Exemplo n.º 1
0
 def render_GET(self, request):
     try:
         flows = HoneyProxy.getProxyMaster().getFlowCollection().getFlowsSerialized()
         return json.dumps(flows,separators=(',',':'),encoding='latin1')
     except Exception as e:
         print e
         return "<html><body>Invalid request.</body></html>"         
Exemplo n.º 2
0
 def read(data):
     f = HoneyProxy.getProxyMaster().getFlowCollection()
     if "id" in data and data["id"] != "all":
         self.factory.msg("read",{"id":data.get("id"), "data": f.getFlowsSerialized()[data.get("id")]},client=self)
     else:
         flows = f.getFlowsSerialized()
         self.factory.msg("read",{"id":"all","data": flows},client=self)
Exemplo n.º 3
0
 def render_GET(self, request):
     try:
         flows = HoneyProxy.getProxyMaster().getFlowCollection(
         ).getFlowsSerialized()
         return json.dumps(flows, separators=(',', ':'), encoding='latin1')
     except Exception as e:
         return ServerErrorResource(e).render(request)
Exemplo n.º 4
0
 def read(data):
     f = HoneyProxy.getProxyMaster().getFlowCollection()
     if "id" in data and data["id"] != "all":
         self.factory.msg("read", {
             "id": data.get("id"),
             "data": f.getFlowsSerialized()[data.get("id")]
         },
                          client=self)
     else:
         flows = f.getFlowsSerialized()
         self.factory.msg("read", {
             "id": "all",
             "data": flows
         },
                          client=self)
Exemplo n.º 5
0
    def render_GET(self, request):
        try:
            if(len(request.postpath) != 3):
                raise Exception("invalid parameter length")
            flow = HoneyProxy.getProxyMaster().getFlowCollection().getFlow(int(request.postpath[0]))
            isResponse = request.postpath[1] == "response"
            
            obj = getattr(flow,request.postpath[1])
            
            isView = request.postpath[2] == "inline"
            if (isResponse):
                #add important headers from original request
                headers = ["Content-Type","Content-Encoding"]
                for h in headers:
                    if(h in obj.headers):
                        request.setHeader(h,obj.headers.get(h)[0])
                
                #this would fail on 301 redirects
                #fix responsecode      
                #request.setResponseCode(obj.code)
                
            #fix content disposition for attachment download
            cdisp = obj.headers.get("Content-Disposition")
            if(cdisp == None):
                #do minimal file name guessing
                cdisp = 'inline; filename="'+flow.request.path.split("?")[0].split("/")[-1]+'"'
            else:
                cdisp = cdisp[0]
            if isView:
                request.setHeader("Content-Disposition",cdisp.replace("attachment", "inline"))
            else:
                request.setHeader("Content-Disposition",cdisp.replace("inline", "attachment"))

            return obj.content
        except Exception as e:
            print e
            return "<html><body>Invalid request.</body></html>"         
Exemplo n.º 6
0
 def __enter__(self):
     for flow in self.flows:
         for i in ["request","response"]:
             flow[i]["content"] = HoneyProxy.getProxyMaster().getFlowCollection().getDecodedContents()[flow.get("id")][i]
Exemplo n.º 7
0
    def render_GET(self, request):
        try:
            allFlows = HoneyProxy.getProxyMaster().getFlowCollection().getFlowsSerialized()
            
            #take care of the "in" parameter, only search through specified flows (or all if not specified)
            flows = []
            if("in" in request.args):
                for flowId in json.loads(request.args["in"][0]):
                    flows.append(allFlows[flowId])
            else:
                flows = list(allFlows)
            
            #prepare conditions
            conditions = json.loads(request.args["filter"][0])
            for cond in conditions:
                cond["field"] = cond["field"].split(".")
                cond["not"] = cond["not"] if "not" in cond else False
                if(cond["type"] == "regexp"):
                    prog = re.compile(cond["value"],re.DOTALL)
                    cond["match"] = lambda s: prog.search(s)
                elif(cond["type"] == "containsStrict"):
                    cond["match"] = lambda s: cond["value"] in s
                elif(cond["type"] == "similarTo"):
                    cond["field"] = []
                    flow, level = cond["value"].split(",")
                    flow = allFlows[int(flow)]
                    level = int(level)
                    cond["match"] = lambda s: similarTo(flow,s,level)
                else: #if(cond["type"] == "contains"):
                    value = cond["value"].lower()
                    cond["match"] = lambda s: value in s.lower()
            
            def similarTo(this,other,level):
                if(this == other):
                    return True #Include own flow.
                diff = ((this.get("request").get("host")               != other.get("request").get("host")) * 4 +
                        (this.get("request").get("method")             != other.get("request").get("method")) * 4 +
                        (this.get("request").get("path")               != other.get("request").get("path")) * 4 +
                        (this.get("request").get("contentLength")      != other.get("request").get("contentLength")) +
                        (this.get("response").get("code")              != other.get("response").get("code")) +
                        (this.get("response").get("contentLength")     != other.get("response").get("contentLength")))
                if(diff <= level):
                    return True
                else:
                    return False
            
            #helper function get an attribute recursively
            def rec_getattr(obj,attr):
                if(len(attr) == 0):
                    return obj
                else:
                    if type(obj) is dict:
                        obj = obj.get(attr[0])
                    else:
                        obj = getattr(obj,str(attr[0]))
                    return rec_getattr(obj,attr[1:])
            
            #helper function to determine whether the given condition matches any attribute
            def matchesAny(obj,cond):
                if type(obj) is list or type(obj) is tuple:
                    return any(matchesAny(v,cond) for v in obj)
                elif type(obj) is dict:
                    return any(matchesAny(v,cond) for v in obj.keys()+obj.values())
                else:
                    try:
                        if not type(obj) is str:
                            obj = str(obj)
                        return cond["match"](obj)
                    except:
                        import traceback
                        print traceback.format_exc()
                        return False
            
            #filter a specific flows for all conditions        
            def filterFunc(flow):
                for cond in conditions:
                    try:
                        if(cond["field"] == ["any"]):
                            if not matchesAny(flow,cond) ^ cond["not"]:
                                return False
                        else:
                            attr = rec_getattr(flow,cond["field"])
                            if not cond["match"](attr) ^ cond["not"]:
                                return False
                    except:
                        return False
                return True
            
            if("includeContent" in request.args and request.args["includeContent"][0].lower() == "true"):
                with includeDecodedContent(flows):
                    filteredFlows = filter(filterFunc,flows)
            else:
                filteredFlows = filter(filterFunc,flows)
            
            if(not("idsOnly" in request.args) or request.args["idsOnly"][0].lower() != "false"):
                filteredFlows = map(lambda flow: flow.get("id"), filteredFlows)

            return json.dumps(filteredFlows,separators=(',',':'),encoding='latin1')
        except Exception as e:
            return ServerErrorResource(e).render(request)
Exemplo n.º 8
0
 def render_GET(self, request):
     try:
         flows = HoneyProxy.getProxyMaster().getFlowCollection().getFlowsSerialized()
         return json.dumps(flows,separators=(',',':'),encoding='latin1')
     except Exception as e:
         return ServerErrorResource(e).render(request)
Exemplo n.º 9
0
 def __enter__(self):
     for flow in self.flows:
         for i in ["request", "response"]:
             flow[i]["content"] = HoneyProxy.getProxyMaster(
             ).getFlowCollection().getDecodedContents()[flow.get("id")][i]
Exemplo n.º 10
0
    def render_GET(self, request):
        try:
            allFlows = HoneyProxy.getProxyMaster().getFlowCollection(
            ).getFlowsSerialized()

            #take care of the "in" parameter, only search through specified flows (or all if not specified)
            flows = []
            if ("in" in request.args):
                for flowId in json.loads(request.args["in"][0]):
                    flows.append(allFlows[flowId])
            else:
                flows = list(allFlows)

            #prepare conditions
            conditions = json.loads(request.args["filter"][0])
            for cond in conditions:
                cond["field"] = cond["field"].split(".")
                cond["not"] = cond["not"] if "not" in cond else False
                if (cond["type"] == "regexp"):
                    prog = re.compile(cond["value"], re.DOTALL)
                    cond["match"] = lambda s: prog.search(s)
                elif (cond["type"] == "containsStrict"):
                    cond["match"] = lambda s: cond["value"] in s
                elif (cond["type"] == "similarTo"):
                    cond["field"] = []
                    flow, level = cond["value"].split(",")
                    flow = allFlows[int(flow)]
                    level = int(level)
                    cond["match"] = lambda s: similarTo(flow, s, level)
                else:  #if(cond["type"] == "contains"):
                    value = cond["value"].lower()
                    cond["match"] = lambda s: value in s.lower()

            def similarTo(this, other, level):
                if (this == other):
                    return True  #Include own flow.
                diff = ((this.get("request").get("host") !=
                         other.get("request").get("host")) * 4 +
                        (this.get("request").get("method") !=
                         other.get("request").get("method")) * 4 +
                        (this.get("request").get("path") !=
                         other.get("request").get("path")) * 4 +
                        (this.get("request").get("contentLength") !=
                         other.get("request").get("contentLength")) +
                        (this.get("response").get("code") !=
                         other.get("response").get("code")) +
                        (this.get("response").get("contentLength") !=
                         other.get("response").get("contentLength")))
                if (diff <= level):
                    return True
                else:
                    return False

            #helper function get an attribute recursively
            def rec_getattr(obj, attr):
                if (len(attr) == 0):
                    return obj
                else:
                    if type(obj) is dict:
                        obj = obj.get(attr[0])
                    else:
                        obj = getattr(obj, str(attr[0]))
                    return rec_getattr(obj, attr[1:])

            #helper function to determine whether the given condition matches any attribute
            def matchesAny(obj, cond):
                if type(obj) is list or type(obj) is tuple:
                    return any(matchesAny(v, cond) for v in obj)
                elif type(obj) is dict:
                    return any(
                        matchesAny(v, cond) for v in obj.keys() + obj.values())
                else:
                    try:
                        if not type(obj) is str:
                            obj = str(obj)
                        return cond["match"](obj)
                    except:
                        import traceback
                        print traceback.format_exc()
                        return False

            #filter a specific flows for all conditions
            def filterFunc(flow):
                for cond in conditions:
                    try:
                        if (cond["field"] == ["any"]):
                            if not matchesAny(flow, cond) ^ cond["not"]:
                                return False
                        else:
                            attr = rec_getattr(flow, cond["field"])
                            if not cond["match"](attr) ^ cond["not"]:
                                return False
                    except:
                        return False
                return True

            if ("includeContent" in request.args
                    and request.args["includeContent"][0].lower() == "true"):
                with includeDecodedContent(flows):
                    filteredFlows = filter(filterFunc, flows)
            else:
                filteredFlows = filter(filterFunc, flows)

            if (not ("idsOnly" in request.args)
                    or request.args["idsOnly"][0].lower() != "false"):
                filteredFlows = map(lambda flow: flow.get("id"), filteredFlows)

            return json.dumps(filteredFlows,
                              separators=(',', ':'),
                              encoding='latin1')
        except Exception as e:
            return ServerErrorResource(e).render(request)