watobo 0.9.12 → 0.9.13
Sign up to get free protection for your applications and to get access to all the features.
- data/.yardopts +2 -2
- data/{CHANGELOG → CHANGELOG.md} +62 -0
- data/README.md +30 -0
- data/bin/nfq_server.rb +4 -3
- data/bin/watobo_gui.rb +1 -1
- data/config/ott_cache.yml +4 -0
- data/config/scanner.yml +1 -18
- data/config/sid_cache.yml +14 -0
- data/extras/private-hostspot.sh +17 -0
- data/extras/watobo-installer.sh +61 -0
- data/extras/watobo-transparent.sh +38 -0
- data/icons/BestPractice_16x16.ico +0 -0
- data/icons/BestPractice_24x24.ico +0 -0
- data/lib/watobo/adapters/data_store.rb +25 -3
- data/lib/watobo/adapters/file/file_store.rb +19 -11
- data/lib/watobo/adapters/session_store.rb +3 -2
- data/lib/watobo/adapters.rb +1 -1
- data/lib/watobo/ca.rb +1 -1
- data/lib/watobo/config.rb +17 -19
- data/lib/watobo/constants.rb +3 -2
- data/lib/watobo/core/active_check.rb +62 -40
- data/lib/watobo/core/active_checks.rb +73 -0
- data/lib/watobo/core/ca.rb +3 -2
- data/lib/watobo/core/cert_store.rb +3 -2
- data/lib/watobo/core/chat.rb +122 -0
- data/lib/watobo/core/chats.rb +301 -0
- data/lib/watobo/core/conversation.rb +71 -0
- data/lib/watobo/core/cookie.rb +9 -25
- data/lib/watobo/core/finding.rb +89 -0
- data/lib/watobo/core/findings.rb +132 -0
- data/lib/watobo/core/forwarding_proxy.rb +4 -2
- data/lib/watobo/core/fuzz_gen.rb +3 -2
- data/lib/watobo/core/intercept_carver.rb +24 -12
- data/lib/watobo/core/intercept_filter.rb +4 -3
- data/lib/watobo/core/interceptor.rb +9 -888
- data/lib/watobo/core/min_class.rb +27 -0
- data/lib/watobo/core/netfilter_queue.rb +3 -2
- data/lib/watobo/core/ott_cache.rb +156 -0
- data/lib/watobo/core/parameter.rb +66 -0
- data/lib/watobo/core/passive_check.rb +15 -22
- data/lib/watobo/core/passive_checks.rb +72 -0
- data/lib/watobo/core/passive_scanner.rb +69 -0
- data/lib/watobo/core/plugin.rb +33 -0
- data/lib/watobo/core/project.rb +40 -547
- data/lib/watobo/core/proxy.rb +7 -2
- data/lib/watobo/core/request.rb +95 -10
- data/lib/watobo/core/response.rb +44 -3
- data/lib/watobo/core/scanner.rb +6 -7
- data/lib/watobo/core/scanner3.rb +439 -0
- data/lib/watobo/core/scope.rb +106 -0
- data/lib/watobo/core/session.rb +106 -286
- data/lib/watobo/core/sid_cache.rb +121 -0
- data/lib/watobo/core/subscriber.rb +48 -0
- data/lib/watobo/core.rb +2 -2
- data/lib/watobo/defaults.rb +3 -2
- data/lib/watobo/external/diff/lcs/array.rb +1 -1
- data/lib/watobo/external/diff/lcs/block.rb +1 -1
- data/lib/watobo/external/diff/lcs/callbacks.rb +1 -1
- data/lib/watobo/external/diff/lcs/change.rb +1 -1
- data/lib/watobo/external/diff/lcs/hunk.rb +1 -1
- data/lib/watobo/external/diff/lcs/ldiff.rb +1 -1
- data/lib/watobo/external/diff/lcs/string.rb +1 -1
- data/lib/watobo/external/diff/lcs.rb +1 -1
- data/lib/watobo/external/ntlm/ntlm.rb +1 -1
- data/lib/watobo/externals.rb +1 -1
- data/lib/watobo/framework/create_project.rb +19 -12
- data/lib/watobo/framework/init.rb +4 -3
- data/lib/watobo/framework/init_modules.rb +32 -3
- data/lib/watobo/framework/license_text.rb +3 -2
- data/lib/watobo/framework/load_chat.rb +36 -0
- data/lib/watobo/framework.rb +2 -2
- data/lib/watobo/gui/about_watobo.rb +3 -2
- data/lib/watobo/gui/browser_preview.rb +4 -3
- data/lib/watobo/gui/certificate_dialog.rb +3 -2
- data/lib/watobo/gui/chat_diff.rb +6 -14
- data/lib/watobo/gui/chatviewer_frame.rb +30 -5
- data/lib/watobo/gui/checkboxtree.rb +13 -12
- data/lib/watobo/gui/checks_policy_frame.rb +8 -10
- data/lib/watobo/gui/client_cert_dialog.rb +8 -6
- data/lib/watobo/gui/confirm_scan_dialog.rb +5 -3
- data/lib/watobo/gui/conversation_table.rb +288 -51
- data/lib/watobo/gui/conversation_table_ctrl.rb +36 -3
- data/lib/watobo/gui/conversation_table_ctrl2.rb +416 -0
- data/lib/watobo/gui/csrf_token_dialog.rb +25 -33
- data/lib/watobo/gui/dashboard.rb +47 -45
- data/lib/watobo/gui/define_scope_frame.rb +27 -22
- data/lib/watobo/gui/differ_frame.rb +238 -0
- data/lib/watobo/gui/edit_comment.rb +3 -2
- data/lib/watobo/gui/edit_scope_dialog.rb +7 -6
- data/lib/watobo/gui/finding_info.rb +3 -2
- data/lib/watobo/gui/findings_tree.rb +101 -26
- data/lib/watobo/gui/full_scan_dialog.rb +5 -6
- data/lib/watobo/gui/fuzzer_gui.rb +51 -18
- data/lib/watobo/gui/goto_url_dialog.rb +92 -0
- data/lib/watobo/gui/hex_viewer.rb +16 -5
- data/lib/watobo/gui/html_viewer.rb +309 -0
- data/lib/watobo/gui/intercept_filter_dialog.rb +3 -2
- data/lib/watobo/gui/interceptor_gui.rb +5 -4
- data/lib/watobo/gui/interceptor_settings_dialog.rb +4 -3
- data/lib/watobo/gui/list_box.rb +4 -3
- data/lib/watobo/gui/log_file_viewer.rb +55 -0
- data/lib/watobo/gui/log_viewer.rb +3 -82
- data/lib/watobo/gui/login_wizzard.rb +3 -3
- data/lib/watobo/gui/main_window.rb +183 -164
- data/lib/watobo/gui/manual_request_editor.rb +157 -642
- data/lib/watobo/gui/master_pw_dialog.rb +3 -2
- data/lib/watobo/gui/mixins/gui_settings.rb +3 -2
- data/lib/watobo/gui/page_tree.rb +3 -2
- data/lib/watobo/gui/password_policy_dialog.rb +3 -2
- data/lib/watobo/gui/plugin_board.rb +103 -73
- data/lib/watobo/gui/preferences_dialog.rb +3 -2
- data/lib/watobo/gui/progress_window.rb +3 -2
- data/lib/watobo/gui/project_wizzard.rb +3 -2
- data/lib/watobo/gui/proxy_dialog.rb +3 -2
- data/lib/watobo/gui/quick_scan_dialog.rb +17 -32
- data/lib/watobo/gui/request_builder_frame.rb +134 -0
- data/lib/watobo/gui/request_editor.rb +14 -9
- data/lib/watobo/gui/rewrite_filters_dialog.rb +4 -3
- data/lib/watobo/gui/rewrite_rules_dialog.rb +4 -3
- data/lib/watobo/gui/save_chat_dialog.rb +7 -3
- data/lib/watobo/gui/scanner_settings_dialog.rb +4 -3
- data/lib/watobo/gui/select_chat_dialog.rb +15 -25
- data/lib/watobo/gui/session_management_dialog.rb +21 -25
- data/lib/watobo/gui/sites_tree.rb +5 -4
- data/lib/watobo/gui/status_bar.rb +3 -2
- data/lib/watobo/gui/table_editor.rb +398 -386
- data/lib/watobo/gui/tagless_viewer.rb +3 -2
- data/lib/watobo/gui/templates/plugin.rb +3 -2
- data/lib/watobo/gui/templates/plugin2.rb +4 -3
- data/lib/watobo/gui/templates/plugin_base.rb +168 -0
- data/lib/watobo/gui/text_viewer.rb +49 -3
- data/lib/watobo/gui/transcoder_window.rb +3 -2
- data/lib/watobo/gui/utils/gui_utils.rb +5 -4
- data/lib/watobo/gui/utils/init_icons.rb +5 -2
- data/lib/watobo/gui/utils/load_icons.rb +3 -2
- data/lib/watobo/gui/utils/load_plugins.rb +22 -5
- data/lib/watobo/gui/utils/master_password.rb +3 -2
- data/lib/watobo/gui/utils/save_default_settings.rb +7 -5
- data/lib/watobo/gui/utils/save_project_settings.rb +1 -1
- data/lib/watobo/gui/utils/save_proxy_settings.rb +4 -3
- data/lib/watobo/gui/utils/save_scanner_settings.rb +5 -4
- data/lib/watobo/gui/utils/session_history.rb +3 -2
- data/lib/watobo/gui/workspace_dialog.rb +3 -2
- data/lib/watobo/gui/www_auth_dialog.rb +4 -3
- data/lib/watobo/gui/xml_viewer_frame.rb +3 -2
- data/lib/watobo/gui.rb +6 -3
- data/lib/watobo/http/cookies/cookies.rb +66 -0
- data/lib/watobo/http/data/data.rb +68 -0
- data/lib/watobo/{gui/mixins/subscriber.rb → http/url/url.rb} +33 -19
- data/lib/watobo/http_socket/agent.rb +851 -0
- data/lib/watobo/http_socket/client_socket.rb +290 -0
- data/lib/watobo/http_socket/connection.rb +423 -0
- data/lib/watobo/http_socket/http_socket.rb +273 -0
- data/lib/watobo/http_socket/ntlm_auth.rb +152 -0
- data/lib/watobo/http_socket/proxy.rb +31 -0
- data/lib/watobo/http_socket.rb +25 -0
- data/lib/watobo/interceptor/proxy.rb +883 -0
- data/lib/watobo/interceptor/transparent.rb +37 -0
- data/lib/watobo/interceptor.rb +25 -0
- data/lib/watobo/mixins/check_info.rb +50 -0
- data/lib/watobo/mixins/httpparser.rb +92 -20
- data/lib/watobo/mixins/request_parser.rb +103 -88
- data/lib/watobo/mixins/shapers.rb +42 -11
- data/lib/watobo/mixins/transcoders.rb +61 -57
- data/lib/watobo/mixins.rb +3 -2
- data/lib/watobo/parser/html.rb +106 -0
- data/lib/watobo/parser.rb +22 -0
- data/lib/watobo/utils/check_regex.rb +3 -2
- data/lib/watobo/utils/copy_object.rb +3 -2
- data/lib/watobo/utils/crypto.rb +3 -2
- data/lib/watobo/utils/expand_range.rb +3 -2
- data/lib/watobo/utils/file_management.rb +7 -3
- data/lib/watobo/utils/hexprint.rb +3 -2
- data/lib/watobo/utils/load_chat.rb +4 -3
- data/lib/watobo/utils/load_icon.rb +3 -2
- data/lib/watobo/utils/print_debug.rb +3 -2
- data/lib/watobo/utils/response_builder.rb +6 -4
- data/lib/watobo/utils/response_hash.rb +66 -49
- data/lib/watobo/utils/secure_eval.rb +3 -2
- data/lib/watobo/utils/strings.rb +3 -2
- data/lib/watobo/utils/text2request.rb +4 -5
- data/lib/watobo/utils/url.rb +46 -0
- data/lib/watobo/utils.rb +3 -2
- data/lib/watobo.rb +13 -3
- data/modules/active/Apache/mod_status.rb +15 -11
- data/modules/active/Flash/crossdomain.rb +17 -14
- data/modules/active/RoR/cve_2013_015x.rb +21 -0
- data/modules/active/directories/dirwalker.rb +10 -16
- data/modules/active/discovery/fileextensions.rb +10 -7
- data/modules/active/discovery/http_methods.rb +8 -9
- data/modules/active/domino/domino_db.rb +10 -11
- data/modules/active/dotNET/custom_errors.rb +124 -0
- data/modules/active/dotNET/dotnet_files.rb +112 -0
- data/modules/active/fileinclusion/lfi_simple.rb +9 -7
- data/modules/active/jboss/jboss_basic.rb +12 -9
- data/modules/active/sap/its_commands.rb +10 -9
- data/modules/active/sap/its_service_parameter.rb +10 -9
- data/modules/active/sap/its_services.rb +10 -9
- data/modules/active/sap/its_xss.rb +11 -10
- data/modules/active/siebel/siebel_apps.rb +14 -16
- data/modules/active/sqlinjection/sql_boolean.rb +139 -75
- data/modules/active/sqlinjection/sqli_error.rb +9 -6
- data/modules/active/sqlinjection/sqli_timing.rb +13 -11
- data/modules/active/xml/xml_xxe.rb +134 -0
- data/modules/active/xss/{xss_rated.rb → xss_ng.rb} +89 -56
- data/modules/active/xss/xss_simple.rb +9 -6
- data/modules/passive/ajax.rb +85 -0
- data/modules/passive/autocomplete.rb +78 -0
- data/modules/passive/cookie_options.rb +3 -2
- data/modules/passive/cookie_xss.rb +3 -2
- data/modules/passive/detect_code.rb +7 -4
- data/modules/passive/detect_fileupload.rb +3 -2
- data/modules/passive/detect_infrastructure.rb +7 -4
- data/modules/passive/detect_one_time_tokens.rb +3 -2
- data/modules/passive/dirindexing.rb +3 -2
- data/modules/passive/disclosure_domino.rb +3 -2
- data/modules/passive/disclosure_emails.rb +3 -2
- data/modules/passive/disclosure_ipaddr.rb +3 -2
- data/modules/passive/filename_as_parameter.rb +3 -2
- data/modules/passive/form_spotter.rb +10 -7
- data/modules/passive/hidden_fields.rb +73 -0
- data/modules/passive/hotspots.rb +7 -4
- data/modules/passive/in_script_parameter.rb +3 -2
- data/modules/passive/multiple_server_headers.rb +4 -3
- data/modules/passive/possible_login.rb +3 -2
- data/modules/passive/redirect_url.rb +3 -2
- data/modules/passive/redirectionz.rb +6 -3
- data/modules/passive/xss_dom.rb +16 -9
- data/plugins/catalog/catalog.rb +119 -193
- data/plugins/crawler/crawler.rb +4 -3
- data/plugins/crawler/gui/auth_frame.rb +3 -2
- data/plugins/crawler/gui/crawler_gui.rb +3 -2
- data/plugins/crawler/gui/general_settings_frame.rb +3 -2
- data/plugins/crawler/gui/hooks_frame.rb +3 -2
- data/plugins/crawler/gui/scope_frame.rb +3 -2
- data/plugins/crawler/gui/settings_tabbook.rb +3 -2
- data/plugins/crawler/gui/status_frame.rb +3 -2
- data/plugins/crawler/gui.rb +3 -2
- data/plugins/crawler/lib/bags.rb +3 -2
- data/plugins/crawler/lib/constants.rb +3 -2
- data/plugins/crawler/lib/engine.rb +3 -2
- data/plugins/crawler/lib/grabber.rb +3 -2
- data/plugins/crawler/lib/uri_mp.rb +1 -1
- data/plugins/filefinder/filefinder.rb +92 -70
- data/plugins/sqlmap/bin/test.rb +3 -2
- data/plugins/sqlmap/gui/main.rb +3 -2
- data/plugins/sqlmap/gui/options_frame.rb +4 -3
- data/plugins/sqlmap/gui.rb +1 -1
- data/plugins/sqlmap/lib/sqlmap_ctrl.rb +3 -2
- data/plugins/sqlmap/sqlmap.rb +1 -1
- data/plugins/sslchecker/cli/sslchecker_cli.rb +1 -1
- data/plugins/sslchecker/gui/cipher_table.rb +17 -10
- data/plugins/sslchecker/gui/gui.rb +59 -56
- data/plugins/sslchecker/gui/sslchecker.rb +1 -1
- data/plugins/sslchecker/lib/check.rb +43 -18
- data/plugins/wshell/gui/main.rb +130 -0
- data/plugins/wshell/icons/wsh.ico +0 -0
- data/plugins/wshell/lib/core.rb +99 -0
- data/plugins/wshell/wshell.rb +33 -0
- metadata +80 -8
- data/README +0 -26
- data/lib/watobo/core/http_socket.rb +0 -161
- data/lib/watobo/gui/plugin/base.rb +0 -82
@@ -0,0 +1,883 @@
|
|
1
|
+
# .
|
2
|
+
# proxy.rb
|
3
|
+
#
|
4
|
+
# Copyright 2013 by siberas, http://www.siberas.de
|
5
|
+
#
|
6
|
+
# This file is part of WATOBO (Web Application Tool Box)
|
7
|
+
# http://watobo.sourceforge.com
|
8
|
+
#
|
9
|
+
# WATOBO is free software; you can redistribute it and/or modify
|
10
|
+
# it under the terms of the GNU General Public License as published by
|
11
|
+
# the Free Software Foundation version 2 of the License.
|
12
|
+
#
|
13
|
+
# WATOBO is distributed in the hope that it will be useful,
|
14
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
15
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
16
|
+
# GNU General Public License for more details.
|
17
|
+
#
|
18
|
+
# You should have received a copy of the GNU General Public License
|
19
|
+
# along with WATOBO; if not, write to the Free Software
|
20
|
+
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
21
|
+
# .
|
22
|
+
# @private
|
23
|
+
module Watobo#:nodoc: all
|
24
|
+
module Interceptor
|
25
|
+
#
|
26
|
+
class Proxy
|
27
|
+
|
28
|
+
include Watobo::Constants
|
29
|
+
|
30
|
+
attr :port
|
31
|
+
|
32
|
+
attr_accessor :proxy_mode
|
33
|
+
|
34
|
+
attr_accessor :contentLength
|
35
|
+
attr_accessor :contentTypes
|
36
|
+
attr_accessor :target
|
37
|
+
attr :www_auth
|
38
|
+
attr_accessor :client_certificates
|
39
|
+
|
40
|
+
def self.transparent?
|
41
|
+
return true if ( Watobo::Conf::Interceptor.proxy_mode & Watobo::Interceptor::MODE_TRANSPARENT ) > 0
|
42
|
+
return false
|
43
|
+
end
|
44
|
+
|
45
|
+
def server
|
46
|
+
@bind_addr
|
47
|
+
end
|
48
|
+
|
49
|
+
def subscribe(event, &callback)
|
50
|
+
(@event_dispatcher_listeners[event] ||= []) << callback
|
51
|
+
end
|
52
|
+
|
53
|
+
def clearEvents(event)
|
54
|
+
@event_dispatcher_listener[event].clear
|
55
|
+
end
|
56
|
+
|
57
|
+
def getResponseFilter()
|
58
|
+
YAML.load(YAML.dump(@response_filter_settings))
|
59
|
+
end
|
60
|
+
|
61
|
+
def getRequestFilter()
|
62
|
+
YAML.load(YAML.dump(@request_filter_settings))
|
63
|
+
end
|
64
|
+
|
65
|
+
def setResponseFilter(new_settings)
|
66
|
+
@response_filter_settings.update new_settings unless new_settings.nil?
|
67
|
+
end
|
68
|
+
|
69
|
+
def setRequestFilter(new_settings)
|
70
|
+
@request_filter_settings.update new_settings unless new_settings.nil?
|
71
|
+
# puts @request_filter_settings.to_yaml
|
72
|
+
end
|
73
|
+
|
74
|
+
def clear_request_carvers
|
75
|
+
@request_carvers.clear unless @request_carvers.nil?
|
76
|
+
|
77
|
+
end
|
78
|
+
|
79
|
+
def clear_response_carvers
|
80
|
+
@response_carvers.clear unless @response_carvers.nil?
|
81
|
+
end
|
82
|
+
|
83
|
+
def addPreview(response)
|
84
|
+
preview_id = Digest::MD5.hexdigest(response.join)
|
85
|
+
@preview[preview_id] = response
|
86
|
+
return preview_id
|
87
|
+
end
|
88
|
+
|
89
|
+
def stop()
|
90
|
+
begin
|
91
|
+
puts "[#{self.class}] stop"
|
92
|
+
if @t_server.respond_to? :status
|
93
|
+
puts @t_server.status
|
94
|
+
Thread.kill @t_server
|
95
|
+
@intercept_srv.close
|
96
|
+
end
|
97
|
+
rescue IOError => bang
|
98
|
+
puts bang
|
99
|
+
puts bang.backtrace if $DEBUG
|
100
|
+
end
|
101
|
+
end
|
102
|
+
|
103
|
+
#
|
104
|
+
# R U N
|
105
|
+
#
|
106
|
+
|
107
|
+
def self.start(settings = {})
|
108
|
+
proxy = Proxy.new(settings)
|
109
|
+
proxy.start
|
110
|
+
proxy
|
111
|
+
end
|
112
|
+
|
113
|
+
def start()
|
114
|
+
|
115
|
+
if transparent?
|
116
|
+
Watobo::Interceptor::Transparent.start
|
117
|
+
end
|
118
|
+
|
119
|
+
begin
|
120
|
+
@intercept_srv = TCPServer.new(@bind_addr, @port)
|
121
|
+
@intercept_srv.setsockopt( Socket::SOL_SOCKET, Socket::SO_KEEPALIVE, 1 )
|
122
|
+
|
123
|
+
rescue => bang
|
124
|
+
puts "\n!!!Could not start InterceptProxy"
|
125
|
+
puts bang
|
126
|
+
return nil
|
127
|
+
end
|
128
|
+
puts "\n* Intercepor started on #{@bind_addr}:#{@port}"
|
129
|
+
session_list = []
|
130
|
+
puts "!!! TRANSPARENT MODE ENABLED !!!" if transparent?
|
131
|
+
|
132
|
+
@t_server = Thread.new(@intercept_srv) { |server|
|
133
|
+
while (new_session = server.accept)
|
134
|
+
# new_session.sync = true
|
135
|
+
Thread.new(new_session) { |session|
|
136
|
+
|
137
|
+
c_sock = Watobo::HTTPSocket::ClientSocket.connect(session)
|
138
|
+
Thread.exit if c_sock.nil?
|
139
|
+
loop do
|
140
|
+
flags = []
|
141
|
+
begin
|
142
|
+
|
143
|
+
request = c_sock.request
|
144
|
+
|
145
|
+
if request.nil? or request.empty? then
|
146
|
+
c_sock.close
|
147
|
+
Thread.exit
|
148
|
+
end
|
149
|
+
puts "*[I] #{request.url}"
|
150
|
+
|
151
|
+
rescue => bang
|
152
|
+
puts "!!! Error reading client request "
|
153
|
+
puts bang
|
154
|
+
puts bang.backtrace
|
155
|
+
puts request.class
|
156
|
+
# puts request
|
157
|
+
closeSocket(c_sock)
|
158
|
+
Thread.exit
|
159
|
+
#break
|
160
|
+
end
|
161
|
+
|
162
|
+
# check if preview is requested
|
163
|
+
if request.host =='watobo.localhost' or request.first =~ /WATOBOPreview/ then
|
164
|
+
if request.first =~ /WATOBOPreview=([0-9a-zA-Z]*)/ then
|
165
|
+
|
166
|
+
puts "* preview requested ..."
|
167
|
+
puts request.url
|
168
|
+
|
169
|
+
hashid = $1
|
170
|
+
response = @preview[hashid]
|
171
|
+
|
172
|
+
if response then
|
173
|
+
c_sock.write response.join
|
174
|
+
closeSocket(c_sock)
|
175
|
+
end
|
176
|
+
end
|
177
|
+
#next
|
178
|
+
Thread.current.exit
|
179
|
+
end
|
180
|
+
|
181
|
+
request_intercepted = false
|
182
|
+
# no preview, check if interception request is turned on
|
183
|
+
if Watobo::Interceptor.rewrite_requests? then
|
184
|
+
Interceptor::RequestCarver.shape(request, flags)
|
185
|
+
puts "FLAGS >>"
|
186
|
+
puts flags
|
187
|
+
end
|
188
|
+
|
189
|
+
if @target and Watobo::Interceptor.intercept_requests? then
|
190
|
+
if matchRequestFilter(request)
|
191
|
+
@awaiting_requests += 1
|
192
|
+
request_intercepted = true
|
193
|
+
|
194
|
+
if @target.respond_to? :addRequest
|
195
|
+
# puts "*INTERCEPT REQUEST"
|
196
|
+
# puts @target
|
197
|
+
#notify(:modify_request, request, Thread.current)
|
198
|
+
Watobo.print_debug "send request to target"
|
199
|
+
@target.addRequest(request, Thread.current)
|
200
|
+
puts "* stopping thread: #{Thread.current} ..."
|
201
|
+
Thread.stop
|
202
|
+
puts "* released thread: #{Thread.current}"
|
203
|
+
else
|
204
|
+
p "! no target for editing request"
|
205
|
+
end
|
206
|
+
@awaiting_requests -= 1
|
207
|
+
end
|
208
|
+
end
|
209
|
+
# req, resp = @sender.sendRequest(request, :update_sids => false, :update_session => false, :update_contentlength => true)
|
210
|
+
|
211
|
+
#p "getHTTPHeader"
|
212
|
+
#s_sock, req, resp = @sender.getHTTPHeader(request, :update_sids => true, :update_session => false, :update_contentlength => true)
|
213
|
+
begin
|
214
|
+
|
215
|
+
s_sock, req, resp = @sender.sendHTTPRequest(request, :update_sids => true, :update_session => false, :update_contentlength => true, :www_auth => @www_auth, :client_certificates => @client_certificates)
|
216
|
+
if s_sock.nil? then
|
217
|
+
puts request if $DEBUG
|
218
|
+
c_sock.write resp.join unless resp.nil?
|
219
|
+
c_sock.close
|
220
|
+
#Thread.kill Thread.current
|
221
|
+
Thread.exit
|
222
|
+
next
|
223
|
+
end
|
224
|
+
|
225
|
+
rescue => bang
|
226
|
+
puts bang
|
227
|
+
puts bang.backtrace if $DEBUG
|
228
|
+
c_sock.close
|
229
|
+
#Thread.kill Thread.current
|
230
|
+
Thread.exit
|
231
|
+
end
|
232
|
+
|
233
|
+
# check if response should be passed throug
|
234
|
+
#Thread.current.exit if isPassThrough?(req, resp, s_sock, c_sock)
|
235
|
+
#p "no pass-through"
|
236
|
+
|
237
|
+
begin
|
238
|
+
# puts "* got response status: #{resp.status}"
|
239
|
+
missing_credentials = false
|
240
|
+
rs = resp.status
|
241
|
+
if rs =~ /^(401|407)/ then
|
242
|
+
missing_credentials = true
|
243
|
+
|
244
|
+
auth_type = AUTH_TYPE_NONE
|
245
|
+
resp.each do |rl|
|
246
|
+
if rl =~ /^(Proxy|WWW)-Authenticate: Basic/i
|
247
|
+
auth_type = AUTH_TYPE_BASIC
|
248
|
+
break
|
249
|
+
elsif rl =~ /^(Proxy|WWW)-Authenticate: NTLM/i
|
250
|
+
auth_type = AUTH_TYPE_NTLM
|
251
|
+
break
|
252
|
+
end
|
253
|
+
end
|
254
|
+
# when auth type not basic assume it's ntlm -> ntlm credentials must be set in watobo
|
255
|
+
unless auth_type == AUTH_TYPE_NONE
|
256
|
+
if auth_type == AUTH_TYPE_NTLM
|
257
|
+
if rs =~ /^401/ then
|
258
|
+
resp.push "WATOBO: Server requires (NTLM) authorization, please set WWW_Auth Credentials!"
|
259
|
+
resp.shift
|
260
|
+
resp.unshift "HTTP/1.1 200 OK\r\n"
|
261
|
+
else
|
262
|
+
resp.push "WATOBO: Proxy requires (NTLM) authorization, please set Proxy Credentials!"
|
263
|
+
resp.shift
|
264
|
+
resp.unshift "HTTP/1.1 200 OK\r\n"
|
265
|
+
end
|
266
|
+
end
|
267
|
+
else
|
268
|
+
|
269
|
+
resp.push "WATOBO: Unknown authorization type.<br><br>\r\n" + resp.join("<br>\r\n")
|
270
|
+
resp.shift
|
271
|
+
resp.unshift "HTTP/1.1 200 OK\r\n"
|
272
|
+
resp.fix_content_length
|
273
|
+
|
274
|
+
end
|
275
|
+
else
|
276
|
+
# don't try to read body if request method is HEAD
|
277
|
+
unless req.method =~ /^head/i
|
278
|
+
@sender.readHTTPBody(s_sock, resp, req, :update_sids => true)
|
279
|
+
end
|
280
|
+
end
|
281
|
+
rescue => bang
|
282
|
+
puts "!!! could not send request !!!"
|
283
|
+
puts bang
|
284
|
+
puts bang.backtrace if $DEBUG
|
285
|
+
# puts "* Error sending request"
|
286
|
+
end
|
287
|
+
|
288
|
+
begin
|
289
|
+
# Watobo::Response.create resp
|
290
|
+
resp = Watobo::Response.new resp
|
291
|
+
# puts "* unchunk response ..."
|
292
|
+
resp.unchunk
|
293
|
+
# puts "* unzip response ..."
|
294
|
+
resp.unzip
|
295
|
+
|
296
|
+
if Watobo::Interceptor.rewrite_responses? then
|
297
|
+
Interceptor::ResponseCarver.shape(resp, flags)
|
298
|
+
end
|
299
|
+
|
300
|
+
if @target and Watobo::Interceptor.intercept_responses? then
|
301
|
+
if matchResponseFilter(resp)
|
302
|
+
# if resp.content_type =~ /text/ or resp.content_type =~ /application\/javascript/ then
|
303
|
+
if @target.respond_to? :modifyResponse
|
304
|
+
@target.modifyResponse(resp, Thread.current)
|
305
|
+
Thread.stop
|
306
|
+
else
|
307
|
+
p "! no target for editing response"
|
308
|
+
end
|
309
|
+
end
|
310
|
+
end
|
311
|
+
|
312
|
+
# puts ">> SEND TO CLIENT"
|
313
|
+
if missing_credentials
|
314
|
+
resp.set_header("Connection", "close")
|
315
|
+
c_sock.write resp.join
|
316
|
+
c_sock.close
|
317
|
+
else
|
318
|
+
c_sock.write resp.join
|
319
|
+
end
|
320
|
+
# puts resp.join
|
321
|
+
# puts "-----"
|
322
|
+
# closeSocket(c_sock)
|
323
|
+
|
324
|
+
rescue Errno::ECONNRESET
|
325
|
+
print "x"
|
326
|
+
# puts "!!! ERROR (Reset): reading body"
|
327
|
+
# puts "* last data seen on socket: #{buf}"
|
328
|
+
#return
|
329
|
+
rescue Errno::ECONNABORTED
|
330
|
+
print "x"
|
331
|
+
#return
|
332
|
+
rescue => bang
|
333
|
+
puts "!!! Error (???) in Client Communication:"
|
334
|
+
puts bang
|
335
|
+
puts bang.class
|
336
|
+
puts bang.backtrace #if $DEBUG
|
337
|
+
#return
|
338
|
+
end
|
339
|
+
|
340
|
+
chat = Chat.new(request.copy, resp.copy, :source => CHAT_SOURCE_INTERCEPT)
|
341
|
+
# notify(:new_interception, chat)
|
342
|
+
Watobo::Chats.add chat
|
343
|
+
Thread.current.exit if missing_credentials
|
344
|
+
end
|
345
|
+
}
|
346
|
+
|
347
|
+
end
|
348
|
+
}
|
349
|
+
end
|
350
|
+
|
351
|
+
def refresh_www_auth
|
352
|
+
@www_auth = Watobo::Conf::Scanner.www_auth
|
353
|
+
end
|
354
|
+
|
355
|
+
def initialize(settings=nil)
|
356
|
+
@event_dispatcher_listeners = Hash.new
|
357
|
+
begin
|
358
|
+
|
359
|
+
puts
|
360
|
+
puts "=== Initialize Interceptor/Proxy ==="
|
361
|
+
# @project = project
|
362
|
+
# @settings = settings
|
363
|
+
# @port = @settings[:intercept_port]
|
364
|
+
# puts settings.to_yaml
|
365
|
+
|
366
|
+
# @proxy_mode = Watobo::Interceptor.proxy_mode
|
367
|
+
|
368
|
+
#Watobo::Interceptor.proxy_mode = INTERCEPT_NONE
|
369
|
+
|
370
|
+
init_instance_vars
|
371
|
+
|
372
|
+
@awaiting_requests = 0
|
373
|
+
@awaiting_responses = 0
|
374
|
+
|
375
|
+
@request_filter_settings = {
|
376
|
+
:site_in_scope => false,
|
377
|
+
:method_filter => '(get|post|put)',
|
378
|
+
:negate_method_filter => false,
|
379
|
+
:negate_url_filter => false,
|
380
|
+
:url_filter => '',
|
381
|
+
:file_type_filter => '(jpg|gif|png|jpeg|bmp)',
|
382
|
+
:negate_file_type_filter => true,
|
383
|
+
|
384
|
+
:parms_filter => '',
|
385
|
+
:negate_parms_filter => false
|
386
|
+
#:regex_location => 0, # TODO: HEADER_LOCATION, BODY_LOCATION, ALL
|
387
|
+
|
388
|
+
}
|
389
|
+
|
390
|
+
@response_filter_settings = {
|
391
|
+
:content_type_filter => '(text|script)',
|
392
|
+
:negate_content_type_filter => false,
|
393
|
+
:response_code_filter => '2\d{2}',
|
394
|
+
:negate_response_code_filter => false,
|
395
|
+
:request_intercepted => false,
|
396
|
+
:content_printable => true,
|
397
|
+
:enable_printable_check => false
|
398
|
+
}
|
399
|
+
|
400
|
+
@preview = Hash.new
|
401
|
+
@preview['ProxyTest'] = ["HTTP/1.0 200 OK\r\nServer: Watobo-Interceptor\r\nConnection: close\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n<html><body>PROXY_OK</body></html>"]
|
402
|
+
|
403
|
+
# p @settings[:certificate_path]
|
404
|
+
# p @settings[:cert_file]
|
405
|
+
# p @settings[:key_file]
|
406
|
+
# crt_path = Watobo::Conf::Interceptor.certificate_path
|
407
|
+
# crt_file = Watobo::Conf::Interceptor.cert_file
|
408
|
+
# key_file = Watobo::Conf::Interceptor.key_file
|
409
|
+
# dh_key_file = Watobo::Conf::Interceptor.dh_key_file
|
410
|
+
|
411
|
+
# crt_filename = File.join(Watobo.base_directory, crt_path, crt_file)
|
412
|
+
# key_filename = File.join(Watobo.base_directory, crt_path, key_file)
|
413
|
+
|
414
|
+
# @ctx = OpenSSL::SSL::SSLContext.new('SSLv23_server')
|
415
|
+
# @cert = OpenSSL::X509::Certificate.new(File.read(crt_filename))
|
416
|
+
# @key = OpenSSL::PKey::RSA.new(File.read(key_filename))
|
417
|
+
|
418
|
+
#@dh_key = OpenSSL::PKey::DH.new(File.read(dh_filename))
|
419
|
+
@dh_key = Watobo::CA.dh_key
|
420
|
+
# @ctx.ciphers = nil # ['TLSv1/SSLv3', 56, 56 ]
|
421
|
+
|
422
|
+
rescue => bang
|
423
|
+
puts "!!!could not read certificate files:"
|
424
|
+
puts bang
|
425
|
+
puts bang.backtrace if $DEBUG
|
426
|
+
end
|
427
|
+
|
428
|
+
end
|
429
|
+
|
430
|
+
private
|
431
|
+
|
432
|
+
def init_instance_vars
|
433
|
+
@www_auth = Watobo::Conf::Scanner.www_auth
|
434
|
+
@fake_certs = {}
|
435
|
+
@client_certificates = {}
|
436
|
+
@target = nil
|
437
|
+
@sender = Watobo::Session.new(@target)
|
438
|
+
|
439
|
+
@bind_addr = Watobo::Conf::Interceptor.bind_addr
|
440
|
+
puts "> Server: #{@bind_addr}"
|
441
|
+
@port = Watobo::Conf::Interceptor.port
|
442
|
+
puts "> Port: #{@port}"
|
443
|
+
@proxy_mode = Watobo::Conf::Interceptor.proxy_mode
|
444
|
+
|
445
|
+
pt = Watobo::Conf::Interceptor.pass_through
|
446
|
+
@contentLength = pt[:content_length]
|
447
|
+
puts "> PT-ContentLength: #{@contentLength}"
|
448
|
+
@contentTypes = pt[:content_types]
|
449
|
+
puts "> PT-ContentTypes: #{@contentTypes}"
|
450
|
+
end
|
451
|
+
|
452
|
+
#
|
453
|
+
#
|
454
|
+
# matchContentType(content_type)
|
455
|
+
#
|
456
|
+
#
|
457
|
+
def matchContentType?(content_type)
|
458
|
+
@contentTypes.each do |p|
|
459
|
+
return true if content_type =~ /#{p}/
|
460
|
+
end
|
461
|
+
return false
|
462
|
+
end
|
463
|
+
|
464
|
+
#
|
465
|
+
#
|
466
|
+
# matchRequestFilter(request)
|
467
|
+
#
|
468
|
+
#
|
469
|
+
def matchRequestFilter(request)
|
470
|
+
match_url = true
|
471
|
+
# puts @request_filter_settings.to_yaml
|
472
|
+
url_filter = @request_filter_settings[:url_filter]
|
473
|
+
if url_filter != ''
|
474
|
+
match_url = false
|
475
|
+
if request.url.to_s =~ /#{url_filter}/i
|
476
|
+
match_url = true
|
477
|
+
end
|
478
|
+
if @request_filter_settings[:negate_url_filter] == true
|
479
|
+
match_url = ( match_url == true ) ? false : true
|
480
|
+
end
|
481
|
+
end
|
482
|
+
|
483
|
+
return false if match_url == false
|
484
|
+
|
485
|
+
match_method = true
|
486
|
+
method_filter = @request_filter_settings[:method_filter]
|
487
|
+
if method_filter != ''
|
488
|
+
match_method = false
|
489
|
+
if request.method =~ /#{method_filter}/i
|
490
|
+
match_method = true
|
491
|
+
end
|
492
|
+
|
493
|
+
if @request_filter_settings[:negate_method_filter] == true
|
494
|
+
match_method = ( match_method == true ) ? false : true
|
495
|
+
end
|
496
|
+
end
|
497
|
+
|
498
|
+
return false if match_method == false
|
499
|
+
|
500
|
+
match_ftype = true
|
501
|
+
ftype_filter = @request_filter_settings[:file_type_filter]
|
502
|
+
if ftype_filter != ''
|
503
|
+
match_ftype = false
|
504
|
+
if request.doctype != '' and request.doctype =~ /#{ftype_filter}/i
|
505
|
+
match_ftype = true
|
506
|
+
end
|
507
|
+
if @request_filter_settings[:negate_file_type_filter] == true
|
508
|
+
match_ftype = ( match_ftype == true ) ? false : true
|
509
|
+
end
|
510
|
+
end
|
511
|
+
return false if match_ftype == false
|
512
|
+
|
513
|
+
match_parms = true
|
514
|
+
parms_filter = @request_filter_settings[:parms_filter]
|
515
|
+
if parms_filter != ''
|
516
|
+
puts "!PARMS FILTER: #{parms_filter}"
|
517
|
+
match_parms = false
|
518
|
+
puts request.parms
|
519
|
+
match_parms = request.parms.find {|x| x =~ /#{parms_filter}/ }
|
520
|
+
match_parms = ( match_parms.nil? ) ? false : true
|
521
|
+
if @request_filter_settings[:negate_parms_filter] == true
|
522
|
+
match_parms = ( match_parms == true ) ? false : true
|
523
|
+
end
|
524
|
+
end
|
525
|
+
return false if match_parms == false
|
526
|
+
|
527
|
+
true
|
528
|
+
end
|
529
|
+
|
530
|
+
#
|
531
|
+
#
|
532
|
+
# matchResponseFilter(response)
|
533
|
+
#
|
534
|
+
#
|
535
|
+
|
536
|
+
def matchResponseFilter(response)
|
537
|
+
match_ctype = true
|
538
|
+
ct_filter = @response_filter_settings[:content_type_filter]
|
539
|
+
unless ct_filter.empty?
|
540
|
+
match_ctype = false
|
541
|
+
negate = @response_filter_settings[:negate_content_type_filter]
|
542
|
+
if response.content_type =~ /#{ct_filter}/
|
543
|
+
match_ctype = true
|
544
|
+
|
545
|
+
end
|
546
|
+
if negate == true
|
547
|
+
match_ctype = ( match_ctype == true ) ? false : true
|
548
|
+
end
|
549
|
+
end
|
550
|
+
return false if match_ctype == false
|
551
|
+
puts "* pass ctype filter"
|
552
|
+
match_rcode = true
|
553
|
+
rcode_filter = @response_filter_settings[:response_code_filter]
|
554
|
+
negate = @response_filter_settings[:negate_response_code_filter]
|
555
|
+
unless rcode_filter.empty?
|
556
|
+
match_rcode = false
|
557
|
+
puts rcode_filter
|
558
|
+
puts response.responseCode
|
559
|
+
if response.responseCode =~ /#{rcode_filter}/
|
560
|
+
match_rcode = true
|
561
|
+
end
|
562
|
+
if negate == true
|
563
|
+
match_rcode = ( match_rcode == true ) ? false : true
|
564
|
+
end
|
565
|
+
end
|
566
|
+
return false if match_rcode == false
|
567
|
+
puts "* pass rcode filter"
|
568
|
+
true
|
569
|
+
end
|
570
|
+
|
571
|
+
#
|
572
|
+
#
|
573
|
+
# pass_through(server, client, maxbytes)
|
574
|
+
#
|
575
|
+
#
|
576
|
+
def pass_through(server, client, maxbytes = 0)
|
577
|
+
buf = ''
|
578
|
+
print "[~"
|
579
|
+
bytes_read = 0
|
580
|
+
while buf
|
581
|
+
begin
|
582
|
+
#timeout(2) do
|
583
|
+
buf = nil
|
584
|
+
buf = server.readpartial(2048)
|
585
|
+
#end
|
586
|
+
rescue EOFError
|
587
|
+
#client.write buf if buf
|
588
|
+
#print "~]"
|
589
|
+
return if buf.nil?
|
590
|
+
rescue Errno::ECONNRESET
|
591
|
+
# puts "!!! ERROR (Reset): reading body"
|
592
|
+
# puts "* last data seen on socket: #{buf}"
|
593
|
+
print "R"
|
594
|
+
return if buf.nil?
|
595
|
+
rescue Timeout::Error
|
596
|
+
#puts "!!! ERROR (Timeout): reading body"
|
597
|
+
#puts "* last data seen on socket:"
|
598
|
+
#client.write buf if buf
|
599
|
+
print "T"
|
600
|
+
return if buf.nil?
|
601
|
+
rescue => bang
|
602
|
+
puts "!!! could not read body !!!"
|
603
|
+
puts bang
|
604
|
+
puts bang.class
|
605
|
+
puts bang.backtrace if $DEBUG
|
606
|
+
# puts "* last data seen on socket:"
|
607
|
+
# print "~]"
|
608
|
+
#client.write buf if buf
|
609
|
+
return
|
610
|
+
end
|
611
|
+
|
612
|
+
begin
|
613
|
+
return if buf.nil?
|
614
|
+
print "~"
|
615
|
+
client.write buf
|
616
|
+
bytes_read += buf.length
|
617
|
+
# puts "##{bytes_read} of #{maxbytes}"
|
618
|
+
if maxbytes > 0 and bytes_read >= maxbytes
|
619
|
+
print "~]"
|
620
|
+
return
|
621
|
+
end
|
622
|
+
|
623
|
+
rescue Errno::ECONNRESET
|
624
|
+
print "~x]"
|
625
|
+
# puts "!!! ERROR (Reset): reading body"
|
626
|
+
# puts "* last data seen on socket: #{buf}"
|
627
|
+
return
|
628
|
+
rescue Errno::ECONNABORTED
|
629
|
+
print "~x]"
|
630
|
+
return
|
631
|
+
rescue Errno::EPIPE
|
632
|
+
print "~x]"
|
633
|
+
return
|
634
|
+
rescue => bang
|
635
|
+
puts "!!! client communication broken !!!"
|
636
|
+
puts bang
|
637
|
+
puts bang.class
|
638
|
+
puts bang.backtrace if $DEBUG
|
639
|
+
return
|
640
|
+
end
|
641
|
+
end
|
642
|
+
end
|
643
|
+
|
644
|
+
def transparent?
|
645
|
+
return true if ( @proxy_mode & Watobo::Interceptor::MODE_TRANSPARENT ) > 0
|
646
|
+
return false
|
647
|
+
end
|
648
|
+
|
649
|
+
def read_request(socket)
|
650
|
+
request = []
|
651
|
+
# read http header lines
|
652
|
+
session = socket
|
653
|
+
|
654
|
+
ra = socket.remote_address
|
655
|
+
cport = ra.ip_port
|
656
|
+
caddr = ra.ip_address
|
657
|
+
|
658
|
+
if transparent?
|
659
|
+
|
660
|
+
ci = @connections.info({ 'host' => caddr, 'port' => cport } )
|
661
|
+
unless ci['target'].empty? or ci['cn'].empty?
|
662
|
+
puts "SSL-REQUEST FROM #{caddr}:#{cport}"
|
663
|
+
|
664
|
+
ctx = Watobo::CertStore.acquire_ssl_ctx ci['target'], ci['cn']
|
665
|
+
|
666
|
+
begin
|
667
|
+
ssl_socket = OpenSSL::SSL::SSLSocket.new(socket, ctx)
|
668
|
+
ssl_socket.setsockopt( Socket::SOL_SOCKET, Socket::SO_KEEPALIVE, 1)
|
669
|
+
# ssl_socket.sync_close = true
|
670
|
+
ssl_socket.sync = true
|
671
|
+
# puts ssl_socket.methods.sort
|
672
|
+
session = ssl_socket.accept
|
673
|
+
rescue OpenSSL::SSL::SSLError => e
|
674
|
+
puts ">> SSLError"
|
675
|
+
puts e
|
676
|
+
return nil, session
|
677
|
+
rescue => bang
|
678
|
+
puts bang
|
679
|
+
puts bang.backtrace
|
680
|
+
return nil, session
|
681
|
+
end
|
682
|
+
else
|
683
|
+
puts ci['host']
|
684
|
+
puts ci['cn']
|
685
|
+
end
|
686
|
+
end
|
687
|
+
|
688
|
+
Watobo::HTTPSocket.read_header(session) do |line|
|
689
|
+
# puts line
|
690
|
+
request.push line
|
691
|
+
end
|
692
|
+
|
693
|
+
if transparent?
|
694
|
+
#puts "> get hostname ..."
|
695
|
+
thn = nil
|
696
|
+
request.each do |l|
|
697
|
+
if l =~ /^Host: (.*)/
|
698
|
+
thn = $1.strip
|
699
|
+
# puts ">> #{thn}"
|
700
|
+
end
|
701
|
+
end
|
702
|
+
# puts session.class
|
703
|
+
# puts "* fix request line ..."
|
704
|
+
# puts request.first
|
705
|
+
# puts ">>"
|
706
|
+
if session.is_a? OpenSSL::SSL::SSLSocket
|
707
|
+
request.first.gsub!(/(^[^[:space:]]{1,}) (.*) (HTTP.*)/i,"\\1 https://#{thn}\\2 \\3")
|
708
|
+
else
|
709
|
+
request.first.gsub!(/(^[^[:space:]]{1,}) (.*) (HTTP.*)/i,"\\1 http://#{thn}\\2 \\3")
|
710
|
+
end
|
711
|
+
#puts request.first
|
712
|
+
end
|
713
|
+
|
714
|
+
if request.first =~ /^CONNECT (.*):(\d{1,5}) HTTP\/1\./ then
|
715
|
+
target = $1
|
716
|
+
tport = $2
|
717
|
+
# puts request.first
|
718
|
+
# print "\n* CONNECT: #{method} #{target} on port #{tport}\n"
|
719
|
+
|
720
|
+
socket.print "HTTP/1.0 200 Connection established\r\n" +
|
721
|
+
"Proxy-connection: Keep-alive\r\n" +
|
722
|
+
"Proxy-agent: WATOBO-Proxy/1.1\r\n" +
|
723
|
+
"\r\n"
|
724
|
+
bscount = 0 # bad handshake counter
|
725
|
+
# puts "* wait for ssl handshake ..."
|
726
|
+
begin
|
727
|
+
dst = "#{target}:#{tport}"
|
728
|
+
unless @fake_certs.has_key? dst
|
729
|
+
puts "NEW CERTIFICATE FOR >> #{dst} <<"
|
730
|
+
cn = Watobo::HTTPSocket.get_ssl_cert_cn(target, tport)
|
731
|
+
puts "CN=#{cn}"
|
732
|
+
|
733
|
+
cert = {
|
734
|
+
:hostname => cn,
|
735
|
+
:type => 'server',
|
736
|
+
:user => 'watobo',
|
737
|
+
:email => 'root@localhost',
|
738
|
+
}
|
739
|
+
cert_file, key_file = Watobo::CA.create_cert cert
|
740
|
+
@fake_certs[dst] = {
|
741
|
+
:cert => OpenSSL::X509::Certificate.new(File.read(cert_file)),
|
742
|
+
:key => OpenSSL::PKey::RSA.new(File.read(key_file))
|
743
|
+
}
|
744
|
+
end
|
745
|
+
ctx = OpenSSL::SSL::SSLContext.new()
|
746
|
+
|
747
|
+
#ctx.cert = @cert
|
748
|
+
ctx.cert = @fake_certs[dst][:cert]
|
749
|
+
# @ctx.key = OpenSSL::PKey::DSA.new(File.read(key_file))
|
750
|
+
#ctx.key = @key
|
751
|
+
ctx.key = @fake_certs[dst][:key]
|
752
|
+
ctx.tmp_dh_callback = proc { |*args|
|
753
|
+
@dh_key
|
754
|
+
}
|
755
|
+
|
756
|
+
ctx.verify_mode = OpenSSL::SSL::VERIFY_NONE
|
757
|
+
ctx.timeout = 10
|
758
|
+
|
759
|
+
ssl_socket = OpenSSL::SSL::SSLSocket.new(socket, ctx)
|
760
|
+
ssl_socket.setsockopt( Socket::SOL_SOCKET, Socket::SO_KEEPALIVE, 1)
|
761
|
+
# ssl_socket.sync_close = true
|
762
|
+
ssl_socket.sync = true
|
763
|
+
# puts ssl_socket.methods.sort
|
764
|
+
|
765
|
+
ssl_session = ssl_socket.accept
|
766
|
+
rescue => bang
|
767
|
+
puts bang
|
768
|
+
puts bang.backtrace if $DEBUG
|
769
|
+
#puts ssl_session
|
770
|
+
#if not ssl_session then bscount += 1;end
|
771
|
+
#if bscount > 10 then
|
772
|
+
# puts "!!! Error: SSL-Handshake with Client/Browser"
|
773
|
+
# puts bang
|
774
|
+
return nil, socket
|
775
|
+
#end
|
776
|
+
#retry
|
777
|
+
end
|
778
|
+
session = ssl_session
|
779
|
+
# puts "* ssl ok!"
|
780
|
+
# now read ssl request header
|
781
|
+
request = []
|
782
|
+
Watobo::HTTPSocket.read_header(session) do |line|
|
783
|
+
request.push line
|
784
|
+
end
|
785
|
+
|
786
|
+
return nil, session if not request.first
|
787
|
+
|
788
|
+
request.first.gsub!(/(^[^[:space:]]{1,})( )(\/.*)/, "\\1 https://#{target}:#{tport}\\3")
|
789
|
+
end
|
790
|
+
#puts request
|
791
|
+
# request.extend Watobo::Mixin::Parser::Url
|
792
|
+
# request.extend Watobo::Mixin::Parser::Web10
|
793
|
+
# request.extend Watobo::Mixin::Shaper::Web10
|
794
|
+
#Watobo::Request.create request
|
795
|
+
request = Watobo::Request.new(request)
|
796
|
+
|
797
|
+
clen = request.content_length
|
798
|
+
if clen > 0 then
|
799
|
+
body = ""
|
800
|
+
Watobo::HTTPSocket.read_body(session) do |data|
|
801
|
+
body += data
|
802
|
+
break if body.length == clen
|
803
|
+
end
|
804
|
+
request.push body
|
805
|
+
end
|
806
|
+
|
807
|
+
return request, session
|
808
|
+
end
|
809
|
+
|
810
|
+
def isPassThrough?(request, response, s_sock, c_sock)
|
811
|
+
begin
|
812
|
+
reason = nil
|
813
|
+
clen = response.content_length
|
814
|
+
# no pass-through necessary if request method is HEAD
|
815
|
+
return false if request.method =~ /^head/i
|
816
|
+
|
817
|
+
if matchContentType?(response.content_type) then
|
818
|
+
# first forward headers
|
819
|
+
c_sock.write response.join
|
820
|
+
reason = []
|
821
|
+
reason.push "---> WATOBO: PASS_THROUGH <---"
|
822
|
+
reason.push "Reason: Content-Type = #{response.content_type}"
|
823
|
+
elsif clen > @contentLength
|
824
|
+
# puts "PASS-THROUGH: #{response.content_length}"
|
825
|
+
c_sock.write response.join
|
826
|
+
reason = []
|
827
|
+
reason.push "---> WATOBO: PASS_THROUGH <---"
|
828
|
+
reason.push "Reason: Content-Length > #{@contentLength} (#{response.content_length})"
|
829
|
+
end
|
830
|
+
|
831
|
+
return false if reason.nil?
|
832
|
+
reason.push "* DO MANUAL REQUEST TO GET FULL RESPONSE *"
|
833
|
+
response.push reason.join("\n")
|
834
|
+
chat = Watobo::Chat.new(request, response, :source => CHAT_SOURCE_INTERCEPT)
|
835
|
+
#notify(:new_interception, chat)
|
836
|
+
Watobo::Chats.add chat
|
837
|
+
|
838
|
+
pass_through(s_sock, c_sock, clen)
|
839
|
+
# puts "* Close Server Socket..."
|
840
|
+
closeSocket(c_sock)
|
841
|
+
# puts "* Close Client Socket..."
|
842
|
+
closeSocket(s_sock)
|
843
|
+
# puts "... done."
|
844
|
+
true
|
845
|
+
rescue => bang
|
846
|
+
puts bang
|
847
|
+
puts bang.backtrace if $DEBUG
|
848
|
+
return false
|
849
|
+
end
|
850
|
+
end
|
851
|
+
|
852
|
+
def notify(event, *args)
|
853
|
+
if @event_dispatcher_listeners[event]
|
854
|
+
@event_dispatcher_listeners[event].each do |m|
|
855
|
+
m.call(*args) if m.respond_to? :call
|
856
|
+
end
|
857
|
+
end
|
858
|
+
end
|
859
|
+
|
860
|
+
def closeSocket(socket)
|
861
|
+
#puts socket.class
|
862
|
+
return false if socket.nil?
|
863
|
+
begin
|
864
|
+
#if socket.class.to_s =~ /SSLSocket/
|
865
|
+
if socket.respond_to? :sysclose
|
866
|
+
#socket.io.shutdown(2)
|
867
|
+
socket.sysclose
|
868
|
+
elsif socket.respond_to? :shutdown
|
869
|
+
socket.shutdown(2)
|
870
|
+
elsif socket.respond_to? :close
|
871
|
+
socket.close
|
872
|
+
end
|
873
|
+
return true
|
874
|
+
rescue => bang
|
875
|
+
puts bang
|
876
|
+
puts bang.backtrace if $DEBUG
|
877
|
+
end
|
878
|
+
false
|
879
|
+
end
|
880
|
+
|
881
|
+
end
|
882
|
+
end
|
883
|
+
end
|