def onSend(self, data): if self.connectHost: analysis.incrementData(self.address[0], domainAnalysisType.outgoing, self.connectHost, len(data)) if self.mode == "http" and not self.getSendPending(): if self.httpMessageParse.connection() != "keep-alive": self.close() else: self.httpMessageParse.clear()
def onSend(self, data):
if self.connectHost:
analysis.incrementData(self.address[0],
domainAnalysisType.outgoing,
self.connectHost, len(data))
if self.mode == "http" and not self.getSendPending():
if self.httpMessageParse.connection() != "keep-alive":
self.close()
else:
self.httpMessageParse.clear()
def onRecv(self, data):
self.preConnectRecvCache += data
if self.mode == "proxy":
if self.serverAuthPass and self.preConnectRecvCache:
if self.connectHost:
analysis.incrementData(self.address[0], domainAnalysisType.incoming, self.connectHost, len(self.preConnectRecvCache))
self.sendDataToSymmetryConnect(self.preConnectRecvCache)
self.preConnectRecvCache = ""
return
if self.httpMessageParse.appendData(data):
method = self.httpMessageParse.method()
path = self.httpMessageParse.path()
self.connectName = self.filenoStr() + " " + method + " " + path
if not path.startswith("http://") and method in ["GET", "POST"]:
path = path.split("?")
self.onHTTP(self.httpMessageParse.headers,
method,
path[0],
path[1] if len(path) > 1 else "",
self.httpMessageParse.getBody() if method == "POST" else "")
self.mode = "http"
else:
self.mode = "proxy"
connect = localToRemoteConnectManger.getConnect()
if path.find("status.dddproxy.com")>0:
try:
connect = None
jsonMessage = self.httpMessageParse.getBody()
jsonBody = json.loads(jsonMessage)
connectList = localToRemoteConnectManger.getConnectHost(jsonBody["host"],jsonBody["port"])
if connectList:
for _,v in connectList.items():
connect = v
except:
pass
if connect:
connect.addLocalRealConnect(self)
else:
self.close()
self.connectHost = parserUrlAddrPort("https://" + path if method == "CONNECT" else path)[0]
analysis.incrementData(self.address[0], domainAnalysisType.connect, self.connectHost, 1)
else:
pass
def onRecv(self, data):
self.preConnectRecvCache += data
if self.mode == "proxy":
if not self.connectHost and self.socksMode and len(
self.preConnectRecvCache) > 4:
_d = self.preConnectRecvCache
port = 0
version = "Socks5"
setConnectHost = False
if (_d[0] == "\x05"):
if _d[3] == '\x01':
self.connectHost = "%d.%d.%d.%d" % (ord(
_d[4]), ord(_d[5]), ord(_d[6]), ord(_d[7]))
port = ord(_d[8]) * 0x100 + ord(_d[9])
setConnectHost = True
elif _d[3] == "\x03":
hostendindex = 5 + ord(_d[4])
self.connectHost = _d[5:hostendindex]
port = ord(_d[hostendindex]) * 0x100 + ord(
_d[hostendindex + 1])
setConnectHost = True
elif _d[0] == "\x04":
if _d[1] == '\x01' or _d[1] == '\x02':
self.connectHost = "%d.%d.%d.%d" % (ord(
_d[4]), ord(_d[5]), ord(_d[6]), ord(_d[7]))
version = "Socks4"
if self.connectHost.startswith("0.0.0.") and ord(
_d[7]) != 0: # socks4a
splits = _d[8:].split("\x00")
self.connectHost = splits[-2]
version = "Socks4a"
setConnectHost = True
port = ord(_d[2]) * 0x100 + ord(_d[3])
if setConnectHost:
analysis.incrementData(self.address[0],
domainAnalysisType.connect,
self.connectHost, 1)
self.connectName = self.symmetryConnectManager.filenoStr(
) + " < " + self.filenoStr(
) + " " + version + ":" + self.connectHost + ":%d" % (port)
if self.serverAuthPass and self.preConnectRecvCache:
if self.connectHost:
analysis.incrementData(self.address[0],
domainAnalysisType.incoming,
self.connectHost,
len(self.preConnectRecvCache))
self.sendDataToSymmetryConnect(self.preConnectRecvCache)
self.preConnectRecvCache = ""
return
if data[0] == '\x05' or data[0] == '\x04': # socks5
if data[1] == '\x02' or data[1] == '\x01':
self.setToProxyMode()
self.socksMode = True
else:
print "local >> ", len(data), binascii.b2a_hex(data)
pass
else:
httpmessagedone = self.httpMessageParse.appendData(data)
if self.httpMessageParse.headerOk() and httpmessagedone:
method = self.httpMessageParse.method()
path = self.httpMessageParse.path()
self.connectName = self.filenoStr() + " " + method + " " + path
if not path.startswith("http://") and method in [
"GET", "POST"
]:
path = path.split("?")
self.onHTTP(
self.httpMessageParse.headers, method, path[0],
path[1] if len(path) > 1 else "",
self.httpMessageParse.getBody()
if method == "POST" else "")
self.mode = "http"
else:
host = None
port = None
if path.find("status.dddproxy.com") > 0:
jsonMessage = self.httpMessageParse.getBody()
try:
jsonBody = json.loads(jsonMessage)
except:
jsonBody = {}
host = jsonBody["host"]
port = jsonBody["port"]
if self.setToProxyMode(host=host, port=port):
self.connectHost = parserUrlAddrPort(
"https://" +
path if method == "CONNECT" else path)[0]
analysis.incrementData(self.address[0],
domainAnalysisType.connect,
self.connectHost, 1)
