def http_start():
port = REVERSE_HTTP_PORT
server_address = (REVERSE_HTTP_IP, port)
httpd = HTTPServer(server_address, testHTTPServer_RequestHandler)
rlog.info('Running Server... visited http://{}:{}'.format(
REVERSE_HTTP_IP, REVERSE_HTTP_PORT))
httpd.serve_forever()
def rmi_start():
max_conn = 200
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
ip_port = (REVERSE_RMI_IP, int(REVERSE_RMI_PORT))
sock.bind(ip_port)
sock.listen(max_conn)
rlog.info("RMI listen rmi://{}:{}".format(REVERSE_RMI_IP,
REVERSE_RMI_PORT))
while True:
client, address = sock.accept()
thread = threading.Thread(target=rmi_response, args=(client, address))
thread.setDaemon(True)
thread.start()
def reverse_main():
th = []
for func in [http_start, rmi_start, dns_start]:
thread = threading.Thread(target=func)
thread.setDaemon(True)
thread.start()
th.append(thread)
time.sleep(0.5)
try:
while True:
time.sleep(1.5)
except KeyboardInterrupt:
rlog.info("User KeyboardInterrupt")
finally:
pass
def do_GET(self):
querypath = urlparse(self.path)
path, query = querypath.path.lstrip('/'), querypath.query
client_ip = self.client_address[0]
content = b"ok"
if not path:
return self.output(b'faild')
if self.path.startswith("/_/search"):
querys = query.split("=")
if len(querys) != 2:
return self.output(b"faild")
# 寻找接口
query = querys[1]
result = []
reverse_lock.acquire()
for item in reverse_records:
item_query = item["query"]
if query in item_query or query == 'all':
result.append(item)
if result:
rlog.info("interface result:{}".format(json.dumps(result)))
reverse_lock.release()
return self.output(json.dumps(result).encode())
# insert
res = {
"type": "http",
"client": client_ip,
"query": self.path,
"info": path,
"time": time.strftime('%Y-%m-%d %H:%M:%S',
time.localtime(time.time()))
}
reverse_lock.acquire()
reverse_records.append(res)
rlog.info("http insert {}".format(json.dumps(res)))
reverse_lock.release()
return self.output(content)
def rmi_response(client, address):
try:
client.settimeout(30)
buf = client.recv(1024)
if b"\x4a\x52\x4d\x49" in buf:
send_data = b"\x4e"
send_data += struct.pack(">h", len(address[0]))
send_data += address[0].encode()
send_data += b"\x00\x00"
send_data += struct.pack(">H", address[1])
client.send(send_data)
total = 3 # 防止socket的recv接收数据不完整
buf1 = b""
while total:
buf1 += client.recv(512)
if len(buf1) > 50:
break
if buf1:
path = bytearray(buf1).split(b"\xdf\x74")[-1][2:].decode(
errors="ignore")
rlog.info("client:{} send path:{}".format(address, path))
res = {}
res["type"] = "dns"
res["client"] = address[0]
res["query"] = path
res["info"] = decode_rmi(path)
res["time"] = time.strftime('%Y-%m-%d %H:%M:%S',
time.localtime(time.time()))
rlog.info("Insert to db:" + str(res))
# insert_db(res)
reverse_lock.acquire()
reverse_records.append(res)
reverse_lock.release()
except Exception as ex:
rlog.warning('Run rmi error:{} address:{}'.format(ex, address))
finally:
client.close()
def start(self):
host, port = "0.0.0.0", self.port
rlog.info("Dns Server listion {}:{}".format(host, port))
dns_udp_server = SocketServer.UDPServer((host, port),
DnsRequestHandler)
dns_udp_server.serve_forever()