prefix="/", directory=self.dir)
self.tanner_handler = TannerHandler(run_args, meta, snare_uuid)
async def submit_slurp(self, data):
try:
async with aiohttp.ClientSession(connector=aiohttp.TCPConnector(verify_ssl=False)) as session:
r = await session.post(
"https://{0}:8080/api?auth={1}&chan=snare_test&msg={2}".format(
self.run_args.slurp_host, self.run_args.slurp_auth, data
),
json=data,
timeout=10.0,
)
assert r.status == 200
r.close()
except Exception as e:
self.logger.error("Error submitting slurp: %s", e)
async def handle_request(self, request):
self.logger.info("Request path: {0}".format(request.path_qs))
data = self.tanner_handler.create_data(request, 200)
if request.method == "POST":
post_data = await request.post()
self.logger.info("POST data:")
for key, val in post_data.items():
self.logger.info("\t- {0}: {1}".format(key, val))
data["post_data"] = dict(post_data)
# Submit the event to the TANNER service
event_result = await self.tanner_handler.submit_data(data)
# Log the event to slurp service if enabled
if self.run_args.slurp_enabled:
await self.submit_slurp(request.path_qs)
content, headers, status_code = await self.tanner_handler.parse_tanner_response(
request.path_qs, event_result["response"]["message"]["detection"]
)
if self.run_args.server_header:
headers["Server"] = self.run_args.server_header
if "cookies" in data and "sess_uuid" in data["cookies"]:
previous_sess_uuid = data["cookies"]["sess_uuid"]
else:
previous_sess_uuid = None
if event_result is not None and "sess_uuid" in event_result["response"]["message"]:
cur_sess_id = event_result["response"]["message"]["sess_uuid"]
if previous_sess_uuid is None or not previous_sess_uuid.strip() or previous_sess_uuid != cur_sess_id:
headers.add("Set-Cookie", "sess_uuid=" + cur_sess_id)
return web.Response(body=content, status=status_code, headers=headers)
async def start(self):
app = web.Application()
app.add_routes([web.route("*", "/{tail:.*}", self.handle_request)])
aiohttp_jinja2.setup(app, loader=jinja2.FileSystemLoader(self.dir))
middleware = SnareMiddleware(
error_404=self.meta["/status_404"].get("hash"),
headers=self.meta["/status_404"].get("headers", []),
server_header=self.run_args.server_header,
)
middleware.setup_middlewares(app)
self.runner = web.AppRunner(app)
await self.runner.setup()
site = web.TCPSite(self.runner, self.run_args.host_ip, self.run_args.port)
await site.start()
names = sorted(str(s.name) for s in self.runner.sites)
print("======== Running on {} ========\n" "(Press CTRL+C to quit)".format(", ".join(names)))
async def stop(self):
await self.runner.cleanup()
class HttpRequestHandler():
def __init__(self, meta, run_args, snare_uuid, debug=False, keep_alive=75, **kwargs):
self.run_args = run_args
self.dir = '/opt/snare/pages/{}'.format(run_args.page_dir)
self.meta = meta
self.snare_uuid = snare_uuid
self.logger = logging.getLogger(__name__)
self.sroute = StaticRoute(
name=None, prefix='/',
directory=self.dir
)
self.tanner_handler = TannerHandler(run_args, meta, snare_uuid)
async def submit_slurp(self, data):
try:
async with aiohttp.ClientSession(connector=aiohttp.TCPConnector(verify_ssl=False)) as session:
r = await session.post(
'https://{0}:8080/api?auth={1}&chan=snare_test&msg={2}'.format(
self.run_args.slurp_host, self.run_args.slurp_auth, data
), data=json.dumps(data), timeout=10.0
)
assert r.status == 200
r.close()
except Exception as e:
self.logger.error('Error submitting slurp: %s', e)
async def handle_request(self, request):
self.logger.info('Request path: {0}'.format(request.path_qs))
data = self.tanner_handler.create_data(request, 200)
if request.method == 'POST':
post_data = await request.post()
self.logger.info('POST data:')
for key, val in post_data.items():
self.logger.info('\t- {0}: {1}'.format(key, val))
data['post_data'] = dict(post_data)
# Submit the event to the TANNER service
event_result = await self.tanner_handler.submit_data(data)
# Log the event to slurp service if enabled
if self.run_args.slurp_enabled:
await self.submit_slurp(request.path_qs)
content, content_type, headers, status_code = await self.tanner_handler.parse_tanner_response(
request.path_qs, event_result['response']['message']['detection'])
response_headers = multidict.CIMultiDict()
for name, val in headers.items():
response_headers.add(name, val)
response_headers.add('Server', self.run_args.server_header)
if 'cookies' in data and 'sess_uuid' in data['cookies']:
previous_sess_uuid = data['cookies']['sess_uuid']
else:
previous_sess_uuid = None
if event_result is not None and ('sess_uuid' in event_result['response']['message']):
cur_sess_id = event_result['response']['message']['sess_uuid']
if previous_sess_uuid is None or not previous_sess_uuid.strip() or previous_sess_uuid != cur_sess_id:
response_headers.add('Set-Cookie', 'sess_uuid=' + cur_sess_id)
if not content_type:
response_content_type = 'text/plain'
else:
response_content_type = content_type
response = web.Response(
body=content, status=status_code, headers=response_headers, content_type=response_content_type
)
return response
async def start(self):
app = web.Application()
app.add_routes([web.route('*', '/{tail:.*}', self.handle_request)])
aiohttp_jinja2.setup(
app, loader=jinja2.FileSystemLoader(self.dir)
)
middleware = SnareMiddleware(
self.meta['/status_404']['hash'],
self.run_args.server_header
)
middleware.setup_middlewares(app)
self.runner = web.AppRunner(app)
await self.runner.setup()
site = web.TCPSite(self.runner, self.run_args.host_ip, self.run_args.port)
await site.start()
names = sorted(str(s.name) for s in self.runner.sites)
print("======== Running on {} ========\n"
"(Press CTRL+C to quit)".format(', '.join(names)))
async def stop(self):
await self.runner.cleanup()