atomicshop 2.20.8__py3-none-any.whl → 2.21.1__py3-none-any.whl

atomicshop/mitm/engines/__reference_general/responder___reference_general.py

@@ -23,49 +23,49 @@ class ResponderGeneral(ResponderParent):
 
         self.logger = create_custom_logger()
 
-    def create_response(self, class_client_message: ClientMessage):
-        # noinspection GrazieInspection
-        """
-        Function to create Response based on ClientMessage and its Request.
-
-        :param class_client_message: contains request and other parameters to help creating response.
-        :return: list of responses in bytes.
-        -----------------------------------
-
-        # Example of creating list of bytes using 'build_byte_response' function:
-        result_list: list[bytes] = list()
-        result_list.append(
-            self.build_byte_response(
-                http_version=class_client_message.request_raw_decoded.request_version,
-                status_code=200,
-                headers=response_headers,
-                body=b''
-            )
-        )
-
-        return result_list
-        -----------------------------------
-        # Example of extracting variables from URL PATH based on custom PATH TEMPLATE:
-        # (more examples in 'self.extract_variables_from_path_template' function description)
-        template_path: str = "/hithere/<variable1>/else/<variable2>/tested/"
-        path_variables: dict = extract_variables_from_path_template(
-            path=class_client_message.request_raw_decoded.path,
-            template_path=template_path
-        )
-        -----------------------------------
-        # Example of extracting value from URL PATH parameters after question mark:
-        parameter_value = extract_value_from_path_parameter(
-            path=class_client_message.request_raw_decoded.path,
-            parameter='test_id'
-        )
-        """
-
-        # byte_response: bytes = b''
-        # self.logger.info(f"Response: {byte_response}")
-
-        response_bytes_list: list[bytes] = list()
-        # response_bytes_list.append(byte_response)
-        return response_bytes_list
+    # def create_response(self, class_client_message: ClientMessage):
+    #     # noinspection GrazieInspection
+    #     """
+    #     Function to create Response based on ClientMessage and its Request.
+    #
+    #     :param class_client_message: contains request and other parameters to help creating response.
+    #     :return: list of responses in bytes.
+    #     -----------------------------------
+    #
+    #     # Example of creating list of bytes using 'build_byte_response' function:
+    #     result_list: list[bytes] = list()
+    #     result_list.append(
+    #         self.build_byte_response(
+    #             http_version=class_client_message.request_raw_decoded.request_version,
+    #             status_code=200,
+    #             headers=response_headers,
+    #             body=b''
+    #         )
+    #     )
+    #
+    #     return result_list
+    #     -----------------------------------
+    #     # Example of extracting variables from URL PATH based on custom PATH TEMPLATE:
+    #     # (more examples in 'self.extract_variables_from_path_template' function description)
+    #     template_path: str = "/hithere/<variable1>/else/<variable2>/tested/"
+    #     path_variables: dict = extract_variables_from_path_template(
+    #         path=class_client_message.request_raw_decoded.path,
+    #         template_path=template_path
+    #     )
+    #     -----------------------------------
+    #     # Example of extracting value from URL PATH parameters after question mark:
+    #     parameter_value = extract_value_from_path_parameter(
+    #         path=class_client_message.request_raw_decoded.path,
+    #         parameter='test_id'
+    #     )
+    #     """
+    #
+    #     # byte_response: bytes = b''
+    #     # self.logger.info(f"Response: {byte_response}")
+    #
+    #     response_bytes_list: list[bytes] = list()
+    #     # response_bytes_list.append(byte_response)
+    #     return response_bytes_list
 
     # def create_connect_response(self, class_client_message: ClientMessage):
     #     """

atomicshop/mitm/engines/create_module_template.py

@@ -73,12 +73,18 @@ class CreateModuleTemplate:
 
         # Add "" to each domain.
         domains_with_quotes: list = [f'"{domain}"' for domain in self.domains]
-        config_lines_list.append(f'"domains" = [{", ".join(domains_with_quotes)}]\n')
+
+        config_lines_list.append('[engine]')
+        config_lines_list.append(f'domains = [{", ".join(domains_with_quotes)}]')
+        config_lines_list.append('dns_target = "127.0.0.1"')
+        config_lines_list.append('tcp_listening_address_list = ["0.0.0.0:443"]\n')
+        # config_lines_list.append(f'\n')
+        config_lines_list.append('[mtls]')
+        config_lines_list.append('# "subdomain.domain.com" = "file_name_in_current_dir.pem"\n')
         # config_lines_list.append(f'\n')
-        config_lines_list.append(f'[mtls]')
-        config_lines_list.append(f'# "subdomain.domain.com" = "file_name_in_current_dir.pem"\n')
-        config_lines_list.append(f'[no_sni]')
-        config_lines_list.append(f'# "domain" = "example.com"\n')
+        config_lines_list.append('[no_sni]')
+        config_lines_list.append('get_from_dns = 1         # Blocking, the accept function will wait until the domain is received from DNS.')
+        config_lines_list.append('serve_domain_on_address = {0 = [{"example.com" = "127.0.0.2:443"}]}')
 
         config_file_path = self.new_engine_directory + os.sep + CONFIG_FILE_NAME
 

atomicshop/mitm/engines/create_module_template_main_example.py

@@ -0,0 +1,13 @@
+import sys
+
+from atomicshop.mitm.engines.create_module_template import CreateModuleTemplate
+
+
+def main():
+    CreateModuleTemplate()
+    input('Press enter to exit...')
+    return 0
+
+
+if __name__ == '__main__':
+    sys.exit(main())

atomicshop/mitm/import_config.py

@@ -8,7 +8,7 @@ from ..permissions import permissions
 from ..wrappers.socketw import base
 from ..basics import booleans
 
-from . import config_static
+from . import config_static, initialize_engines
 
 
 def assign_bool(dict_instance: dict, section: str, key: str):
@@ -19,16 +19,27 @@ def assign_bool(dict_instance: dict, section: str, key: str):
         dict_instance[section][key] = True
     elif dict_instance[section][key] == 0:
         dict_instance[section][key] = False
+    elif isinstance(dict_instance[section][key], dict):
+        for subkey, subvalue in dict_instance[section][key].items():
+            if subkey == '1':
+                dict_instance[section][key] = {True: subvalue}
+            elif subkey == '0':
+                dict_instance[section][key] = {False: subvalue}
+            else:
+                print_api(f"Error: {section}.{key}.{subkey} must be 0 or 1.", color='red')
+                return 1
+            break
     else:
         print_api(f"Error: {section}.{key} must be 0 or 1.", color='red')
         return 1
 
 
-def import_config_file(
+def import_config_files(
         config_file_path: str
 ):
     """
     Import the configuration file 'config.toml' and write all the values to 'config_static' dataclasses module.
+
     :param config_file_path:
     :return:
     """
@@ -50,10 +61,55 @@ def import_config_file(
 
     manipulations_after_import()
 
+    result = import_engines_configs()
+    if result != 0:
+        return result
+
     result = check_configurations()
     return result
 
 
+def import_engines_configs() -> int:
+    """
+    Import the engines configuration files and write all the values to 'config_static' dataclasses module.
+
+    :return: int, status code.
+    """
+
+    # Get full paths of all the 'engine_config.ini' files.
+    engine_config_path_list = filesystem.get_paths_from_directory(
+        directory_path=config_static.MainConfig.ENGINES_DIRECTORY_PATH,
+        get_file=True,
+        file_name_check_pattern=config_static.MainConfig.ENGINE_CONFIG_FILE_NAME)
+
+    # Iterate through all the 'engine_config.ini' file paths.
+    domains_engine_list_full: list = list()
+    engines_list: list = list()
+    for engine_config_path in engine_config_path_list:
+        # Initialize engine.
+        current_module: initialize_engines.ModuleCategory = initialize_engines.ModuleCategory(config_static.MainConfig.SCRIPT_DIRECTORY)
+        current_module.fill_engine_fields_from_config(engine_config_path.path)
+        current_module.initialize_engine()
+
+        # Extending the full engine domain list with this list.
+        domains_engine_list_full.extend(current_module.domain_list)
+        # Append the object to the engines list
+        engines_list.append(current_module)
+    # === EOF Importing engine modules =============================================================================
+    # ==== Initialize Reference Module =============================================================================
+    reference_module: initialize_engines.ModuleCategory = initialize_engines.ModuleCategory(config_static.MainConfig.SCRIPT_DIRECTORY)
+    reference_module.fill_engine_fields_from_general_reference(config_static.MainConfig.ENGINES_DIRECTORY_PATH)
+    reference_module.initialize_engine(reference_general=True)
+
+    # Assigning all the engines domains to all time domains, that will be responsible for adding new domains.
+    config_static.Certificates.domains_all_times = list(domains_engine_list_full)
+
+    config_static.ENGINES_LIST = engines_list
+    config_static.REFERENCE_MODULE = reference_module
+
+    return 0
+
+
 def check_configurations() -> int:
     """
     Check the configurations from the 'config.toml' file.
@@ -68,31 +124,103 @@ def check_configurations() -> int:
         print_api("Both DNS and TCP servers in config ini file, nothing to run. Exiting...", color='red')
         return 1
 
-    # Check [tcp_server] boolean configurations. ===================================================================
-    if not config_static.TCPServer.engines_usage and config_static.TCPServer.server_response_mode:
-        message = "You can't set [server_response_mode = True], while setting\n" \
-                    "[engines_usage = False].\n" \
-                    "No engine modules will be loaded - so nothing to respond to.\n" \
-                    "Exiting..."
-        print_api(message, color='red')
+    # Checking if listening interfaces were set.
+    if not config_static.TCPServer.no_engines_usage_to_listen_addresses_enable:
+        # If no engines were found, check if listening interfaces were set in the main config.
+        if not config_static.ENGINES_LIST:
+            message = (
+                "\n"
+                "No engines found. Create with [create_template.py].\n"
+                "Exiting...")
+            print_api(message, color="red")
+            return 1
+    else:
+        if not config_static.TCPServer.no_engines_listening_address_list:
+            message = (
+                "\n"
+                "No listening interfaces. Set [no_engines_usage_to_listen_addresses] in the main [config.toml].\n"
+                "Exiting...")
+            print_api(message, color="red")
+            return 1
+
+    if not config_static.ENGINES_LIST and config_static.DNSServer.resolve_by_engine:
+        error_message = (
+            f"No engines were found in: [{config_static.MainConfig.ENGINES_DIRECTORY_PATH}]\n"
+            f"But the DNS routing is set to use them for routing.\n"
+            f"Please check your DNS routing configuration in the [config.toml] file or create an engine with [create_template.py].")
+        print_api(error_message, color="red")
         return 1
 
+    for engine in config_static.ENGINES_LIST:
+        if engine.no_sni.get_from_dns and engine.no_sni.serve_domain_on_address_enable:
+            message = (
+                f"Both [get_from_dns] and [serve_domain_on_address] are enabled in [no_sni] section of the engine.\n"
+                f"Only one Can be True.")
+            print_api(message, color="red")
+            return 1
+        if not engine.no_sni.get_from_dns and not engine.no_sni.serve_domain_on_address_enable:
+            message = (
+                f"Both [get_from_dns] and [serve_domain_on_address] are disabled in [no_sni] section of the engine.\n"
+                f"Only one Can be True.")
+            print_api(message, color="red")
+            return 1
+
+        if engine.no_sni.serve_domain_on_address_enable:
+            # Check if the domains in no_sni are the same as in the engine. They should not be.
+            # Same goes for the address.
+            for domain, address_ip_port in engine.no_sni.serve_domain_on_address_dict.items():
+                if domain in engine.domain_list:
+                    message = (
+                        f"[*] No SNI setting: The domain [{domain}] is in the engine domains list [{engine.domain_list}].\n"
+                        f"The point of the no_sni section is to serve specific domains on separate addresses.\n")
+                    print_api(message, color="red")
+                    return 1
+
+                if address_ip_port in engine.tcp_listening_address_list:
+                    message = (
+                        f"[*] No SNI setting: The address [{address_ip_port}] is in the engine listening interfaces list [{engine.tcp_listening_address_list}].\n"
+                        f"The point of the no_sni section is to serve specific domains on separate addresses.\n")
+                    print_api(message, color="red")
+                    return 1
+
     # Check admin right if on localhost ============================================================================
-    # If the 'config.dns['target_tcp_server_ipv4']' IP address is localhost, then we need to check if the script
+    # If any of the DNS IP target addresses is localhost loopback, then we need to check if the script
     # is executed with admin rights. There are some processes that 'psutil' can't get their command line if not
     # executed with administrative privileges.
     # Also, check Admin privileges only if 'config.tcp['get_process_name']' was set to 'True' in 'config.ini' of
     # the script.
-    if (config_static.DNSServer.target_tcp_server_ipv4 in base.THIS_DEVICE_IP_LIST and
-            config_static.ProcessName.get_process_name):
-        # If we're not running with admin rights, prompt to the user and make him decide what to do.
-        # If he wants to continue running with 'psutil' exceptions or close the script and rerun with admin rights.
-        if not is_admin:
-            message: str = \
-                ("Need to run the script with administrative rights to get the process name while TCP running "
-                 "on the same computer.\nExiting...")
-            print_api(message, color='red')
-            return 1
+    if config_static.ProcessName.get_process_name:
+        # If the DNS server was set to resolve by engines, we need to check all relevant engine settings.
+        if config_static.DNSServer.resolve_by_engine:
+            for engine in config_static.ENGINES_LIST:
+                # Check if the DNS target is localhost loopback.
+                if engine.dns_target in base.THIS_DEVICE_IP_LIST or engine.dns_target.startswith('127.'):
+                    if not is_admin:
+                        message: str = \
+                            ("Need to run the script with administrative rights to get the process name while TCP "
+                             "running on the same computer.\nExiting...")
+                        print_api(message, color='red')
+                        return 1
+                if engine.no_sni.serve_domain_on_address_enable:
+                    no_sni_target_address_list: list = engine.no_sni.serve_domain_on_address_dict.values()
+                    for no_sni_target_address in no_sni_target_address_list:
+                        if no_sni_target_address in base.THIS_DEVICE_IP_LIST or \
+                                no_sni_target_address.startswith('127.'):
+                            if not is_admin:
+                                message: str = \
+                                    ("Need to run the script with administrative rights to get the process name while TCP "
+                                     "running on the same computer.\nExiting...")
+                                print_api(message, color='red')
+                                return 1
+        if config_static.DNSServer.resolve_all_domains_to_ipv4:
+            if config_static.DNSServer.target_ipv4 in base.THIS_DEVICE_IP_LIST or \
+                    config_static.DNSServer.target_ipv4.startswith('127.'):
+                if not is_admin:
+                    message: str = \
+                        ("Need to run the script with administrative rights to get the process name while TCP "
+                         "running on the same computer.\nExiting...")
+                    print_api(message, color='red')
+                    return 1
 
     try:
         booleans.is_only_1_true_in_list(
@@ -136,6 +264,14 @@ def check_configurations() -> int:
                 print_api(message, color='red')
                 return 1
 
+    if not config_static.DNSServer.resolve_by_engine and not config_static.DNSServer.resolve_regular_pass_thru and not \
+            config_static.DNSServer.resolve_all_domains_to_ipv4_enable:
+        message: str = (
+            "No DNS server resolving settings were set.\n"
+            "Please check your DNS server settings in the [config.toml] file.")
+        print_api(message, color='red')
+        return 1
+
     # This is checked directly in the SocketWrapper.
     # if (config_static.Certificates.install_ca_certificate_to_root_store and not is_admin) or \
     #         (config_static.Certificates.uninstall_unused_ca_certificates_with_mitm_ca_name and not is_admin):
@@ -144,11 +280,27 @@ def check_configurations() -> int:
     #     print_api(message, color='red')
     #     return 1
 
-
     return 0
 
 
 def manipulations_after_import():
+    for key, value in config_static.DNSServer.resolve_all_domains_to_ipv4.items():
+        config_static.DNSServer.resolve_all_domains_to_ipv4_enable = key
+        config_static.DNSServer.target_ipv4 = value
+        break
+
+    for key, value in config_static.TCPServer.no_engines_usage_to_listen_addresses.items():
+        # If the key is False, it means that the user doesn't want to use the no_engines_listening_address_list.
+        # So, we'll assign an empty list to it.
+        if not key:
+            config_static.TCPServer.no_engines_usage_to_listen_addresses_enable = False
+            config_static.TCPServer.no_engines_listening_address_list = list()
+        # If the key is True, it means that the user wants to use the no_engines_listening_address_list.
+        else:
+            config_static.TCPServer.no_engines_usage_to_listen_addresses_enable = key
+            config_static.TCPServer.no_engines_listening_address_list = value
+        break
+
     # Convert extensions to skip to a list of extension IDs.
     skip_extensions: list = list()
     if config_static.SkipExtensions.tls_web_client_authentication:
@@ -166,7 +318,7 @@ def manipulations_after_import():
         config_static.Certificates.custom_server_certificate_path, config_static.MainConfig.SCRIPT_DIRECTORY)
 
     config_static.LogRec.recordings_path = (
-            config_static.LogRec.logs_path + os.sep + config_static.LogRec.recordings_directory_name)
+        config_static.LogRec.logs_path + os.sep + config_static.LogRec.recordings_directory_name)
 
     # At this point the user that sets the config can set it to null or empty string ''. We will make sure
     # that the path is None if it's empty.

atomicshop/mitm/initialize_engines.py

@@ -1,5 +1,4 @@
 import os
-import sys
 from pathlib import Path
 
 from ..file_io import tomls
@@ -8,12 +7,24 @@ from .engines.__reference_general import parser___reference_general, responder__
     recorder___reference_general
 
 
+class NoSNI:
+    def __init__(self):
+        self.get_from_dns: bool = False
+        self.serve_domain_on_address_enable: bool = False
+        self.serve_domain_on_address_dict: dict = dict()
+
+
 class ModuleCategory:
     def __init__(self, script_directory: str):
-        self.domain_list: list = list()
         self.engine_name: str = str()
         self.script_directory: str = script_directory
 
+        self.domain_list: list = list()
+        self.dns_target: str = str()
+        self.tcp_listening_address_list: list = list()
+        self.mtls: dict = dict()
+        self.no_sni: NoSNI = NoSNI()
+
         self.parser_file_path: str = str()
         self.responder_file_path: str = str()
         self.recorder_file_path: str = str()
@@ -22,12 +33,6 @@ class ModuleCategory:
         self.responder_class_object: str = str()
         self.recorder_class_object: str = str()
 
-        # The instance of the recorder class that will be initiated once in the script start
-        self.responder_instance = None
-
-        self.mtls: dict = dict()
-        self.no_sni: dict = dict()
-
     def fill_engine_fields_from_general_reference(self, engines_fullpath: str):
         # Reference module variables.
         self.engine_name = '__reference_general'
@@ -45,9 +50,24 @@ class ModuleCategory:
         self.engine_name = Path(engine_directory_path).name
 
         # Getting the parameters from engine config file
-        self.domain_list = configuration_data['domains']
-        self.mtls = configuration_data['mtls']
-        self.no_sni = configuration_data['no_sni']
+        self.domain_list = configuration_data['engine']['domains']
+        self.dns_target = configuration_data['engine']['dns_target']
+        self.tcp_listening_address_list = configuration_data['engine']['tcp_listening_address_list']
+
+        if 'mtls' in configuration_data:
+            self.mtls = configuration_data['mtls']
+
+        self.no_sni.get_from_dns = bool(configuration_data['no_sni']['get_from_dns'])
+
+        for enable_bool, address_list in configuration_data['no_sni']['serve_domain_on_address'].items():
+            if enable_bool in ['0', '1']:
+                self.no_sni.serve_domain_on_address_enable = bool(int(enable_bool))
+            else:
+                raise ValueError(f"Error: no_sni -> serve_domain_on_address -> key must be 0 or 1.")
+
+            for address in address_list:
+                for domain, address_ip_port in address.items():
+                    self.no_sni.serve_domain_on_address_dict = {domain: address_ip_port}
 
         # If there's module configuration file, but no domains in it, there's no point to continue.
         # Since, each engine is based on domains.
@@ -69,60 +89,36 @@ class ModuleCategory:
         for subdomain, file_name in self.mtls.items():
             self.mtls[subdomain] = f'{engine_directory_path}{os.sep}{file_name}'
 
-    def initialize_engine(self, logs_path: str, logger=None, reference_general: bool = False, **kwargs):
-        # Initiating logger for each engine by its name
-        # loggingw.create_logger(
-        #     logger_name=self.engine_name,
-        #     directory_path=logs_path,
-        #     add_stream=True,
-        #     add_timedfile_with_internal_queue=True,
-        #     formatter_streamhandler='DEFAULT',
-        #     formatter_filehandler='DEFAULT',
-        #     backupCount=config_static.LogRec.store_logs_for_x_days
-        # )
-
+    def initialize_engine(self, reference_general: bool = False):
         if not reference_general:
             self.parser_class_object = import_first_class_name_from_file_path(
-                self.script_directory, self.parser_file_path, logger=logger, stdout=False)
+                self.script_directory, self.parser_file_path)
             self.responder_class_object = import_first_class_name_from_file_path(
-                self.script_directory, self.responder_file_path, logger=logger, stdout=False)
+                self.script_directory, self.responder_file_path)
             self.recorder_class_object = import_first_class_name_from_file_path(
-                self.script_directory, self.recorder_file_path, logger=logger, stdout=False)
+                self.script_directory, self.recorder_file_path)
         else:
             self.parser_class_object = parser___reference_general.ParserGeneral
             self.responder_class_object = responder___reference_general.ResponderGeneral
             self.recorder_class_object = recorder___reference_general.RecorderGeneral
 
-        try:
-            # Since we're using responder to aggregate requests to build responses based on several
-            # requests, we need to initiate responder's class only once in the beginning and assign
-            # this instance to a variable that will be called later per domain.
-            self.responder_instance = self.responder_class_object()
-        except Exception as exception_object:
-            logger.error_exception(f"Exception while initializing responder: {exception_object}")
-            sys.exit()
 
-
-# Assigning external class object by message domain received from client. If the domain is not in the list,
-# the reference general module will be assigned.
 def assign_class_by_domain(
-        engines_usage: bool,
         engines_list: list,
         message_domain_name: str,
-        reference_module,
-        logger=None
+        reference_module
 ):
-    # Defining return variables:
-    function_parser = None
-    function_responder = None
-    function_recorder = None
-    mtls_data: dict = dict()
+    """
+    Assigning external class object by message domain received from client. If the domain is not in the list,
+    the reference general module will be assigned.
+    """
 
     # In case SNI came empty in the request from client, then there's no point in iterating through engine domains.
+    module = None
     if message_domain_name:
-        # If the engines_usage is set to True in the config file, then we'll iterate through the list of engines
+        # If engine/s exit, the engines_list will not be empty, then we'll iterate through the list of engines
         # to find the domain in the list of domains of the engine.
-        if engines_usage:
+        if engines_list:
             # Checking if current domain is in engines' domain list to activate domain specific engine
             for function_module in engines_list:
                 # The list: matches_list = ["domain1.com", "domain2.com", "domain3.com"]
@@ -134,18 +130,8 @@ def assign_class_by_domain(
                 # in the list of strings: if any(a_string in x for x in matches_list):
                 # In this case list is the same and string: a_string = domain
                 if any(x in message_domain_name for x in function_module.domain_list):
-                    # Assigning modules by current engine of the domain
-                    function_parser = function_module.parser_class_object
-                    function_recorder = function_module.recorder_class_object
-                    # Since the responder is being initiated only once, we're assigning only the instance
-                    function_responder = function_module.responder_instance
-                    mtls_data = function_module.mtls
-
-
-                    logger.info(f"Assigned Modules for [{message_domain_name}]: "
-                                f"{function_module.parser_class_object.__name__}, "
-                                f"{function_module.responder_class_object.__name__}, "
-                                f"{function_module.recorder_class_object.__name__}")
+                    # Assigning module by current engine of the domain
+                    module = function_module
 
                     # If the domain was found in the current list of class domains, we can stop the loop
                     break
@@ -154,12 +140,7 @@ def assign_class_by_domain(
     # It's enough to check only parser, since responder and recorder also will be empty.
     # This section is also relevant if SNI came empty in the request from the client and no domain was passed by the
     # DNS Server.
-    if not function_parser:
-        # Assigning modules by current engine of the domain
-        function_parser = reference_module.parser_class_object
-        function_recorder = reference_module.recorder_class_object
-        # Since the responder is being initiated only once, we're assigning only the instance
-        function_responder = reference_module.responder_instance
-
-    # Return all the initiated modules
-    return function_parser, function_responder, function_recorder, mtls_data
+    if not module:
+        module = reference_module
+
+    return module