def wrapped_recv(s: ssl.SSLSocket, sf: BinaryIO) -> bytes:
if timeout is None:
return s.recv(1024)
else:
s.setblocking(False)
s.settimeout(timeout)
try:
return s.recv(1024)
except (socket.timeout, ssl.SSLError, ssl.SSLWantReadError):
return None
finally:
s.setblocking(True)
def pack_sendrecv(sock: ssl.SSLSocket, data: dict, id: int) -> dict:
"""
Pack a dictionary into a msgpack object, and send it through a socket.
This then returns the response.
:param sock: The socket to send through.
:param data: The data to send.
This will automatically have the butterfly header attached.
:param id: The ID of the packet to send.
:return: The data returned by the server.
"""
# Add header.
new_data = {"id": id, "version": 1, "data": data}
# Pack data.
packed = msgpack.packb(new_data, use_bin_type=True)
# Write data.
sock.write(packed)
# Read data.
try:
recvdata = sock.recv()
except socket.timeout:
logger.error("Connection to server timed out.")
return None
# Unpack data.
try:
unpacked = msgpack.unpackb(recvdata, encoding="utf-8")
return unpacked
except (msgpack.UnpackException, ValueError) as e:
logger.error("Could not unpack message: {}".format(e))
return None
def _receive_response(
secure_socket: ssl.SSLSocket,
) -> Tuple[HeaderLine, Optional[bytes]]:
line = secure_socket.recv(1029)
header, remaining = _parse_header(line)
if header.category == constants.Category.SUCCESS:
# Get response body.
body = remaining
next_payload = secure_socket.recv(4096)
while len(next_payload) > 0:
body += next_payload
next_payload = secure_socket.recv(4096)
return header, body
return header, None
def _read_http_response_line(sock: ssl.SSLSocket) -> str:
cs = []
while True:
c: str = sock.recv(1).decode("utf-8")
if c == "\r":
break
if c != "\n":
cs.append(c)
return "".join(cs)
def _read_message(sock: ssl.SSLSocket):
response_len = struct.unpack(">Q", sock.read(8))
raw = bytearray()
total_recv = 0
while total_recv < response_len[0]:
data = sock.recv()
total_recv += len(data)
raw += data
response = json.loads(raw)
return response
def recv_ssl_msg_timeout(sock: ssl.SSLSocket, delimiter=b'\n', timeout=2):
if sock not in socket_buffer_dict.keys():
socket_buffer_dict[sock] = bytearray()
buff = socket_buffer_dict[sock]
last = time.time()
received = False
sock.setblocking(False)
sock.settimeout(timeout)
while True:
available = select.select([sock], [], [], timeout / 25)
data = None
if available[0]:
data = bytearray()
subdata = sock.recv()
while subdata:
data.extend(subdata)
try:
subdata = sock.recv()
except socket.timeout:
subdata = None
if not data:
if (time.time() - last > timeout):
break
continue
last = time.time()
buff.extend(data)
if delimiter in buff:
received = True
break
sock.setblocking(True)
if not received:
raise TimeoutError
pos = buff.index(delimiter)
res = buff[0:pos]
del buff[0:pos + 1]
return base64.standard_b64decode(res)
def nc_read_msg(conn: ssl.SSLSocket):
buf = ''
while True:
data = conn.recv(4096)
if data:
buf += data.decode(encoding="utf-8")
if buf.endswith(MSG_DELIM):
break
else:
break
return buf
def recv_ssl_msg(sock: ssl.SSLSocket, delimiter=b'\n'):
if sock not in socket_buffer_dict.keys():
socket_buffer_dict[sock] = bytearray() #('', 'UTF-8')
buff = socket_buffer_dict[sock]
while True:
data = sock.recv()
buff.extend(data)
if not data:
time.sleep(0.1)
elif delimiter in data:
break
pos = buff.index(delimiter)
res = buff[0:pos]
del buff[0:pos + 1]
return base64.standard_b64decode(res)
def __init__(self, sock, keyfile=None, certfile=None,
server_side=False, cert_reqs=CERT_NONE,
ssl_version=PROTOCOL_SSLv23, ca_certs=None,
do_handshake_on_connect=True,
suppress_ragged_eofs=True):
socket.__init__(self, _sock=sock._sock)
# the initializer for socket trashes the methods (tsk, tsk), so...
self.send = lambda data, flags=0: SSLSocket.send(self, data, flags)
self.sendto = lambda data, addr, flags=0: SSLSocket.sendto(self, data, addr, flags)
self.recv = lambda buflen=1024, flags=0: SSLSocket.recv(self, buflen, flags)
self.recvfrom = lambda addr, buflen=1024, flags=0: SSLSocket.recvfrom(self, addr, buflen, flags)
self.recv_into = lambda buffer, nbytes=None, flags=0: SSLSocket.recv_into(self, buffer, nbytes, flags)
self.recvfrom_into = lambda buffer, nbytes=None, flags=0: SSLSocket.recvfrom_into(self, buffer, nbytes, flags)
if certfile and not keyfile:
keyfile = certfile
# see if it's connected
try:
socket.getpeername(self)
except:
# no, no connection yet
self._sslobj = None
else:
# yes, create the SSL object
self._sslobj = _ssl.sslwrap(self._sock, server_side,
keyfile, certfile,
cert_reqs, ssl_version, ca_certs)
if do_handshake_on_connect:
timeout = self.gettimeout()
try:
if timeout == 0:
self.settimeout(None)
self.do_handshake()
finally:
self.settimeout(timeout)
self.keyfile = keyfile
self.certfile = certfile
self.cert_reqs = cert_reqs
self.ssl_version = ssl_version
self.ca_certs = ca_certs
self.do_handshake_on_connect = do_handshake_on_connect
self.suppress_ragged_eofs = suppress_ragged_eofs
self._makefile_refs = 0
def process(self, remote: ssl.SSLSocket):
self.server.status = TUNNEL_PROCESSING
logger.debug('Processing tunnel with ticket %s', self.server.ticket)
# Process data until stop requested or connection closed
try:
while not self.server.stop_flag.is_set():
r, _w, _x = select.select([self.request, remote], [], [], 1.0)
if self.request in r:
data = self.request.recv(BUFFER_SIZE)
if not data:
break
remote.sendall(data)
if remote in r:
data = remote.recv(BUFFER_SIZE)
if not data:
break
self.request.sendall(data)
logger.debug('Finished tunnel with ticekt %s', self.server.ticket)
except Exception as e:
pass
def GetMessages(secure_sock: ssl.SSLSocket, buffer_size=1048576, hash_size=MSG_HASH_SIZE):
print("Getting messages")
secure_sock.send(b"1") # Command ID 1
return re.findall('.'*hash_size, secure_sock.recv(buffer_size).decode())
def QueryMessage(secure_sock: ssl.SSLSocket, message_id: str, buffer_size=1048576):
message_id = str(message_id)
secure_sock.send(b"2" + bytes(message_id, "utf-8")) # Command ID 2
print()
return secure_sock.recv(buffer_size).decode().split(",")
class DizzySession(object):
def __init__(self, section_proxy):
self.dest = section_proxy.get('target_host')
self.dport = section_proxy.getint('target_port')
self.src = section_proxy.get('source_host', '')
self.sport = section_proxy.getint('source_port')
self.client_cert = section_proxy.get('certfile')
self.client_key = section_proxy.get('keyfile')
self.timeout = section_proxy.getfloat('timeout', 1)
self.recv_buffer = section_proxy.getfloat('recv_buffer', 4096)
self.auto_reopen = section_proxy.getboolean('auto_reopen', True)
self.server_side = section_proxy.getboolean('server', False)
self.read_first = self.server_side
self.read_first = section_proxy.getboolean('read_first',
self.read_first)
self.connect_retry = section_proxy.getint('retry', 3)
self.is_open = False
try:
inet_aton(self.dest)
self.af = AF_INET
except Exception as e:
try:
inet_pton(AF_INET6, self.dest)
self.af = AF_INET6
except Exception as f:
raise SessionParseException(
"unknown address family: %s: %s, %s" % (self.dest, e, f))
if self.src != '':
try:
inet_aton(self.src)
except Exception as e:
try:
inet_pton(AF_INET6, self.src)
except Exception as f:
raise SessionParseException(
"unknown address family: %s: %s, %s" %
(self.src, e, f))
else:
if not self.af == AF_INET6:
raise SessionParseException(
"address family missmatch: %s - %s" %
(self.dest, self.src))
else:
if not self.af == AF_INET:
raise SessionParseException(
"address family missmatch: %s - %s" %
(self.dest, self.src))
self.cs = None
self.maxsize = 65534
def open(self):
try:
self.s = socket(self.af, SOCK_STREAM)
if self.dest == "255.255.255.255":
self.s.setsockopt(SOL_SOCKET, SO_BROADCAST, 1)
self.s.setsockopt(SOL_SOCKET, SO_REUSEADDR, 1)
self.s.settimeout(self.timeout)
sendbuf = self.s.getsockopt(SOL_SOCKET, SO_SNDBUF)
if sendbuf < self.maxsize:
self.maxsize = sendbuf
if not self.sport is None:
if self.af == AF_INET:
self.s.bind((self.src, self.sport))
elif self.af == AF_INET6:
try:
self.s.bind((self.src, self.port, 0, 0))
except:
if not self.interface is '':
(_, _, _, _, addri) = getaddrinfo(
"%s%%%s" % (self.src, self.interface),
self.sport,
family=AF_INET6,
proto=IPPROTO_UDP)[0]
self.s.bind(addri)
else:
raise SessionException(
"cant bind to ipv6 LL without interface!")
self.s = SSLSocket(self.s,
self.client_key,
self.client_cert,
ssl_version=3)
if self.server_side:
self.s.listen(1)
(self.cs, (rip, rport)) = self.s.accept()
if self.dport:
while self.dport != rport or self.src != rip:
if self.dport != rport:
print_dizzy(
"session/ssl: remote port %i not destination port %i"
% (rport, self.dport), DEBUG)
if self.src != rip:
print_dizzy(
"session/ssl: remote ip %s not destination ip %i"
% (rip, self.dst), DEBUG)
(self.cs, (sip, rport)) = self.s.accept()
self.cs.settimeout(self.timeout)
else:
connected = False
attempt = 1
try:
self.s.connect((self.dest, self.dport))
connected = True
except (timeout, SSLError):
print_dizzy(
"session/ssl: Connection attempt %d timed out." %
attempt)
while not connected and attempt <= self.connect_retry:
try:
(r, w, x) = select([], [self.s], [], self.timeout)
if self.s in w:
connected = True
except:
pass
attempt += 1
if not connected:
raise SessionException("too much connection attempts")
except Exception as e:
raise SessionException("cant open session: %s" % str(e))
else:
self.is_open = True
def close(self):
self.s.close()
self.s = None
if self.cs:
self.cs.close()
self.cs = None
self.is_open = False
def send(self, data):
try:
if not self.maxsize is None and len(data) > self.maxsize:
data = data[:self.maxsize - 1]
print_dizzy("Truncated data to %d byte." % self.maxsize, DEBUG)
if self.server_side:
if not self.cs:
raise SessionException("no client connection, cant send")
self.cs.send(data)
else:
self.s.send(data)
except Exception as e:
if self.auto_reopen:
print_dizzy("session got closed '%s', autoreopening..." % e,
DEBUG)
self.close()
self.open()
else:
self.close()
raise SessionException(
"error on sending '%s', connection closed." % e)
def recv(self):
if self.server_side:
return self.cs.recv(self.recv_buffer)
else:
return self.s.recv(self.recv_buffer)
