class HttpRequestHandler():
def __init__(self,
meta,
run_args,
snare_uuid,
debug=False,
keep_alive=75,
**kwargs):
self.run_args = run_args
self.dir = '/opt/snare/pages/{}'.format(run_args.page_dir)
self.meta = meta
self.snare_uuid = snare_uuid
self.logger = logging.getLogger(__name__)
self.sroute = StaticRoute(name=None, prefix='/', directory=self.dir)
self.tanner_handler = TannerHandler(run_args, meta, snare_uuid)
async def submit_slurp(self, data):
try:
async with aiohttp.ClientSession(connector=aiohttp.TCPConnector(
verify_ssl=False)) as session:
r = await session.post(
'https://{0}:8080/api?auth={1}&chan=snare_test&msg={2}'.
format(self.run_args.slurp_host, self.run_args.slurp_auth,
data),
data=json.dumps(data),
timeout=10.0)
assert r.status == 200
r.close()
except Exception as e:
self.logger.error('Error submitting slurp: %s', e)
async def handle_request(self, request):
self.logger.info('Request path: {0}'.format(request.path_qs))
data = self.tanner_handler.create_data(request, 200)
if request.method == 'POST':
post_data = await request.post()
self.logger.info('POST data:')
for key, val in post_data.items():
self.logger.info('\t- {0}: {1}'.format(key, val))
data['post_data'] = dict(post_data)
# Submit the event to the TANNER service
event_result = await self.tanner_handler.submit_data(data)
# Log the event to slurp service if enabled
if self.run_args.slurp_enabled:
await self.submit_slurp(request.path_qs)
content, content_type, headers, status_code = await self.tanner_handler.parse_tanner_response(
request.path_qs, event_result['response']['message']['detection'])
response_headers = multidict.CIMultiDict()
for name, val in headers.items():
response_headers.add(name, val)
response_headers.add('Server', self.run_args.server_header)
if 'cookies' in data and 'sess_uuid' in data['cookies']:
previous_sess_uuid = data['cookies']['sess_uuid']
else:
previous_sess_uuid = None
if event_result is not None and (
'sess_uuid' in event_result['response']['message']):
cur_sess_id = event_result['response']['message']['sess_uuid']
if previous_sess_uuid is None or not previous_sess_uuid.strip(
) or previous_sess_uuid != cur_sess_id:
response_headers.add('Set-Cookie', 'sess_uuid=' + cur_sess_id)
if not content_type:
response_content_type = 'text/plain'
else:
response_content_type = content_type
response = web.Response(body=content,
status=status_code,
headers=response_headers,
content_type=response_content_type)
return response
async def start(self):
app = web.Application()
app.add_routes([web.route('*', '/{tail:.*}', self.handle_request)])
aiohttp_jinja2.setup(app, loader=jinja2.FileSystemLoader(self.dir))
middleware = SnareMiddleware(self.meta['/status_404']['hash'],
self.run_args.server_header)
middleware.setup_middlewares(app)
self.runner = web.AppRunner(app)
await self.runner.setup()
site = web.TCPSite(self.runner, self.run_args.host_ip,
self.run_args.port)
await site.start()
names = sorted(str(s.name) for s in self.runner.sites)
print("======== Running on {} ========\n"
"(Press CTRL+C to quit)".format(', '.join(names)))
async def stop(self):
await self.runner.cleanup()
class TestCreateData(unittest.TestCase):
def setUp(self):
meta = {}
run_args = argparse.ArgumentParser()
run_args.add_argument("--tanner")
run_args.add_argument("--page-dir")
self.main_page_path = generate_unique_path()
os.makedirs(self.main_page_path)
page_dir = self.main_page_path.rsplit("/")[-1]
args = run_args.parse_args(["--page-dir", page_dir])
args_dict = vars(args)
args_dict["full_page_path"] = self.main_page_path
snare_uuid = "9c10172f-7ce2-4fb4-b1c6-abc70141db56".encode("utf-8")
args.no_dorks = True
self.handler = TannerHandler(args, meta, snare_uuid)
headers = {
"Host": "test_host",
"status": 200,
"Cookie": "sess_uuid=prev_test_uuid; test_cookie=test",
}
message = RawRequestMessage(
method="POST",
path="/",
version=HttpVersion(major=1, minor=1),
headers=headers,
raw_headers=None,
should_close=None,
compression=None,
upgrade=None,
chunked=None,
url=URL("http://test_url/"),
)
loop = asyncio.get_event_loop()
RequestHandler = Mock()
protocol = RequestHandler()
self.request = web.Request(
message=message,
payload=None,
protocol=protocol,
payload_writer=None,
task="POST",
loop=loop,
)
self.request.transport.get_extra_info = Mock(return_value=(["test_ip", "test_port"]))
self.response_status = "test_status"
self.data = None
self.expected_data = {
"method": "POST",
"path": "http://test_url/",
"headers": {
"Host": "test_host",
"status": 200,
"Cookie": "sess_uuid=prev_test_uuid; test_cookie=test",
},
"uuid": "9c10172f-7ce2-4fb4-b1c6-abc70141db56",
"peer": {"ip": "test_ip", "port": "test_port"},
"status": "test_status",
"cookies": {"sess_uuid": "prev_test_uuid", " test_cookie": "test"},
}
def test_create_data(self):
self.data = self.handler.create_data(self.request, self.response_status)
self.assertEqual(self.data, self.expected_data)
def tearDown(self):
shutil.rmtree(self.main_page_path)
class TestCreateData(unittest.TestCase):
def setUp(self):
meta = {}
run_args = argparse.ArgumentParser()
run_args.add_argument("--tanner")
run_args.add_argument("--page-dir")
self.main_page_path = generate_unique_path()
os.makedirs(self.main_page_path)
page_dir = self.main_page_path.rsplit('/')[-1]
args = run_args.parse_args(['--page-dir', page_dir])
args_dict = vars(args)
args_dict['full_page_path'] = self.main_page_path
snare_uuid = '9c10172f-7ce2-4fb4-b1c6-abc70141db56'.encode('utf-8')
args.no_dorks = True
self.handler = TannerHandler(args, meta, snare_uuid)
headers = {
'Host': 'test_host',
'status': 200,
'Cookie': 'sess_uuid=prev_test_uuid; test_cookie=test'
}
message = RawRequestMessage(method='POST',
path='/',
version=HttpVersion(major=1, minor=1),
headers=headers,
raw_headers=None,
should_close=None,
compression=None,
upgrade=None,
chunked=None,
url=URL('http://test_url/'))
loop = asyncio.get_event_loop()
RequestHandler = Mock()
protocol = RequestHandler()
self.request = web.Request(message=message,
payload=None,
protocol=protocol,
payload_writer=None,
task='POST',
loop=loop)
self.request.transport.get_extra_info = Mock(
return_value=(['test_ip', 'test_port']))
self.response_status = "test_status"
self.data = None
self.expected_data = {
'method': 'POST',
'path': 'http://test_url/',
'headers': {
'Host': 'test_host',
'status': 200,
'Cookie': 'sess_uuid=prev_test_uuid; test_cookie=test'
},
'uuid': '9c10172f-7ce2-4fb4-b1c6-abc70141db56',
'peer': {
'ip': 'test_ip',
'port': 'test_port'
},
'status': 'test_status',
'cookies': {
'sess_uuid': 'prev_test_uuid',
' test_cookie': 'test'
}
}
def test_create_data(self):
self.data = self.handler.create_data(self.request,
self.response_status)
self.assertEqual(self.data, self.expected_data)
def tearDown(self):
shutil.rmtree(self.main_page_path)
class HttpRequestHandler:
def __init__(self, meta, run_args, snare_uuid, debug=False, keep_alive=75, **kwargs):
self.run_args = run_args
self.dir = run_args.full_page_path
self.meta = meta
self.snare_uuid = snare_uuid
self.logger = logging.getLogger(__name__)
self.sroute = StaticRoute(name=None, prefix="/", directory=self.dir)
self.tanner_handler = TannerHandler(run_args, meta, snare_uuid)
async def submit_slurp(self, data):
try:
async with aiohttp.ClientSession(connector=aiohttp.TCPConnector(verify_ssl=False)) as session:
r = await session.post(
"https://{0}:8080/api?auth={1}&chan=snare_test&msg={2}".format(
self.run_args.slurp_host, self.run_args.slurp_auth, data
),
json=data,
timeout=10.0,
)
assert r.status == 200
r.close()
except Exception as e:
self.logger.error("Error submitting slurp: %s", e)
async def handle_request(self, request):
self.logger.info("Request path: {0}".format(request.path_qs))
data = self.tanner_handler.create_data(request, 200)
if request.method == "POST":
post_data = await request.post()
self.logger.info("POST data:")
for key, val in post_data.items():
self.logger.info("\t- {0}: {1}".format(key, val))
data["post_data"] = dict(post_data)
# Submit the event to the TANNER service
event_result = await self.tanner_handler.submit_data(data)
# Log the event to slurp service if enabled
if self.run_args.slurp_enabled:
await self.submit_slurp(request.path_qs)
content, headers, status_code = await self.tanner_handler.parse_tanner_response(
request.path_qs, event_result["response"]["message"]["detection"]
)
if self.run_args.server_header:
headers["Server"] = self.run_args.server_header
if "cookies" in data and "sess_uuid" in data["cookies"]:
previous_sess_uuid = data["cookies"]["sess_uuid"]
else:
previous_sess_uuid = None
if event_result is not None and "sess_uuid" in event_result["response"]["message"]:
cur_sess_id = event_result["response"]["message"]["sess_uuid"]
if previous_sess_uuid is None or not previous_sess_uuid.strip() or previous_sess_uuid != cur_sess_id:
headers.add("Set-Cookie", "sess_uuid=" + cur_sess_id)
return web.Response(body=content, status=status_code, headers=headers)
async def start(self):
app = web.Application()
app.add_routes([web.route("*", "/{tail:.*}", self.handle_request)])
aiohttp_jinja2.setup(app, loader=jinja2.FileSystemLoader(self.dir))
middleware = SnareMiddleware(
error_404=self.meta["/status_404"].get("hash"),
headers=self.meta["/status_404"].get("headers", []),
server_header=self.run_args.server_header,
)
middleware.setup_middlewares(app)
self.runner = web.AppRunner(app)
await self.runner.setup()
site = web.TCPSite(self.runner, self.run_args.host_ip, self.run_args.port)
await site.start()
names = sorted(str(s.name) for s in self.runner.sites)
print("======== Running on {} ========\n" "(Press CTRL+C to quit)".format(", ".join(names)))
async def stop(self):
await self.runner.cleanup()
class HttpRequestHandler():
def __init__(self, meta, run_args, snare_uuid, debug=False, keep_alive=75, **kwargs):
self.run_args = run_args
self.dir = '/opt/snare/pages/{}'.format(run_args.page_dir)
self.meta = meta
self.snare_uuid = snare_uuid
self.logger = logging.getLogger(__name__)
self.sroute = StaticRoute(
name=None, prefix='/',
directory=self.dir
)
self.tanner_handler = TannerHandler(run_args, meta, snare_uuid)
async def submit_slurp(self, data):
try:
async with aiohttp.ClientSession(connector=aiohttp.TCPConnector(verify_ssl=False)) as session:
r = await session.post(
'https://{0}:8080/api?auth={1}&chan=snare_test&msg={2}'.format(
self.run_args.slurp_host, self.run_args.slurp_auth, data
), data=json.dumps(data), timeout=10.0
)
assert r.status == 200
r.close()
except Exception as e:
self.logger.error('Error submitting slurp: %s', e)
async def handle_request(self, request):
self.logger.info('Request path: {0}'.format(request.path_qs))
data = self.tanner_handler.create_data(request, 200)
if request.method == 'POST':
post_data = await request.post()
self.logger.info('POST data:')
for key, val in post_data.items():
self.logger.info('\t- {0}: {1}'.format(key, val))
data['post_data'] = dict(post_data)
# Submit the event to the TANNER service
event_result = await self.tanner_handler.submit_data(data)
# Log the event to slurp service if enabled
if self.run_args.slurp_enabled:
await self.submit_slurp(request.path_qs)
content, content_type, headers, status_code = await self.tanner_handler.parse_tanner_response(
request.path_qs, event_result['response']['message']['detection'])
response_headers = multidict.CIMultiDict()
for name, val in headers.items():
response_headers.add(name, val)
response_headers.add('Server', self.run_args.server_header)
if 'cookies' in data and 'sess_uuid' in data['cookies']:
previous_sess_uuid = data['cookies']['sess_uuid']
else:
previous_sess_uuid = None
if event_result is not None and ('sess_uuid' in event_result['response']['message']):
cur_sess_id = event_result['response']['message']['sess_uuid']
if previous_sess_uuid is None or not previous_sess_uuid.strip() or previous_sess_uuid != cur_sess_id:
response_headers.add('Set-Cookie', 'sess_uuid=' + cur_sess_id)
if not content_type:
response_content_type = 'text/plain'
else:
response_content_type = content_type
response = web.Response(
body=content, status=status_code, headers=response_headers, content_type=response_content_type
)
return response
async def start(self):
app = web.Application()
app.add_routes([web.route('*', '/{tail:.*}', self.handle_request)])
aiohttp_jinja2.setup(
app, loader=jinja2.FileSystemLoader(self.dir)
)
middleware = SnareMiddleware(
self.meta['/status_404']['hash'],
self.run_args.server_header
)
middleware.setup_middlewares(app)
self.runner = web.AppRunner(app)
await self.runner.setup()
site = web.TCPSite(self.runner, self.run_args.host_ip, self.run_args.port)
await site.start()
names = sorted(str(s.name) for s in self.runner.sites)
print("======== Running on {} ========\n"
"(Press CTRL+C to quit)".format(', '.join(names)))
async def stop(self):
await self.runner.cleanup()
