RubyGems - ssrf_proxy - Versions diffs - 0.0.2 - Mend

ssrf_proxy 0.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

data/lib/ssrf_proxy/server.rb ADDED

@@ -0,0 +1,147 @@
+#!/usr/bin/env ruby
+#
+# Copyright (c) 2015 Brendan Coles <bcoles@gmail.com>
+# SSRF Proxy - https://github.com/bcoles/ssrf_proxy
+# See the file 'LICENSE' for copying permission
+#
+require "ssrf_proxy"
+module SSRFProxy
+#
+# @note SSRFProxy::Server
+#
+class Server
+  # @note output status messages
+  def print_status(msg='')
+    puts '[*] '.blue + msg
+  end
+  # @note output progress messages
+  def print_good(msg='')
+    puts '[+] '.green + msg
+  end
+  require 'socket'
+  require 'celluloid/current'
+  require 'celluloid/io'
+  include Celluloid::IO
+  finalizer :shutdown
+  attr_accessor :logger
+  # @note logger
+  def logger
+    @logger || ::Logger.new(STDOUT).tap do |log|
+      log.progname = 'ssrf-proxy-server'
+      log.level = ::Logger::WARN
+      log.datetime_format = '%Y-%m-%d %H:%M:%S '
+    end
+  end
+  #
+  # @note SSRFProxy::Server errors
+  #
+  module Error
+    # custom errors
+    class Error < StandardError; end
+    exceptions = %w( InvalidSsrf )
+    exceptions.each { |e| const_set(e, Class.new(Error)) }
+  end
+  #
+  # @note Start the local server and listen for connections
+  #
+  # @options
+  # - interface - String - Listen interface (Default: 127.0.0.1)
+  # - port - Integer - Listen port (Default: 8081)
+  # - ssrf - SSRFProxy::HTTP - SSRF
+  #
+  def initialize(interface='127.0.0.1', port=8081, ssrf)
+    @logger = ::Logger.new(STDOUT).tap do |log|
+      log.progname = 'ssrf-proxy-server'
+      log.level = ::Logger::WARN
+      log.datetime_format = '%Y-%m-%d %H:%M:%S '
+    end
+    # set ssrf
+    unless ssrf.class == SSRFProxy::HTTP
+      raise SSRFProxy::Server::Error::InvalidSsrf.new,
+        "Invalid SSRF provided"
+    end
+    @ssrf = ssrf
+    # start server
+    logger.info "Starting HTTP proxy on #{interface}:#{port}"
+    print_status "Listening on #{interface}:#{port}"
+    @server = TCPServer.new(interface, port.to_i)
+  end
+  #
+  # @note Run proxy server
+  #
+  def serve
+    loop { async.handle_connection(@server.accept) }
+  end
+  private
+  #
+  # @note Handle shutdown of client socket
+  #
+  def shutdown
+    logger.info 'Shutting down'
+    @server.close if @server
+    logger.debug 'Shutdown complete'
+  end
+  #
+  # @note Handle client request
+  #
+  # @options
+  # - socket - String - client socket
+  #
+  def handle_connection(socket)
+    _, port, host = socket.peeraddr
+    max_len = 4096
+    logger.debug "Client #{host}:#{port} connected"
+    request = socket.readpartial(max_len)
+    logger.debug("Received client request (#{request.length} bytes):\n#{request}")
+    if request.length >= max_len
+      logger.warn("Client request too long (truncated at #{request.length} bytes)")
+    end
+    if request.to_s !~ /\A[A-Z]{1,20} /
+      logger.warn("Malformed client HTTP request")
+      response = "HTTP/1.0 501 Error\r\n\r\n"
+    elsif request.to_s =~ /\ACONNECT ([a-zA-Z0-9\.\-]+:[\d]+) .*$/
+      host = "#{$1}"
+      logger.info("Negotiating connection to #{host}")
+      response = @ssrf.send_request("GET http://#{host}/ HTTP/1.0\n\n")
+      if response =~ /^Server: SSRF Proxy$/i && response =~ /^Content-Length: 0$/i
+        logger.warn("Connection to #{host} failed")
+        response = "HTTP/1.0 502 Bad Gateway\r\n\r\n"
+      else
+        logger.info("Connected to #{host} successfully")
+        socket.write("HTTP/1.0 200 Connection established\r\n\r\n")
+        request = socket.readpartial(max_len)
+        logger.debug("Received client request (#{request.length} bytes):\n#{request}")
+        if request.length >= max_len
+          logger.warn("Client request too long (truncated at #{request.length} bytes)")
+        end
+        response = @ssrf.send_request(request)
+      end
+    else
+      response = @ssrf.send_request(request)
+    end
+    socket.write(response)
+    socket.close
+  rescue EOFError, Errno::ECONNRESET
+    logger.debug "Client #{host}:#{port} disconnected"
+    socket.close
+  end
+  private :shutdown,:handle_connection
+end
+end

data/lib/ssrf_proxy/version.rb ADDED

@@ -0,0 +1,10 @@
+#!/usr/bin/env ruby
+#
+# Copyright (c) 2015 Brendan Coles <bcoles@gmail.com>
+# SSRF Proxy - https://github.com/bcoles/ssrf_proxy
+# See the file 'LICENSE' for copying permission
+#
+module SSRFProxy
+  VERSION = "0.0.2"
+end

metadata ADDED

@@ -0,0 +1,201 @@
+--- !ruby/object:Gem::Specification
+name: ssrf_proxy
+version: !ruby/object:Gem::Version
+  version: 0.0.2
+  prerelease:
+platform: ruby
+authors:
+- Brendan Coles
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2015-10-02 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.8'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.8'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: bundler-audit
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: logger
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: colorize
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: webrick
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: celluloid
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 0.17.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 0.17.1
+- !ruby/object:Gem::Dependency
+  name: celluloid-io
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 0.17.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 0.17.1
+- !ruby/object:Gem::Dependency
+  name: ipaddress
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: SSRF Proxy is a multi-threaded HTTP proxy server designed to tunnel client
+  HTTP traffic through HTTP servers vulnerable to HTTP Server-Side Request Forgery
+  (SSRF).
+email:
+- bcoles@gmail.com
+executables:
+- ssrf-proxy
+- ssrf-scan
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/ssrf_proxy.rb
+- lib/ssrf_proxy/http.rb
+- lib/ssrf_proxy/server.rb
+- lib/ssrf_proxy/version.rb
+- bin/ssrf-proxy
+- bin/ssrf-scan
+homepage: https://github.com/bcoles/ssrf_proxy
+licenses:
+- MIT
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: 1.9.3
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project:
+rubygems_version: 1.8.23
+signing_key:
+specification_version: 3
+summary: SSRF Proxy facilitates tunneling HTTP communications through servers vulnerable
+  to SSRF.
+test_files: []