def render_GET(self, request):
try:
flows = HoneyProxy.getProxyMaster().getFlowCollection().getFlowsSerialized()
return json.dumps(flows,separators=(',',':'),encoding='latin1')
except Exception as e:
print e
return "<html><body>Invalid request.</body></html>"
def read(data):
f = HoneyProxy.getProxyMaster().getFlowCollection()
if "id" in data and data["id"] != "all":
self.factory.msg("read",{"id":data.get("id"), "data": f.getFlowsSerialized()[data.get("id")]},client=self)
else:
flows = f.getFlowsSerialized()
self.factory.msg("read",{"id":"all","data": flows},client=self)
def render_GET(self, request):
try:
flows = HoneyProxy.getProxyMaster().getFlowCollection(
).getFlowsSerialized()
return json.dumps(flows, separators=(',', ':'), encoding='latin1')
except Exception as e:
return ServerErrorResource(e).render(request)
def read(data):
f = HoneyProxy.getProxyMaster().getFlowCollection()
if "id" in data and data["id"] != "all":
self.factory.msg("read", {
"id": data.get("id"),
"data": f.getFlowsSerialized()[data.get("id")]
},
client=self)
else:
flows = f.getFlowsSerialized()
self.factory.msg("read", {
"id": "all",
"data": flows
},
client=self)
def render_GET(self, request):
try:
if(len(request.postpath) != 3):
raise Exception("invalid parameter length")
flow = HoneyProxy.getProxyMaster().getFlowCollection().getFlow(int(request.postpath[0]))
isResponse = request.postpath[1] == "response"
obj = getattr(flow,request.postpath[1])
isView = request.postpath[2] == "inline"
if (isResponse):
#add important headers from original request
headers = ["Content-Type","Content-Encoding"]
for h in headers:
if(h in obj.headers):
request.setHeader(h,obj.headers.get(h)[0])
#this would fail on 301 redirects
#fix responsecode
#request.setResponseCode(obj.code)
#fix content disposition for attachment download
cdisp = obj.headers.get("Content-Disposition")
if(cdisp == None):
#do minimal file name guessing
cdisp = 'inline; filename="'+flow.request.path.split("?")[0].split("/")[-1]+'"'
else:
cdisp = cdisp[0]
if isView:
request.setHeader("Content-Disposition",cdisp.replace("attachment", "inline"))
else:
request.setHeader("Content-Disposition",cdisp.replace("inline", "attachment"))
return obj.content
except Exception as e:
print e
return "<html><body>Invalid request.</body></html>"
def __enter__(self):
for flow in self.flows:
for i in ["request","response"]:
flow[i]["content"] = HoneyProxy.getProxyMaster().getFlowCollection().getDecodedContents()[flow.get("id")][i]
def render_GET(self, request):
try:
allFlows = HoneyProxy.getProxyMaster().getFlowCollection().getFlowsSerialized()
#take care of the "in" parameter, only search through specified flows (or all if not specified)
flows = []
if("in" in request.args):
for flowId in json.loads(request.args["in"][0]):
flows.append(allFlows[flowId])
else:
flows = list(allFlows)
#prepare conditions
conditions = json.loads(request.args["filter"][0])
for cond in conditions:
cond["field"] = cond["field"].split(".")
cond["not"] = cond["not"] if "not" in cond else False
if(cond["type"] == "regexp"):
prog = re.compile(cond["value"],re.DOTALL)
cond["match"] = lambda s: prog.search(s)
elif(cond["type"] == "containsStrict"):
cond["match"] = lambda s: cond["value"] in s
elif(cond["type"] == "similarTo"):
cond["field"] = []
flow, level = cond["value"].split(",")
flow = allFlows[int(flow)]
level = int(level)
cond["match"] = lambda s: similarTo(flow,s,level)
else: #if(cond["type"] == "contains"):
value = cond["value"].lower()
cond["match"] = lambda s: value in s.lower()
def similarTo(this,other,level):
if(this == other):
return True #Include own flow.
diff = ((this.get("request").get("host") != other.get("request").get("host")) * 4 +
(this.get("request").get("method") != other.get("request").get("method")) * 4 +
(this.get("request").get("path") != other.get("request").get("path")) * 4 +
(this.get("request").get("contentLength") != other.get("request").get("contentLength")) +
(this.get("response").get("code") != other.get("response").get("code")) +
(this.get("response").get("contentLength") != other.get("response").get("contentLength")))
if(diff <= level):
return True
else:
return False
#helper function get an attribute recursively
def rec_getattr(obj,attr):
if(len(attr) == 0):
return obj
else:
if type(obj) is dict:
obj = obj.get(attr[0])
else:
obj = getattr(obj,str(attr[0]))
return rec_getattr(obj,attr[1:])
#helper function to determine whether the given condition matches any attribute
def matchesAny(obj,cond):
if type(obj) is list or type(obj) is tuple:
return any(matchesAny(v,cond) for v in obj)
elif type(obj) is dict:
return any(matchesAny(v,cond) for v in obj.keys()+obj.values())
else:
try:
if not type(obj) is str:
obj = str(obj)
return cond["match"](obj)
except:
import traceback
print traceback.format_exc()
return False
#filter a specific flows for all conditions
def filterFunc(flow):
for cond in conditions:
try:
if(cond["field"] == ["any"]):
if not matchesAny(flow,cond) ^ cond["not"]:
return False
else:
attr = rec_getattr(flow,cond["field"])
if not cond["match"](attr) ^ cond["not"]:
return False
except:
return False
return True
if("includeContent" in request.args and request.args["includeContent"][0].lower() == "true"):
with includeDecodedContent(flows):
filteredFlows = filter(filterFunc,flows)
else:
filteredFlows = filter(filterFunc,flows)
if(not("idsOnly" in request.args) or request.args["idsOnly"][0].lower() != "false"):
filteredFlows = map(lambda flow: flow.get("id"), filteredFlows)
return json.dumps(filteredFlows,separators=(',',':'),encoding='latin1')
except Exception as e:
return ServerErrorResource(e).render(request)
def render_GET(self, request):
try:
flows = HoneyProxy.getProxyMaster().getFlowCollection().getFlowsSerialized()
return json.dumps(flows,separators=(',',':'),encoding='latin1')
except Exception as e:
return ServerErrorResource(e).render(request)
def __enter__(self):
for flow in self.flows:
for i in ["request", "response"]:
flow[i]["content"] = HoneyProxy.getProxyMaster(
).getFlowCollection().getDecodedContents()[flow.get("id")][i]
def render_GET(self, request):
try:
allFlows = HoneyProxy.getProxyMaster().getFlowCollection(
).getFlowsSerialized()
#take care of the "in" parameter, only search through specified flows (or all if not specified)
flows = []
if ("in" in request.args):
for flowId in json.loads(request.args["in"][0]):
flows.append(allFlows[flowId])
else:
flows = list(allFlows)
#prepare conditions
conditions = json.loads(request.args["filter"][0])
for cond in conditions:
cond["field"] = cond["field"].split(".")
cond["not"] = cond["not"] if "not" in cond else False
if (cond["type"] == "regexp"):
prog = re.compile(cond["value"], re.DOTALL)
cond["match"] = lambda s: prog.search(s)
elif (cond["type"] == "containsStrict"):
cond["match"] = lambda s: cond["value"] in s
elif (cond["type"] == "similarTo"):
cond["field"] = []
flow, level = cond["value"].split(",")
flow = allFlows[int(flow)]
level = int(level)
cond["match"] = lambda s: similarTo(flow, s, level)
else: #if(cond["type"] == "contains"):
value = cond["value"].lower()
cond["match"] = lambda s: value in s.lower()
def similarTo(this, other, level):
if (this == other):
return True #Include own flow.
diff = ((this.get("request").get("host") !=
other.get("request").get("host")) * 4 +
(this.get("request").get("method") !=
other.get("request").get("method")) * 4 +
(this.get("request").get("path") !=
other.get("request").get("path")) * 4 +
(this.get("request").get("contentLength") !=
other.get("request").get("contentLength")) +
(this.get("response").get("code") !=
other.get("response").get("code")) +
(this.get("response").get("contentLength") !=
other.get("response").get("contentLength")))
if (diff <= level):
return True
else:
return False
#helper function get an attribute recursively
def rec_getattr(obj, attr):
if (len(attr) == 0):
return obj
else:
if type(obj) is dict:
obj = obj.get(attr[0])
else:
obj = getattr(obj, str(attr[0]))
return rec_getattr(obj, attr[1:])
#helper function to determine whether the given condition matches any attribute
def matchesAny(obj, cond):
if type(obj) is list or type(obj) is tuple:
return any(matchesAny(v, cond) for v in obj)
elif type(obj) is dict:
return any(
matchesAny(v, cond) for v in obj.keys() + obj.values())
else:
try:
if not type(obj) is str:
obj = str(obj)
return cond["match"](obj)
except:
import traceback
print traceback.format_exc()
return False
#filter a specific flows for all conditions
def filterFunc(flow):
for cond in conditions:
try:
if (cond["field"] == ["any"]):
if not matchesAny(flow, cond) ^ cond["not"]:
return False
else:
attr = rec_getattr(flow, cond["field"])
if not cond["match"](attr) ^ cond["not"]:
return False
except:
return False
return True
if ("includeContent" in request.args
and request.args["includeContent"][0].lower() == "true"):
with includeDecodedContent(flows):
filteredFlows = filter(filterFunc, flows)
else:
filteredFlows = filter(filterFunc, flows)
if (not ("idsOnly" in request.args)
or request.args["idsOnly"][0].lower() != "false"):
filteredFlows = map(lambda flow: flow.get("id"), filteredFlows)
return json.dumps(filteredFlows,
separators=(',', ':'),
encoding='latin1')
except Exception as e:
return ServerErrorResource(e).render(request)
