Inicio Explorar Axuda
Iniciar sesión
EclecticLabs
/
Proxsneak
2
0
Fork 0
Ficheiros Incidencias 0 Pull Requests 0 Wiki
Árbore: 1e043aabac
Ramas Etiquetas
Proxsneak
/
bettercap
/
modules
/
http_proxy
/
http_proxy_js_request.go

http_proxy_js_request.go 5.5 KB
Histórico Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243 
  1. package http_proxy
    2. 

  2. 

  3. import (
    4. 

  4. 	"bytes"
    5. 

  5. 	"fmt"
    6. 

  6. 	"io/ioutil"
    7. 

  7. 	"net/http"
    8. 

  8. 	"net/url"
    9. 

  9. 	"regexp"
    10. 

  10. 	"strings"
    11. 

  11. 

  12. 	"github.com/bettercap/bettercap/session"
    13. 

  13. )
    14. 

  14. 

  15. type JSRequest struct {
    16. 

  16. 	Client      map[string]string
    17. 

  17. 	Method      string
    18. 

  18. 	Version     string
    19. 

  19. 	Scheme      string
    20. 

  20. 	Path        string
    21. 

  21. 	Query       string
    22. 

  22. 	Hostname    string
    23. 

  23. 	Port        string
    24. 

  24. 	ContentType string
    25. 

  25. 	Headers     string
    26. 

  26. 	Body        string
    27. 

  27. 

  28. 	req      *http.Request
    29. 

  29. 	refHash  string
    30. 

  30. 	bodyRead bool
    31. 

  31. }
    32. 

  32. 

  33. var header_regexp = regexp.MustCompile(`^\s*(.*?)\s*:\s*(.*)\s*$`)
    34. 

  34. 

  35. func NewJSRequest(req *http.Request) *JSRequest {
    36. 

  36. 	headers := ""
    37. 

  37. 	cType := ""
    38. 

  38. 

  39. 	for name, values := range req.Header {
    40. 

  40. 		for _, value := range values {
    41. 

  41. 			headers += name + ": " + value + "\r\n"
    42. 

  42. 

  43. 			if strings.ToLower(name) == "content-type" {
    44. 

  44. 				cType = value
    45. 

  45. 			}
    46. 

  46. 		}
    47. 

  47. 	}
    48. 

  48. 

  49. 	client_ip := strings.Split(req.RemoteAddr, ":")[0]
    50. 

  50. 	client_mac := ""
    51. 

  51. 	client_alias := ""
    52. 

  52. 	if endpoint := session.I.Lan.GetByIp(client_ip); endpoint != nil {
    53. 

  53. 		client_mac = endpoint.HwAddress
    54. 

  54. 		client_alias = endpoint.Alias
    55. 

  55. 	}
    56. 

  56. 

  57. 	jreq := &JSRequest{
    58. 

  58. 		Client:      map[string]string{"IP": client_ip, "MAC": client_mac, "Alias": client_alias},
    59. 

  59. 		Method:      req.Method,
    60. 

  60. 		Version:     fmt.Sprintf("%d.%d", req.ProtoMajor, req.ProtoMinor),
    61. 

  61. 		Scheme:      req.URL.Scheme,
    62. 

  62. 		Hostname:    req.URL.Hostname(),
    63. 

  63. 		Port:        req.URL.Port(),
    64. 

  64. 		Path:        req.URL.Path,
    65. 

  65. 		Query:       req.URL.RawQuery,
    66. 

  66. 		ContentType: cType,
    67. 

  67. 		Headers:     headers,
    68. 

  68. 

  69. 		req:      req,
    70. 

  70. 		bodyRead: false,
    71. 

  71. 	}
    72. 

  72. 	jreq.UpdateHash()
    73. 

  73. 

  74. 	return jreq
    75. 

  75. }
    76. 

  76. 

  77. func (j *JSRequest) NewHash() string {
    78. 

  78. 	hash := fmt.Sprintf("%s.%s.%s.%s.%s.%s.%s.%s.%s.%s",
    79. 

  79. 		j.Client["IP"],
    80. 

  80. 		j.Method,
    81. 

  81. 		j.Version,
    82. 

  82. 		j.Scheme,
    83. 

  83. 		j.Hostname,
    84. 

  84. 		j.Port,
    85. 

  85. 		j.Path,
    86. 

  86. 		j.Query,
    87. 

  87. 		j.ContentType,
    88. 

  88. 		j.Headers)
    89. 

  89. 	hash += "." + j.Body
    90. 

  90. 	return hash
    91. 

  91. }
    92. 

  92. 

  93. func (j *JSRequest) UpdateHash() {
    94. 

  94. 	j.refHash = j.NewHash()
    95. 

  95. }
    96. 

  96. 

  97. func (j *JSRequest) WasModified() bool {
    98. 

  98. 	// body was read
    99. 

  99. 	if j.bodyRead {
    100. 

  100. 		return true
    101. 

  101. 	}
    102. 

  102. 	// check if any of the fields has been changed
    103. 

  103. 	return j.NewHash() != j.refHash
    104. 

  104. }
    105. 

  105. 

  106. func (j *JSRequest) GetHeader(name, deflt string) string {
    107. 

  107. 	headers := strings.Split(j.Headers, "\r\n")
    108. 

  108. 	for i := 0; i < len(headers); i++ {
    109. 

  109. 		if headers[i] != "" {
    110. 

  110. 			header_parts := header_regexp.FindAllSubmatch([]byte(headers[i]), 1)
    111. 

  111. 			if len(header_parts) != 0 && len(header_parts[0]) == 3 {
    112. 

  112. 				header_name := string(header_parts[0][1])
    113. 

  113. 				header_value := string(header_parts[0][2])
    114. 

  114. 

  115. 				if strings.ToLower(name) == strings.ToLower(header_name) {
    116. 

  116. 					return header_value
    117. 

  117. 				}
    118. 

  118. 			}
    119. 

  119. 		}
    120. 

  120. 	}
    121. 

  121. 	return deflt
    122. 

  122. }
    123. 

  123. 

  124. func (j *JSRequest) SetHeader(name, value string) {
    125. 

  125. 	name = strings.TrimSpace(name)
    126. 

  126. 	value = strings.TrimSpace(value)
    127. 

  127. 

  128. 	if strings.ToLower(name) == "content-type" {
    129. 

  129. 		j.ContentType = value
    130. 

  130. 	}
    131. 

  131. 

  132. 	headers := strings.Split(j.Headers, "\r\n")
    133. 

  133. 	for i := 0; i < len(headers); i++ {
    134. 

  134. 		if headers[i] != "" {
    135. 

  135. 			header_parts := header_regexp.FindAllSubmatch([]byte(headers[i]), 1)
    136. 

  136. 			if len(header_parts) != 0 && len(header_parts[0]) == 3 {
    137. 

  137. 				header_name := string(header_parts[0][1])
    138. 

  138. 				header_value := string(header_parts[0][2])
    139. 

  139. 

  140. 				if strings.ToLower(name) == strings.ToLower(header_name) {
    141. 

  141. 					old_header := header_name + ": " + header_value + "\r\n"
    142. 

  142. 					new_header := name + ": " + value + "\r\n"
    143. 

  143. 					j.Headers = strings.Replace(j.Headers, old_header, new_header, 1)
    144. 

  144. 					return
    145. 

  145. 				}
    146. 

  146. 			}
    147. 

  147. 		}
    148. 

  148. 	}
    149. 

  149. 	j.Headers += name + ": " + value + "\r\n"
    150. 

  150. }
    151. 

  151. 

  152. func (j *JSRequest) RemoveHeader(name string) {
    153. 

  153. 	headers := strings.Split(j.Headers, "\r\n")
    154. 

  154. 	for i := 0; i < len(headers); i++ {
    155. 

  155. 		if headers[i] != "" {
    156. 

  156. 			header_parts := header_regexp.FindAllSubmatch([]byte(headers[i]), 1)
    157. 

  157. 			if len(header_parts) != 0 && len(header_parts[0]) == 3 {
    158. 

  158. 				header_name := string(header_parts[0][1])
    159. 

  159. 				header_value := string(header_parts[0][2])
    160. 

  160. 

  161. 				if strings.ToLower(name) == strings.ToLower(header_name) {
    162. 

  162. 					removed_header := header_name + ": " + header_value + "\r\n"
    163. 

  163. 					j.Headers = strings.Replace(j.Headers, removed_header, "", 1)
    164. 

  164. 					return
    165. 

  165. 				}
    166. 

  166. 			}
    167. 

  167. 		}
    168. 

  168. 	}
    169. 

  169. }
    170. 

  170. 

  171. func (j *JSRequest) ReadBody() string {
    172. 

  172. 	raw, err := ioutil.ReadAll(j.req.Body)
    173. 

  173. 	if err != nil {
    174. 

  174. 		return ""
    175. 

  175. 	}
    176. 

  176. 

  177. 	j.Body = string(raw)
    178. 

  178. 	j.bodyRead = true
    179. 

  179. 	// reset the request body to the original unread state
    180. 

  180. 	j.req.Body = ioutil.NopCloser(bytes.NewBuffer(raw))
    181. 

  181. 

  182. 	return j.Body
    183. 

  183. }
    184. 

  184. 

  185. func (j *JSRequest) ParseForm() map[string]string {
    186. 

  186. 	if j.Body == "" {
    187. 

  187. 		j.Body = j.ReadBody()
    188. 

  188. 	}
    189. 

  189. 

  190. 	form := make(map[string]string)
    191. 

  191. 	parts := strings.Split(j.Body, "&")
    192. 

  192. 

  193. 	for _, part := range parts {
    194. 

  194. 		nv := strings.SplitN(part, "=", 2)
    195. 

  195. 		if len(nv) == 2 {
    196. 

  196. 			unescaped, err := url.QueryUnescape(nv[1])
    197. 

  197. 			if err == nil {
    198. 

  198. 				form[nv[0]] = unescaped
    199. 

  199. 			} else {
    200. 

  200. 				form[nv[0]] = nv[1]
    201. 

  201. 			}
    202. 

  202. 		}
    203. 

  203. 	}
    204. 

  204. 

  205. 	return form
    206. 

  206. }
    207. 

  207. 

  208. func (j *JSRequest) ToRequest() (req *http.Request) {
    209. 

  209. 	portPart := ""
    210. 

  210. 	if j.Port != "" {
    211. 

  211. 		portPart = fmt.Sprintf(":%s", j.Port)
    212. 

  212. 	}
    213. 

  213. 

  214. 	url := fmt.Sprintf("%s://%s%s%s?%s", j.Scheme, j.Hostname, portPart, j.Path, j.Query)
    215. 

  215. 	if j.Body == "" {
    216. 

  216. 		req, _ = http.NewRequest(j.Method, url, j.req.Body)
    217. 

  217. 	} else {
    218. 

  218. 		req, _ = http.NewRequest(j.Method, url, strings.NewReader(j.Body))
    219. 

  219. 	}
    220. 

  220. 

  221. 	headers := strings.Split(j.Headers, "\r\n")
    222. 

  222. 	for i := 0; i < len(headers); i++ {
    223. 

  223. 		if headers[i] != "" {
    224. 

  224. 			header_parts := header_regexp.FindAllSubmatch([]byte(headers[i]), 1)
    225. 

  225. 			if len(header_parts) != 0 && len(header_parts[0]) == 3 {
    226. 

  226. 				header_name := string(header_parts[0][1])
    227. 

  227. 				header_value := string(header_parts[0][2])
    228. 

  228. 

  229. 				if strings.ToLower(header_name) == "content-type" {
    230. 

  230. 					if header_value != j.ContentType {
    231. 

  231. 						req.Header.Set(header_name, j.ContentType)
    232. 

  232. 						continue
    233. 

  233. 					}
    234. 

  234. 				}
    235. 

  235. 				req.Header.Set(header_name, header_value)
    236. 

  236. 			}
    237. 

  237. 		}
    238. 

  238. 	}
    239. 

  239. 

  240. 	req.RemoteAddr = j.Client["IP"]
    241. 

  241. 

  242. 	return
    243. 

  243. }
    244.