def __init__(self, client_host, remote_host): self.parse_config = config.get_config() self.buf = StringIO() self.client_host = client_host self.remote_host = remote_host self.uri = "" self.req = "" self.req_headerdict = dict() self.req_head = "" self.req_body = "" self.res_body = "" self.orig_resp = "" self.orig_chunked_resp = "" self.res_headerdict = dict() self.res_head = "" self.res_num = "" self.res_type = "" self.redirect_to = "" self.host = "" self.referer = "" self.user_agent = "" self.filename = "" self.method = "" self.req_len = 0 self.res_len = 0 self.time = 0
def main(): parser = argparse.ArgumentParser() parser.add_argument("-l", "--listen", help="the IP of the interface which the proxy listened on") parser.add_argument("-p", "--port", type=int, help="the port of the interface which the proxy listened on") parser.add_argument("-6", "--ipv6", help="use ipv6", action="store_true") parser.add_argument("-v", "--verbosity", help="increase output verbosity(-vv is recommended)", action="count") parser.add_argument("-g", "--group", help="group http request/response by connection", action="store_true") parser.add_argument("-o", "--output", help="output to file instead of stdout") parser.add_argument("-e", "--encoding", help="decode the data use specified encodings.") parser.add_argument("-b", "--beauty", help="output json in a pretty way.", action="store_true") args = parser.parse_args() setting = {"IPv6": args.ipv6} if args.listen: setting["host"] = args.listen if args.port: setting["port"] = args.port if args.output: setting["output"] = args.output # output config parse_config = config.get_config() if args.verbosity: parse_config.level = args.verbosity if args.encoding: parse_config.encoding = args.encoding parse_config.pretty = args.beauty parse_config.group = args.group start_server(**setting)
def on_http_resp(self, resp_header, resp_body): """ :type resp_header: HttpResponseHeader :type resp_body: bytes """ if self.parse_config.level == OutputLevel.ONLY_URL: self._println(resp_header.status_line) elif self.parse_config.level == OutputLevel.HEADER: self._println(resp_header.raw_data) self._println() elif self.parse_config.level >= OutputLevel.TEXT_BODY: self._println(resp_header.raw_data) self._println() mime, charset = utils.parse_content_type(resp_header.content_type) # usually charset is not set in http post output_body = self._if_output(mime) if self.parse_config.encoding and not charset: charset = self.parse_config.encoding if not resp_header.gzip: # if is gzip by content magic header # someone missed the content-encoding header resp_header.gzip = utils.gzipped(resp_body) if output_body: self._print_body(resp_body, resp_header.gzip, mime, charset) self._println() if not config.get_config().group: self._do_output()
def main(): config.init() c = config.get_config() maps = {'http': handle_http, 'info': handle_info, 'tcp': handle_tcp} handle = maps.get(c.args.target) if handle: handle(c)
def main(): parser = argparse.ArgumentParser() parser.add_argument("infile", nargs='?', help="the pcap file to parse") parser.add_argument("-i", "--ip", help="only parse packages with specified source OR dest ip") parser.add_argument("-p", "--port", type=int, help="only parse packages with specified source OR dest port") parser.add_argument("-v", "--verbosity", help="increase output verbosity(-vv is recommended)", action="count") parser.add_argument("-g", "--group", help="group http request/response by connection", action="store_true") parser.add_argument("-o", "--output", help="output to file instead of stdout") parser.add_argument("-e", "--encoding", help="decode the data use specified encodings.") parser.add_argument("-b", "--beauty", help="output json in a pretty way.", action="store_true") parser.add_argument("-d", "--domain", help="filter http data by request domain") parser.add_argument("-u", "--uri", help="filter http data by request uri pattern") args = parser.parse_args() file_path = "-" if args.infile is None else args.infile _filter = config.get_filter() _filter.ip = args.ip _filter.port = args.port _filter.domain = args.domain _filter.uri_pattern = args.uri # deal with configs parse_config = config.get_config() if args.verbosity: parse_config.level = args.verbosity if args.encoding: parse_config.encoding = args.encoding parse_config.pretty = args.beauty parse_config.group = args.group if args.output: output_file = open(args.output, "w+") else: output_file = sys.stdout config.out = output_file conn_dict = OrderedDict() try: if file_path != '-': infile = io.open(file_path, "rb") else: infile = sys.stdin try: pcap_file(conn_dict, infile) finally: infile.close() finally: for conn in conn_dict.values(): conn.finish() if args.output: output_file.close()
def handle_http(c): def printheaders(headers): l = 0 for k in headers.keys(): if l < len(k): l = len(k) for k, v in headers.items(): utils.print(k.ljust(l)) utils.print(': ') utils.print(v) utils.print('\n') filter = config.get_filter() level = config.get_config().level for tcpcon in get_tcpconn(c.infile): if filter.index != None and tcpcon.index not in filter.index: continue if not (filter.by_con_tuple(tcpcon.con_tuple)): continue http = HttpParser(tcpcon) if not http.msgs: continue tcp = http.tcp tcp_msg = "\033[31;2m%s [%s:%d] -- -- --> [%s:%d]\033[0m\n" % \ (tcp.index, tcp.con_tuple[0], tcp.con_tuple[1], tcp.con_tuple[2], tcp.con_tuple[3]) utils.print(tcp_msg) if level == OutputLevel.ONLY_URL: for msg in http.msgs: if msg.is_request: utils.print(msg.reqline["method"] + ' ' + msg.URI()) utils.print('\n') else: for i, msg in enumerate(http.msgs): if msg.is_request and i != 0: utils.print('\033[31;2m') utils.print('-' * 80) utils.print('\033[0m') utils.print('\n') utils.print(''.join(msg.raw_headers)) utils.print('\n') if level == OutputLevel.ALL_BODY: utils.print(msg.body.getvalue())
def main(): parser = argparse.ArgumentParser() parser.add_argument( "-l", "--listen", help="the IP of the interface which the proxy listened on") parser.add_argument( "-p", "--port", type=int, help="the port of the interface which the proxy listened on") parser.add_argument("-6", "--ipv6", help="use ipv6", action="store_true") parser.add_argument("-v", "--verbosity", help="increase output verbosity(-vv is recommended)", action="count") parser.add_argument("-g", "--group", help="group http request/response by connection", action="store_true") parser.add_argument("-o", "--output", help="output to file instead of stdout") parser.add_argument("-e", "--encoding", help="decode the data use specified encodings.") parser.add_argument("-b", "--beauty", help="output json in a pretty way.", action="store_true") args = parser.parse_args() setting = {"IPv6": args.ipv6} if args.listen: setting["host"] = args.listen if args.port: setting["port"] = args.port if args.output: setting["output"] = args.output # output config parse_config = config.get_config() if args.verbosity: parse_config.level = args.verbosity if args.encoding: parse_config.encoding = args.encoding parse_config.pretty = args.beauty parse_config.group = args.group start_server(**setting)
def on_http_resp(self, resp_header, resp_body, orig_chunked_resp, header_dict): """ :type resp_header: HttpResponseHeader :type resp_body: bytes """ self.res_headerdict = header_dict if self.parse_config.level == OutputLevel.ONLY_URL: self._println(resp_header.status_line) elif self.parse_config.level == OutputLevel.HEADER: self._println(resp_header.raw_data) self._println() elif self.parse_config.level >= OutputLevel.TEXT_BODY: self._println(resp_header.raw_data) #self._println() self.res_head = resp_header.raw_data self.orig_chunked_resp = orig_chunked_resp self.res_type = resp_header.content_type self.res_len = resp_header.content_len self.res_num = resp_header.status_line[resp_header.status_line. find(' ') + 1:] self.redirect_to = resp_header.redirect_to self.filename = resp_header.filename mime, charset = utils.parse_content_type(resp_header.content_type) # usually charset is not set in http post output_body = self._if_output(mime) if self.parse_config.encoding and not charset: charset = self.parse_config.encoding if resp_header.compress == Compress.IDENTITY: # if is gzip by content magic header # someone missed the content-encoding header if utils.gzipped(resp_body): resp_header.compress = Compress.GZIP if output_body: self._print_body(resp_body, resp_header.compress, mime, charset) #self._println() self.orig_resp = resp_body if self.res_body == b"": self.res_body = resp_body if (self.res_body is not None) and (len(self.res_body) > 0) and (self.res_len == 0): self.res_len = len(self.res_body) if not config.get_config().group: self._do_output()
def __init__(self, client_host, remote_host): self.parse_config = config.get_config() self.buf = StringIO() self.client_host = client_host self.remote_host = remote_host self.uri = "" self.req_head = "" self.res_body = "" self.orig_resp = "" self.res_head = "" self.res_num = "" self.res_type = "" self.host = "" self.referer = "" self.filename = "" self.res_len = ""
def on_http_resp(self, resp_header, resp_body, orig_chunked_resp, header_dict): """ :type resp_header: HttpResponseHeader :type resp_body: bytes """ self.res_headerdict = header_dict if self.parse_config.level == OutputLevel.ONLY_URL: self._println(resp_header.status_line) elif self.parse_config.level == OutputLevel.HEADER: self._println(resp_header.raw_data) self._println() elif self.parse_config.level >= OutputLevel.TEXT_BODY: self._println(resp_header.raw_data) #self._println() self.res_head = resp_header.raw_data self.orig_chunked_resp = orig_chunked_resp self.res_type = resp_header.content_type self.res_len = resp_header.content_len self.res_num = resp_header.status_line[resp_header.status_line.find(' ') + 1:] self.redirect_to = resp_header.redirect_to self.filename = resp_header.filename mime, charset = utils.parse_content_type(resp_header.content_type) # usually charset is not set in http post output_body = self._if_output(mime) if self.parse_config.encoding and not charset: charset = self.parse_config.encoding if resp_header.compress == Compress.IDENTITY: # if is gzip by content magic header # someone missed the content-encoding header if utils.gzipped(resp_body): resp_header.compress = Compress.GZIP if output_body: self._print_body(resp_body, resp_header.compress, mime, charset) #self._println() self.orig_resp = resp_body if self.res_body == b"": self.res_body = resp_body if (self.res_body is not None) and (len(self.res_body) > 0) and (self.res_len == 0): self.res_len = len(self.res_body) if not config.get_config().group: self._do_output()
def main(): parser = argparse.ArgumentParser() parser.add_argument("infile", nargs='?', help="the pcap file to parse") parser.add_argument( "-i", "--ip", help="only parse packages with specified source OR dest ip") parser.add_argument( "-p", "--port", type=int, help="only parse packages with specified source OR dest port") parser.add_argument("-v", "--verbosity", help="increase output verbosity(-vv is recommended)", action="count") parser.add_argument("-g", "--group", help="group http request/response by connection", action="store_true") parser.add_argument("-o", "--output", help="output to file instead of stdout") parser.add_argument("-e", "--encoding", help="decode the data use specified encodings.") parser.add_argument("-b", "--beauty", help="output json in a pretty way.", action="store_true") parser.add_argument("-d", "--domain", help="filter http data by request domain") parser.add_argument("-u", "--uri", help="filter http data by request uri pattern") args = parser.parse_args() file_path = "-" if args.infile is None else args.infile _filter = config.get_filter() _filter.ip = args.ip _filter.port = args.port _filter.domain = args.domain _filter.uri_pattern = args.uri # deal with configs parse_config = config.get_config() if args.verbosity: parse_config.level = args.verbosity if args.encoding: parse_config.encoding = args.encoding parse_config.pretty = args.beauty parse_config.group = args.group if args.output: output_file = open(args.output, "w+") else: output_file = sys.stdout config.out = output_file try: if file_path != '-': infile = io.open(file_path, "rb") else: infile = sys.stdin try: parse_pcap_file(infile) finally: infile.close() finally: if args.output: output_file.close()
def __init__(self, client_host, remote_host): self.parse_config = config.get_config() self.buf = StringIO() self.client_host = client_host self.remote_host = remote_host