Diff
checker
文本
文本
图像
文档
Excel
文件夹
Legal
Enterprise
桌面版
定价
登录
下载 Diffchecker 桌面版
比较文本
查找两个文本文件之间的差异
工具
历史
实时编辑器
隐藏空白更改
折叠未更改行
关闭换行
视图
拆分
统一
比对精度
智能
单词
字符
文本样式
更改外观
语法高亮
选择语法
忽略
文本转换
转到第一个差异
编辑输入
Diffchecker Desktop
运行Diffchecker最安全的方式。获取Diffchecker桌面应用:您的差异永远不会离开您的电脑!
获取桌面版
Untitled diff
创建于
9年前
差异永不过期
清除
导出
分享
解释
0 删除
行
总计
删除
字符
总计
删除
要继续使用此功能,请升级到
Diff
checker
Pro
查看价格
429 行
全部复制
13 添加
行
总计
添加
字符
总计
添加
要继续使用此功能,请升级到
Diff
checker
Pro
查看价格
432 行
全部复制
#!/usr/bin/env python
#!/usr/bin/env python
# -*- coding: utf-8 -*-
# -*- coding: utf-8 -*-
import logging
import logging
import argparse
import argparse
import urllib3
import urllib3
from threading import Thread
from threading import Thread
from urlparse import urlparse
from urlparse import urlparse
from socket import *
from socket import *
from threading import Thread
from threading import Thread
from time import sleep
from time import sleep
# Constants
# Constants
SOCKTIMEOUT = 5
SOCKTIMEOUT = 5
RESENDTIMEOUT = 300
RESENDTIMEOUT = 300
VER = "\x05"
VER = "\x05"
METHOD = "\x00"
METHOD = "\x00"
SUCCESS = "\x00"
SUCCESS = "\x00"
SOCKFAIL = "\x01"
SOCKFAIL = "\x01"
NETWORKFAIL = "\x02"
NETWORKFAIL = "\x02"
HOSTFAIL = "\x04"
HOSTFAIL = "\x04"
REFUSED = "\x05"
REFUSED = "\x05"
TTLEXPIRED = "\x06"
TTLEXPIRED = "\x06"
UNSUPPORTCMD = "\x07"
UNSUPPORTCMD = "\x07"
ADDRTYPEUNSPPORT = "\x08"
ADDRTYPEUNSPPORT = "\x08"
UNASSIGNED = "\x09"
UNASSIGNED = "\x09"
复制
已复制
复制
已复制
basic_header = {"Authorization": "Basic RG9tYWluVXNlcm5hbWU6UGFzc3dvcmQ="}
BASICCHECKSTRING = "Georg says, 'All seems fine'"
BASICCHECKSTRING = "Georg says, 'All seems fine'"
# Globals
# Globals
READBUFSIZE = 1024
READBUFSIZE = 1024
# Logging
# Logging
RESET_SEQ = "\033[0m"
RESET_SEQ = "\033[0m"
COLOR_SEQ = "\033[1;%dm"
COLOR_SEQ = "\033[1;%dm"
BOLD_SEQ = "\033[1m"
BOLD_SEQ = "\033[1m"
BLACK, RED, GREEN, YELLOW, BLUE, MAGENTA, CYAN, WHITE = range(8)
BLACK, RED, GREEN, YELLOW, BLUE, MAGENTA, CYAN, WHITE = range(8)
LEVEL = {"INFO": logging.INFO, "DEBUG": logging.DEBUG, }
LEVEL = {"INFO": logging.INFO, "DEBUG": logging.DEBUG, }
logLevel = "INFO"
logLevel = "INFO"
COLORS = {
COLORS = {
'WARNING': YELLOW,
'WARNING': YELLOW,
'INFO': WHITE,
'INFO': WHITE,
'DEBUG': BLUE,
'DEBUG': BLUE,
'CRITICAL': YELLOW,
'CRITICAL': YELLOW,
'ERROR': RED,
'ERROR': RED,
'RED': RED,
'RED': RED,
'GREEN': GREEN,
'GREEN': GREEN,
'YELLOW': YELLOW,
'YELLOW': YELLOW,
'BLUE': BLUE,
'BLUE': BLUE,
'MAGENTA': MAGENTA,
'MAGENTA': MAGENTA,
'CYAN': CYAN,
'CYAN': CYAN,
'WHITE': WHITE,
'WHITE': WHITE,
}
}
def formatter_message(message, use_color=True):
def formatter_message(message, use_color=True):
if use_color:
if use_color:
message = message.replace("$RESET", RESET_SEQ).replace("$BOLD", BOLD_SEQ)
message = message.replace("$RESET", RESET_SEQ).replace("$BOLD", BOLD_SEQ)
else:
else:
message = message.replace("$RESET", "").replace("$BOLD", "")
message = message.replace("$RESET", "").replace("$BOLD", "")
return message
return message
class ColoredFormatter(logging.Formatter):
class ColoredFormatter(logging.Formatter):
def __init__(self, msg, use_color=True):
def __init__(self, msg, use_color=True):
logging.Formatter.__init__(self, msg)
logging.Formatter.__init__(self, msg)
self.use_color = use_color
self.use_color = use_color
def format(self, record):
def format(self, record):
levelname = record.levelname
levelname = record.levelname
if self.use_color and levelname in COLORS:
if self.use_color and levelname in COLORS:
levelname_color = COLOR_SEQ % (30 + COLORS[levelname]) + levelname + RESET_SEQ
levelname_color = COLOR_SEQ % (30 + COLORS[levelname]) + levelname + RESET_SEQ
record.levelname = levelname_color
record.levelname = levelname_color
return logging.Formatter.format(self, record)
return logging.Formatter.format(self, record)
class ColoredLogger(logging.Logger):
class ColoredLogger(logging.Logger):
def __init__(self, name):
def __init__(self, name):
FORMAT = "[$BOLD%(levelname)-18s$RESET] %(message)s"
FORMAT = "[$BOLD%(levelname)-18s$RESET] %(message)s"
COLOR_FORMAT = formatter_message(FORMAT, True)
COLOR_FORMAT = formatter_message(FORMAT, True)
logging.Logger.__init__(self, name, logLevel)
logging.Logger.__init__(self, name, logLevel)
if (name == "transfer"):
if (name == "transfer"):
COLOR_FORMAT = "\x1b[80D\x1b[1A\x1b[K%s" % COLOR_FORMAT
COLOR_FORMAT = "\x1b[80D\x1b[1A\x1b[K%s" % COLOR_FORMAT
color_formatter = ColoredFormatter(COLOR_FORMAT)
color_formatter = ColoredFormatter(COLOR_FORMAT)
console = logging.StreamHandler()
console = logging.StreamHandler()
console.setFormatter(color_formatter)
console.setFormatter(color_formatter)
self.addHandler(console)
self.addHandler(console)
return
return
logging.setLoggerClass(ColoredLogger)
logging.setLoggerClass(ColoredLogger)
log = logging.getLogger(__name__)
log = logging.getLogger(__name__)
transferLog = logging.getLogger("transfer")
transferLog = logging.getLogger("transfer")
class SocksCmdNotImplemented(Exception):
class SocksCmdNotImplemented(Exception):
pass
pass
class SocksProtocolNotImplemented(Exception):
class SocksProtocolNotImplemented(Exception):
pass
pass
class RemoteConnectionFailed(Exception):
class RemoteConnectionFailed(Exception):
pass
pass
class session(Thread):
class session(Thread):
def __init__(self, pSocket, connectString):
def __init__(self, pSocket, connectString):
Thread.__init__(self)
Thread.__init__(self)
self.pSocket = pSocket
self.pSocket = pSocket
self.connectString = connectString
self.connectString = connectString
o = urlparse(connectString)
o = urlparse(connectString)
try:
try:
self.httpPort = o.port
self.httpPort = o.port
except:
except:
if o.scheme == "https":
if o.scheme == "https":
self.httpPort = 443
self.httpPort = 443
else:
else:
self.httpPort = 80
self.httpPort = 80
self.httpScheme = o.scheme
self.httpScheme = o.scheme
self.httpHost = o.netloc.split(":")[0]
self.httpHost = o.netloc.split(":")[0]
self.httpPath = o.path
self.httpPath = o.path
self.cookie = None
self.cookie = None
if o.scheme == "http":
if o.scheme == "http":
self.httpScheme = urllib3.HTTPConnectionPool
self.httpScheme = urllib3.HTTPConnectionPool
else:
else:
self.httpScheme = urllib3.HTTPSConnectionPool
self.httpScheme = urllib3.HTTPSConnectionPool
def parseSocks5(self, sock):
def parseSocks5(self, sock):
log.debug("SocksVersion5 detected")
log.debug("SocksVersion5 detected")
nmethods, methods = (sock.recv(1), sock.recv(1))
nmethods, methods = (sock.recv(1), sock.recv(1))
sock.sendall(VER + METHOD)
sock.sendall(VER + METHOD)
ver = sock.recv(1)
ver = sock.recv(1)
if ver == "\x02": # this is a hack for proxychains
if ver == "\x02": # this is a hack for proxychains
ver, cmd, rsv, atyp = (sock.recv(1), sock.recv(1), sock.recv(1), sock.recv(1))
ver, cmd, rsv, atyp = (sock.recv(1), sock.recv(1), sock.recv(1), sock.recv(1))
else:
else:
cmd, rsv, atyp = (sock.recv(1), sock.recv(1), sock.recv(1))
cmd, rsv, atyp = (sock.recv(1), sock.recv(1), sock.recv(1))
target = None
target = None
targetPort = None
targetPort = None
if atyp == "\x01": # IPv4
if atyp == "\x01": # IPv4
# Reading 6 bytes for the IP and Port
# Reading 6 bytes for the IP and Port
target = sock.recv(4)
target = sock.recv(4)
targetPort = sock.recv(2)
targetPort = sock.recv(2)
target = "." .join([str(ord(i)) for i in target])
target = "." .join([str(ord(i)) for i in target])
elif atyp == "\x03": # Hostname
elif atyp == "\x03": # Hostname
targetLen = ord(sock.recv(1)) # hostname length (1 byte)
targetLen = ord(sock.recv(1)) # hostname length (1 byte)
target = sock.recv(targetLen)
target = sock.recv(targetLen)
targetPort = sock.recv(2)
targetPort = sock.recv(2)
target = "".join([unichr(ord(i)) for i in target])
target = "".join([unichr(ord(i)) for i in target])
elif atyp == "\x04": # IPv6
elif atyp == "\x04": # IPv6
target = sock.recv(16)
target = sock.recv(16)
targetPort = sock.recv(2)
targetPort = sock.recv(2)
tmp_addr = []
tmp_addr = []
for i in xrange(len(target) / 2):
for i in xrange(len(target) / 2):
tmp_addr.append(unichr(ord(target[2 * i]) * 256 + ord(target[2 * i + 1])))
tmp_addr.append(unichr(ord(target[2 * i]) * 256 + ord(target[2 * i + 1])))
target = ":".join(tmp_addr)
target = ":".join(tmp_addr)
targetPort = ord(targetPort[0]) * 256 + ord(targetPort[1])
targetPort = ord(targetPort[0]) * 256 + ord(targetPort[1])
if cmd == "\x02": # BIND
if cmd == "\x02": # BIND
raise SocksCmdNotImplemented("Socks5 - BIND not implemented")
raise SocksCmdNotImplemented("Socks5 - BIND not implemented")
elif cmd == "\x03": # UDP
elif cmd == "\x03": # UDP
raise SocksCmdNotImplemented("Socks5 - UDP not implemented")
raise SocksCmdNotImplemented("Socks5 - UDP not implemented")
elif cmd == "\x01": # CONNECT
elif cmd == "\x01": # CONNECT
serverIp = target
serverIp = target
try:
try:
serverIp = gethostbyname(target)
serverIp = gethostbyname(target)
except:
except:
log.error("oeps")
log.error("oeps")
serverIp = "".join([chr(int(i)) for i in serverIp.split(".")])
serverIp = "".join([chr(int(i)) for i in serverIp.split(".")])
self.cookie = self.setupRemoteSession(target, targetPort)
self.cookie = self.setupRemoteSession(target, targetPort)
if self.cookie:
if self.cookie:
sock.sendall(VER + SUCCESS + "\x00" + "\x01" + serverIp + chr(targetPort / 256) + chr(targetPort % 256))
sock.sendall(VER + SUCCESS + "\x00" + "\x01" + serverIp + chr(targetPort / 256) + chr(targetPort % 256))
return True
return True
else:
else:
sock.sendall(VER + REFUSED + "\x00" + "\x01" + serverIp + chr(targetPort / 256) + chr(targetPort % 256))
sock.sendall(VER + REFUSED + "\x00" + "\x01" + serverIp + chr(targetPort / 256) + chr(targetPort % 256))
raise RemoteConnectionFailed("[%s:%d] Remote failed" % (target, targetPort))
raise RemoteConnectionFailed("[%s:%d] Remote failed" % (target, targetPort))
raise SocksCmdNotImplemented("Socks5 - Unknown CMD")
raise SocksCmdNotImplemented("Socks5 - Unknown CMD")
def parseSocks4(self, sock):
def parseSocks4(self, sock):
log.debug("SocksVersion4 detected")
log.debug("SocksVersion4 detected")
cmd = sock.recv(1)
cmd = sock.recv(1)
if cmd == "\x01": # Connect
if cmd == "\x01": # Connect
targetPort = sock.recv(2)
targetPort = sock.recv(2)
targetPort = ord(targetPort[0]) * 256 + ord(targetPort[1])
targetPort = ord(targetPort[0]) * 256 + ord(targetPort[1])
target = sock.recv(4)
target = sock.recv(4)
sock.recv(1)
sock.recv(1)
target = ".".join([str(ord(i)) for i in target])
target = ".".join([str(ord(i)) for i in target])
serverIp = target
serverIp = target
try:
try:
serverIp = gethostbyname(target)
serverIp = gethostbyname(target)
except:
except:
log.error("oeps")
log.error("oeps")
serverIp = "".join([chr(int(i)) for i in serverIp.split(".")])
serverIp = "".join([chr(int(i)) for i in serverIp.split(".")])
self.cookie = self.setupRemoteSession(target, targetPort)
self.cookie = self.setupRemoteSession(target, targetPort)
if self.cookie:
if self.cookie:
sock.sendall(chr(0) + chr(90) + serverIp + chr(targetPort / 256) + chr(targetPort % 256))
sock.sendall(chr(0) + chr(90) + serverIp + chr(targetPort / 256) + chr(targetPort % 256))
return True
return True
else:
else:
sock.sendall("\x00" + "\x91" + serverIp + chr(targetPort / 256) + chr(targetPort % 256))
sock.sendall("\x00" + "\x91" + serverIp + chr(targetPort / 256) + chr(targetPort % 256))
raise RemoteConnectionFailed("Remote connection failed")
raise RemoteConnectionFailed("Remote connection failed")
else:
else:
raise SocksProtocolNotImplemented("Socks4 - Command [%d] Not implemented" % ord(cmd))
raise SocksProtocolNotImplemented("Socks4 - Command [%d] Not implemented" % ord(cmd))
def handleSocks(self, sock):
def handleSocks(self, sock):
# This is where we setup the socks connection
# This is where we setup the socks connection
ver = sock.recv(1)
ver = sock.recv(1)
if ver == "\x05":
if ver == "\x05":
return self.parseSocks5(sock)
return self.parseSocks5(sock)
elif ver == "\x04":
elif ver == "\x04":
return self.parseSocks4(sock)
return self.parseSocks4(sock)
def setupRemoteSession(self, target, port):
def setupRemoteSession(self, target, port):
headers = {"X-CMD": "CONNECT", "X-TARGET": target, "X-PORT": port}
headers = {"X-CMD": "CONNECT", "X-TARGET": target, "X-PORT": port}
self.target = target
self.target = target
self.port = port
self.port = port
cookie = None
cookie = None
conn = self.httpScheme(host=self.httpHost, port=self.httpPort)
conn = self.httpScheme(host=self.httpHost, port=self.httpPort)
# response = conn.request("POST", self.httpPath, params, headers)
# response = conn.request("POST", self.httpPath, params, headers)
复制
已复制
复制
已复制
response = conn.urlopen('POST', self.connectString + "?cmd=connect&target=%s&port=%d" % (target, port), headers=
headers
, body="")
response = conn.urlopen('POST', self.connectString + "?cmd=connect&target=%s&port=%d" % (target, port), headers=
dict(
headers
,**basic_header)
, body="")
if response.status == 200:
if response.status == 200:
status = response.getheader("x-status")
status = response.getheader("x-status")
if status == "OK":
if status == "OK":
cookie = response.getheader("set-cookie")
cookie = response.getheader("set-cookie")
log.info("[%s:%d] HTTP [200]: cookie [%s]" % (self.target, self.port, cookie))
log.info("[%s:%d] HTTP [200]: cookie [%s]" % (self.target, self.port, cookie))
else:
else:
if response.getheader("X-ERROR") is not None:
if response.getheader("X-ERROR") is not None:
log.error(response.getheader("X-ERROR"))
log.error(response.getheader("X-ERROR"))
else:
else:
log.error("[%s:%d] HTTP [%d]: [%s]" % (self.target, self.port, response.status, response.getheader("X-ERROR")))
log.error("[%s:%d] HTTP [%d]: [%s]" % (self.target, self.port, response.status, response.getheader("X-ERROR")))
log.error("[%s:%d] RemoteError: %s" % (self.target, self.port, response.data))
log.error("[%s:%d] RemoteError: %s" % (self.target, self.port, response.data))
conn.close()
conn.close()
return cookie
return cookie
def closeRemoteSession(self):
def closeRemoteSession(self):
headers = {"X-CMD": "DISCONNECT", "Cookie": self.cookie}
headers = {"X-CMD": "DISCONNECT", "Cookie": self.cookie}
params = ""
params = ""
conn = self.httpScheme(host=self.httpHost, port=self.httpPort)
conn = self.httpScheme(host=self.httpHost, port=self.httpPort)
复制
已复制
复制
已复制
response = conn.request("POST", self.httpPath + "?cmd=disconnect", params,
headers
)
response = conn.request("POST", self.httpPath + "?cmd=disconnect", params,
dict(
headers
, **basic_header)
)
if response.status == 200:
if response.status == 200:
log.info("[%s:%d] Connection Terminated" % (self.target, self.port))
log.info("[%s:%d] Connection Terminated" % (self.target, self.port))
conn.close()
conn.close()
def reader(self):
def reader(self):
conn = urllib3.PoolManager()
conn = urllib3.PoolManager()
while True:
while True:
try:
try:
if not self.pSocket:
if not self.pSocket:
break
break
data = ""
data = ""
headers = {"X-CMD": "READ", "Cookie": self.cookie, "Connection": "Keep-Alive"}
headers = {"X-CMD": "READ", "Cookie": self.cookie, "Connection": "Keep-Alive"}
复制
已复制
复制
已复制
response = conn.urlopen('POST', self.connectString + "?cmd=read", headers=
headers
, body="")
response = conn.urlopen('POST', self.connectString + "?cmd=read", headers=
dict(
headers
,**basic_header)
, body="")
data = None
data = None
if response.status == 200:
if response.status == 200:
status = response.getheader("x-status")
status = response.getheader("x-status")
if status == "OK":
if status == "OK":
if response.getheader("set-cookie") is not None:
if response.getheader("set-cookie") is not None:
cookie = response.getheader("set-cookie")
cookie = response.getheader("set-cookie")
data = response.data
data = response.data
# Yes I know this is horrible, but its a quick fix to issues with tomcat 5.x bugs that have been reported, will find a propper fix laters
# Yes I know this is horrible, but its a quick fix to issues with tomcat 5.x bugs that have been reported, will find a propper fix laters
try:
try:
if response.getheader("server").find("Apache-Coyote/1.1") > 0:
if response.getheader("server").find("Apache-Coyote/1.1") > 0:
data = data[:len(data) - 1]
data = data[:len(data) - 1]
except:
except:
pass
pass
if data is None:
if data is None:
data = ""
data = ""
else:
else:
data = None
data = None
log.error("[%s:%d] HTTP [%d]: Status: [%s]: Message [%s] Shutting down" % (self.target, self.port, response.status, status, response.getheader("X-ERROR")))
log.error("[%s:%d] HTTP [%d]: Status: [%s]: Message [%s] Shutting down" % (self.target, self.port, response.status, status, response.getheader("X-ERROR")))
else:
else:
log.error("[%s:%d] HTTP [%d]: Shutting down" % (self.target, self.port, response.status))
log.error("[%s:%d] HTTP [%d]: Shutting down" % (self.target, self.port, response.status))
if data is None:
if data is None:
# Remote socket closed
# Remote socket closed
break
break
if len(data) == 0:
if len(data) == 0:
sleep(0.1)
sleep(0.1)
continue
continue
transferLog.info("[%s:%d] <<<< [%d]" % (self.target, self.port, len(data)))
transferLog.info("[%s:%d] <<<< [%d]" % (self.target, self.port, len(data)))
self.pSocket.send(data)
self.pSocket.send(data)
except Exception, ex:
except Exception, ex:
raise ex
raise ex
self.closeRemoteSession()
self.closeRemoteSession()
log.debug("[%s:%d] Closing localsocket" % (self.target, self.port))
log.debug("[%s:%d] Closing localsocket" % (self.target, self.port))
try:
try:
self.pSocket.close()
self.pSocket.close()
except:
except:
log.debug("[%s:%d] Localsocket already closed" % (self.target, self.port))
log.debug("[%s:%d] Localsocket already closed" % (self.target, self.port))
def writer(self):
def writer(self):
global READBUFSIZE
global READBUFSIZE
conn = urllib3.PoolManager()
conn = urllib3.PoolManager()
while True:
while True:
try:
try:
self.pSocket.settimeout(1)
self.pSocket.settimeout(1)
data = self.pSocket.recv(READBUFSIZE)
data = self.pSocket.recv(READBUFSIZE)
if not data:
if not data:
break
break
headers = {"X-CMD": "FORWARD", "Cookie": self.cookie, "Content-Type": "application/octet-stream", "Connection": "Keep-Alive"}
headers = {"X-CMD": "FORWARD", "Cookie": self.cookie, "Content-Type": "application/octet-stream", "Connection": "Keep-Alive"}
复制
已复制
复制
已复制
response = conn.urlopen('POST', self.connectString + "?cmd=forward", headers=
headers
, body=data)
response = conn.urlopen('POST', self.connectString + "?cmd=forward", headers=
dict(
headers
, **basic_header)
, body=data)
if response.status == 200:
if response.status == 200:
status = response.getheader("x-status")
status = response.getheader("x-status")
if status == "OK":
if status == "OK":
if response.getheader("set-cookie") is not None:
if response.getheader("set-cookie") is not None:
self.cookie = response.getheader("set-cookie")
self.cookie = response.getheader("set-cookie")
else:
else:
log.error("[%s:%d] HTTP [%d]: Status: [%s]: Message [%s] Shutting down" % (self.target, self.port, response.status, status, response.getheader("x-error")))
log.error("[%s:%d] HTTP [%d]: Status: [%s]: Message [%s] Shutting down" % (self.target, self.port, response.status, status, response.getheader("x-error")))
break
break
else:
else:
log.error("[%s:%d] HTTP [%d]: Shutting down" % (self.target, self.port, response.status))
log.error("[%s:%d] HTTP [%d]: Shutting down" % (self.target, self.port, response.status))
break
break
transferLog.info("[%s:%d] >>>> [%d]" % (self.target, self.port, len(data)))
transferLog.info("[%s:%d] >>>> [%d]" % (self.target, self.port, len(data)))
except timeout:
except timeout:
continue
continue
except Exception, ex:
except Exception, ex:
raise ex
raise ex
break
break
self.closeRemoteSession()
self.closeRemoteSession()
log.debug("Closing localsocket")
log.debug("Closing localsocket")
try:
try:
self.pSocket.close()
self.pSocket.close()
except:
except:
log.debug("Localsocket already closed")
log.debug("Localsocket already closed")
def run(self):
def run(self):
try:
try:
if self.handleSocks(self.pSocket):
if self.handleSocks(self.pSocket):
log.debug("Staring reader")
log.debug("Staring reader")
r = Thread(target=self.reader, args=())
r = Thread(target=self.reader, args=())
r.start()
r.start()
log.debug("Staring writer")
log.debug("Staring writer")
w = Thread(target=self.writer, args=())
w = Thread(target=self.writer, args=())
w.start()
w.start()
r.join()
r.join()
w.join()
w.join()
except SocksCmdNotImplemented, si:
except SocksCmdNotImplemented, si:
log.error(si.message)
log.error(si.message)
self.pSocket.close()
self.pSocket.close()
except SocksProtocolNotImplemented, spi:
except SocksProtocolNotImplemented, spi:
log.error(spi.message)
log.error(spi.message)
self.pSocket.close()
self.pSocket.close()
except Exception, e:
except Exception, e:
log.error(e.message)
log.error(e.message)
self.closeRemoteSession()
self.closeRemoteSession()
self.pSocket.close()
self.pSocket.close()
def askGeorg(connectString):
def askGeorg(connectString):
connectString = connectString
connectString = connectString
o = urlparse(connectString)
o = urlparse(connectString)
try:
try:
httpPort = o.port
httpPort = o.port
except:
except:
if o.scheme == "https":
if o.scheme == "https":
httpPort = 443
httpPort = 443
else:
else:
httpPort = 80
httpPort = 80
httpScheme = o.scheme
httpScheme = o.scheme
httpHost = o.netloc.split(":")[0]
httpHost = o.netloc.split(":")[0]
httpPath = o.path
httpPath = o.path
if o.scheme == "http":
if o.scheme == "http":
httpScheme = urllib3.HTTPConnectionPool
httpScheme = urllib3.HTTPConnectionPool
else:
else:
httpScheme = urllib3.HTTPSConnectionPool
httpScheme = urllib3.HTTPSConnectionPool
conn = httpScheme(host=httpHost, port=httpPort)
conn = httpScheme(host=httpHost, port=httpPort)
复制
已复制
复制
已复制
response = conn.request("GET", httpPath
)
response = conn.request("GET", httpPath
,headers = basic_header
)
if response.status == 200:
if response.status == 200:
if BASICCHECKSTRING == response.data.strip():
if BASICCHECKSTRING == response.data.strip():
log.info(BASICCHECKSTRING)
log.info(BASICCHECKSTRING)
return True
return True
conn.close()
conn.close()
return False
return False
if __name__ == '__main__':
if __name__ == '__main__':
print """\033[1m
print """\033[1m
\033[1;33m
\033[1;33m
_____
_____
_____ ______ __|___ |__ ______ _____ _____ ______
_____ ______ __|___ |__ ______ _____ _____ ______
| | | ___|| ___| || ___|/ \| | | ___|
| | | ___|| ___| || ___|/ \| | | ___|
| \ | ___|| | | || ___|| || \ | | |
| \ | ___|| | | || ___|| || \ | | |
|__|\__\|______||______| __||______|\_____/|__|\__\|______|
|__|\__\|______||______| __||______|\_____/|__|\__\|______|
|_____|
|_____|
... every office needs a tool like Georg
... every office needs a tool like Georg
willem@sensepost.com / @_w_m__
willem@sensepost.com / @_w_m__
sam@sensepost.com / @trowalts
sam@sensepost.com / @trowalts
etienne@sensepost.com / @kamp_staaldraad
etienne@sensepost.com / @kamp_staaldraad
\033[0m
\033[0m
"""
"""
log.setLevel(logging.DEBUG)
log.setLevel(logging.DEBUG)
parser = argparse.ArgumentParser(description='Socks server for reGeorg HTTP(s) tunneller')
parser = argparse.ArgumentParser(description='Socks server for reGeorg HTTP(s) tunneller')
parser.add_argument("-l", "--listen-on", metavar="", help="The default listening address", default="127.0.0.1")
parser.add_argument("-l", "--listen-on", metavar="", help="The default listening address", default="127.0.0.1")
parser.add_argument("-p", "--listen-port", metavar="", help="The default listening port", type=int, default="8888")
parser.add_argument("-p", "--listen-port", metavar="", help="The default listening port", type=int, default="8888")
parser.add_argument("-r", "--read-buff", metavar="", help="Local read buffer, max data to be sent per POST", type=int, default="1024")
parser.add_argument("-r", "--read-buff", metavar="", help="Local read buffer, max data to be sent per POST", type=int, default="1024")
parser.add_argument("-u", "--url", metavar="", required=True, help="The url containing the tunnel script")
parser.add_argument("-u", "--url", metavar="", required=True, help="The url containing the tunnel script")
parser.add_argument("-v", "--verbose", metavar="", help="Verbose output[INFO|DEBUG]", default="INFO")
parser.add_argument("-v", "--verbose", metavar="", help="Verbose output[INFO|DEBUG]", default="INFO")
args = parser.parse_args()
args = parser.parse_args()
if (args.verbose in LEVEL):
if (args.verbose in LEVEL):
log.setLevel(LEVEL[args.verbose])
log.setLevel(LEVEL[args.verbose])
log.info("Log Level set to [%s]" % args.verbose)
log.info("Log Level set to [%s]" % args.verbose)
log.info("Starting socks server [%s:%d], tunnel at [%s]" % (args.listen_on, args.listen_port, args.url))
log.info("Starting socks server [%s:%d], tunnel at [%s]" % (args.listen_on, args.listen_port, args.url))
log.info("Checking if Georg is ready")
log.info("Checking if Georg is ready")
if not askGeorg(args.url):
if not askGeorg(args.url):
log.info("Georg is not ready, please check url")
log.info("Georg is not ready, please check url")
exit()
exit()
READBUFSIZE = args.read_buff
READBUFSIZE = args.read_buff
servSock = socket(AF_INET, SOCK_STREAM)
servSock = socket(AF_INET, SOCK_STREAM)
servSock.setsockopt(SOL_SOCKET, SO_REUSEADDR, 1)
servSock.setsockopt(SOL_SOCKET, SO_REUSEADDR, 1)
servSock.bind((args.listen_on, args.listen_port))
servSock.bind((args.listen_on, args.listen_port))
servSock.listen(1000)
servSock.listen(1000)
while True:
while True:
try:
try:
sock, addr_info = servSock.accept()
sock, addr_info = servSock.accept()
sock.settimeout(SOCKTIMEOUT)
sock.settimeout(SOCKTIMEOUT)
log.debug("Incomming connection")
log.debug("Incomming connection")
session(sock, args.url).start()
session(sock, args.url).start()
except KeyboardInterrupt, ex:
except KeyboardInterrupt, ex:
break
break
except Exception, e:
except Exception, e:
log.error(e)
log.error(e)
servSock.close()
servSock.close()
已保存差异
原始文本
打开文件
#!/usr/bin/env python # -*- coding: utf-8 -*- import logging import argparse import urllib3 from threading import Thread from urlparse import urlparse from socket import * from threading import Thread from time import sleep # Constants SOCKTIMEOUT = 5 RESENDTIMEOUT = 300 VER = "\x05" METHOD = "\x00" SUCCESS = "\x00" SOCKFAIL = "\x01" NETWORKFAIL = "\x02" HOSTFAIL = "\x04" REFUSED = "\x05" TTLEXPIRED = "\x06" UNSUPPORTCMD = "\x07" ADDRTYPEUNSPPORT = "\x08" UNASSIGNED = "\x09" BASICCHECKSTRING = "Georg says, 'All seems fine'" # Globals READBUFSIZE = 1024 # Logging RESET_SEQ = "\033[0m" COLOR_SEQ = "\033[1;%dm" BOLD_SEQ = "\033[1m" BLACK, RED, GREEN, YELLOW, BLUE, MAGENTA, CYAN, WHITE = range(8) LEVEL = {"INFO": logging.INFO, "DEBUG": logging.DEBUG, } logLevel = "INFO" COLORS = { 'WARNING': YELLOW, 'INFO': WHITE, 'DEBUG': BLUE, 'CRITICAL': YELLOW, 'ERROR': RED, 'RED': RED, 'GREEN': GREEN, 'YELLOW': YELLOW, 'BLUE': BLUE, 'MAGENTA': MAGENTA, 'CYAN': CYAN, 'WHITE': WHITE, } def formatter_message(message, use_color=True): if use_color: message = message.replace("$RESET", RESET_SEQ).replace("$BOLD", BOLD_SEQ) else: message = message.replace("$RESET", "").replace("$BOLD", "") return message class ColoredFormatter(logging.Formatter): def __init__(self, msg, use_color=True): logging.Formatter.__init__(self, msg) self.use_color = use_color def format(self, record): levelname = record.levelname if self.use_color and levelname in COLORS: levelname_color = COLOR_SEQ % (30 + COLORS[levelname]) + levelname + RESET_SEQ record.levelname = levelname_color return logging.Formatter.format(self, record) class ColoredLogger(logging.Logger): def __init__(self, name): FORMAT = "[$BOLD%(levelname)-18s$RESET] %(message)s" COLOR_FORMAT = formatter_message(FORMAT, True) logging.Logger.__init__(self, name, logLevel) if (name == "transfer"): COLOR_FORMAT = "\x1b[80D\x1b[1A\x1b[K%s" % COLOR_FORMAT color_formatter = ColoredFormatter(COLOR_FORMAT) console = logging.StreamHandler() console.setFormatter(color_formatter) self.addHandler(console) return logging.setLoggerClass(ColoredLogger) log = logging.getLogger(__name__) transferLog = logging.getLogger("transfer") class SocksCmdNotImplemented(Exception): pass class SocksProtocolNotImplemented(Exception): pass class RemoteConnectionFailed(Exception): pass class session(Thread): def __init__(self, pSocket, connectString): Thread.__init__(self) self.pSocket = pSocket self.connectString = connectString o = urlparse(connectString) try: self.httpPort = o.port except: if o.scheme == "https": self.httpPort = 443 else: self.httpPort = 80 self.httpScheme = o.scheme self.httpHost = o.netloc.split(":")[0] self.httpPath = o.path self.cookie = None if o.scheme == "http": self.httpScheme = urllib3.HTTPConnectionPool else: self.httpScheme = urllib3.HTTPSConnectionPool def parseSocks5(self, sock): log.debug("SocksVersion5 detected") nmethods, methods = (sock.recv(1), sock.recv(1)) sock.sendall(VER + METHOD) ver = sock.recv(1) if ver == "\x02": # this is a hack for proxychains ver, cmd, rsv, atyp = (sock.recv(1), sock.recv(1), sock.recv(1), sock.recv(1)) else: cmd, rsv, atyp = (sock.recv(1), sock.recv(1), sock.recv(1)) target = None targetPort = None if atyp == "\x01": # IPv4 # Reading 6 bytes for the IP and Port target = sock.recv(4) targetPort = sock.recv(2) target = "." .join([str(ord(i)) for i in target]) elif atyp == "\x03": # Hostname targetLen = ord(sock.recv(1)) # hostname length (1 byte) target = sock.recv(targetLen) targetPort = sock.recv(2) target = "".join([unichr(ord(i)) for i in target]) elif atyp == "\x04": # IPv6 target = sock.recv(16) targetPort = sock.recv(2) tmp_addr = [] for i in xrange(len(target) / 2): tmp_addr.append(unichr(ord(target[2 * i]) * 256 + ord(target[2 * i + 1]))) target = ":".join(tmp_addr) targetPort = ord(targetPort[0]) * 256 + ord(targetPort[1]) if cmd == "\x02": # BIND raise SocksCmdNotImplemented("Socks5 - BIND not implemented") elif cmd == "\x03": # UDP raise SocksCmdNotImplemented("Socks5 - UDP not implemented") elif cmd == "\x01": # CONNECT serverIp = target try: serverIp = gethostbyname(target) except: log.error("oeps") serverIp = "".join([chr(int(i)) for i in serverIp.split(".")]) self.cookie = self.setupRemoteSession(target, targetPort) if self.cookie: sock.sendall(VER + SUCCESS + "\x00" + "\x01" + serverIp + chr(targetPort / 256) + chr(targetPort % 256)) return True else: sock.sendall(VER + REFUSED + "\x00" + "\x01" + serverIp + chr(targetPort / 256) + chr(targetPort % 256)) raise RemoteConnectionFailed("[%s:%d] Remote failed" % (target, targetPort)) raise SocksCmdNotImplemented("Socks5 - Unknown CMD") def parseSocks4(self, sock): log.debug("SocksVersion4 detected") cmd = sock.recv(1) if cmd == "\x01": # Connect targetPort = sock.recv(2) targetPort = ord(targetPort[0]) * 256 + ord(targetPort[1]) target = sock.recv(4) sock.recv(1) target = ".".join([str(ord(i)) for i in target]) serverIp = target try: serverIp = gethostbyname(target) except: log.error("oeps") serverIp = "".join([chr(int(i)) for i in serverIp.split(".")]) self.cookie = self.setupRemoteSession(target, targetPort) if self.cookie: sock.sendall(chr(0) + chr(90) + serverIp + chr(targetPort / 256) + chr(targetPort % 256)) return True else: sock.sendall("\x00" + "\x91" + serverIp + chr(targetPort / 256) + chr(targetPort % 256)) raise RemoteConnectionFailed("Remote connection failed") else: raise SocksProtocolNotImplemented("Socks4 - Command [%d] Not implemented" % ord(cmd)) def handleSocks(self, sock): # This is where we setup the socks connection ver = sock.recv(1) if ver == "\x05": return self.parseSocks5(sock) elif ver == "\x04": return self.parseSocks4(sock) def setupRemoteSession(self, target, port): headers = {"X-CMD": "CONNECT", "X-TARGET": target, "X-PORT": port} self.target = target self.port = port cookie = None conn = self.httpScheme(host=self.httpHost, port=self.httpPort) # response = conn.request("POST", self.httpPath, params, headers) response = conn.urlopen('POST', self.connectString + "?cmd=connect&target=%s&port=%d" % (target, port), headers=headers, body="") if response.status == 200: status = response.getheader("x-status") if status == "OK": cookie = response.getheader("set-cookie") log.info("[%s:%d] HTTP [200]: cookie [%s]" % (self.target, self.port, cookie)) else: if response.getheader("X-ERROR") is not None: log.error(response.getheader("X-ERROR")) else: log.error("[%s:%d] HTTP [%d]: [%s]" % (self.target, self.port, response.status, response.getheader("X-ERROR"))) log.error("[%s:%d] RemoteError: %s" % (self.target, self.port, response.data)) conn.close() return cookie def closeRemoteSession(self): headers = {"X-CMD": "DISCONNECT", "Cookie": self.cookie} params = "" conn = self.httpScheme(host=self.httpHost, port=self.httpPort) response = conn.request("POST", self.httpPath + "?cmd=disconnect", params, headers) if response.status == 200: log.info("[%s:%d] Connection Terminated" % (self.target, self.port)) conn.close() def reader(self): conn = urllib3.PoolManager() while True: try: if not self.pSocket: break data = "" headers = {"X-CMD": "READ", "Cookie": self.cookie, "Connection": "Keep-Alive"} response = conn.urlopen('POST', self.connectString + "?cmd=read", headers=headers, body="") data = None if response.status == 200: status = response.getheader("x-status") if status == "OK": if response.getheader("set-cookie") is not None: cookie = response.getheader("set-cookie") data = response.data # Yes I know this is horrible, but its a quick fix to issues with tomcat 5.x bugs that have been reported, will find a propper fix laters try: if response.getheader("server").find("Apache-Coyote/1.1") > 0: data = data[:len(data) - 1] except: pass if data is None: data = "" else: data = None log.error("[%s:%d] HTTP [%d]: Status: [%s]: Message [%s] Shutting down" % (self.target, self.port, response.status, status, response.getheader("X-ERROR"))) else: log.error("[%s:%d] HTTP [%d]: Shutting down" % (self.target, self.port, response.status)) if data is None: # Remote socket closed break if len(data) == 0: sleep(0.1) continue transferLog.info("[%s:%d] <<<< [%d]" % (self.target, self.port, len(data))) self.pSocket.send(data) except Exception, ex: raise ex self.closeRemoteSession() log.debug("[%s:%d] Closing localsocket" % (self.target, self.port)) try: self.pSocket.close() except: log.debug("[%s:%d] Localsocket already closed" % (self.target, self.port)) def writer(self): global READBUFSIZE conn = urllib3.PoolManager() while True: try: self.pSocket.settimeout(1) data = self.pSocket.recv(READBUFSIZE) if not data: break headers = {"X-CMD": "FORWARD", "Cookie": self.cookie, "Content-Type": "application/octet-stream", "Connection": "Keep-Alive"} response = conn.urlopen('POST', self.connectString + "?cmd=forward", headers=headers, body=data) if response.status == 200: status = response.getheader("x-status") if status == "OK": if response.getheader("set-cookie") is not None: self.cookie = response.getheader("set-cookie") else: log.error("[%s:%d] HTTP [%d]: Status: [%s]: Message [%s] Shutting down" % (self.target, self.port, response.status, status, response.getheader("x-error"))) break else: log.error("[%s:%d] HTTP [%d]: Shutting down" % (self.target, self.port, response.status)) break transferLog.info("[%s:%d] >>>> [%d]" % (self.target, self.port, len(data))) except timeout: continue except Exception, ex: raise ex break self.closeRemoteSession() log.debug("Closing localsocket") try: self.pSocket.close() except: log.debug("Localsocket already closed") def run(self): try: if self.handleSocks(self.pSocket): log.debug("Staring reader") r = Thread(target=self.reader, args=()) r.start() log.debug("Staring writer") w = Thread(target=self.writer, args=()) w.start() r.join() w.join() except SocksCmdNotImplemented, si: log.error(si.message) self.pSocket.close() except SocksProtocolNotImplemented, spi: log.error(spi.message) self.pSocket.close() except Exception, e: log.error(e.message) self.closeRemoteSession() self.pSocket.close() def askGeorg(connectString): connectString = connectString o = urlparse(connectString) try: httpPort = o.port except: if o.scheme == "https": httpPort = 443 else: httpPort = 80 httpScheme = o.scheme httpHost = o.netloc.split(":")[0] httpPath = o.path if o.scheme == "http": httpScheme = urllib3.HTTPConnectionPool else: httpScheme = urllib3.HTTPSConnectionPool conn = httpScheme(host=httpHost, port=httpPort) response = conn.request("GET", httpPath) if response.status == 200: if BASICCHECKSTRING == response.data.strip(): log.info(BASICCHECKSTRING) return True conn.close() return False if __name__ == '__main__': print """\033[1m \033[1;33m _____ _____ ______ __|___ |__ ______ _____ _____ ______ | | | ___|| ___| || ___|/ \| | | ___| | \ | ___|| | | || ___|| || \ | | | |__|\__\|______||______| __||______|\_____/|__|\__\|______| |_____| ... every office needs a tool like Georg willem@sensepost.com / @_w_m__ sam@sensepost.com / @trowalts etienne@sensepost.com / @kamp_staaldraad \033[0m """ log.setLevel(logging.DEBUG) parser = argparse.ArgumentParser(description='Socks server for reGeorg HTTP(s) tunneller') parser.add_argument("-l", "--listen-on", metavar="", help="The default listening address", default="127.0.0.1") parser.add_argument("-p", "--listen-port", metavar="", help="The default listening port", type=int, default="8888") parser.add_argument("-r", "--read-buff", metavar="", help="Local read buffer, max data to be sent per POST", type=int, default="1024") parser.add_argument("-u", "--url", metavar="", required=True, help="The url containing the tunnel script") parser.add_argument("-v", "--verbose", metavar="", help="Verbose output[INFO|DEBUG]", default="INFO") args = parser.parse_args() if (args.verbose in LEVEL): log.setLevel(LEVEL[args.verbose]) log.info("Log Level set to [%s]" % args.verbose) log.info("Starting socks server [%s:%d], tunnel at [%s]" % (args.listen_on, args.listen_port, args.url)) log.info("Checking if Georg is ready") if not askGeorg(args.url): log.info("Georg is not ready, please check url") exit() READBUFSIZE = args.read_buff servSock = socket(AF_INET, SOCK_STREAM) servSock.setsockopt(SOL_SOCKET, SO_REUSEADDR, 1) servSock.bind((args.listen_on, args.listen_port)) servSock.listen(1000) while True: try: sock, addr_info = servSock.accept() sock.settimeout(SOCKTIMEOUT) log.debug("Incomming connection") session(sock, args.url).start() except KeyboardInterrupt, ex: break except Exception, e: log.error(e) servSock.close()
更改后文本
打开文件
#!/usr/bin/env python # -*- coding: utf-8 -*- import logging import argparse import urllib3 from threading import Thread from urlparse import urlparse from socket import * from threading import Thread from time import sleep # Constants SOCKTIMEOUT = 5 RESENDTIMEOUT = 300 VER = "\x05" METHOD = "\x00" SUCCESS = "\x00" SOCKFAIL = "\x01" NETWORKFAIL = "\x02" HOSTFAIL = "\x04" REFUSED = "\x05" TTLEXPIRED = "\x06" UNSUPPORTCMD = "\x07" ADDRTYPEUNSPPORT = "\x08" UNASSIGNED = "\x09" basic_header = {"Authorization": "Basic RG9tYWluVXNlcm5hbWU6UGFzc3dvcmQ="} BASICCHECKSTRING = "Georg says, 'All seems fine'" # Globals READBUFSIZE = 1024 # Logging RESET_SEQ = "\033[0m" COLOR_SEQ = "\033[1;%dm" BOLD_SEQ = "\033[1m" BLACK, RED, GREEN, YELLOW, BLUE, MAGENTA, CYAN, WHITE = range(8) LEVEL = {"INFO": logging.INFO, "DEBUG": logging.DEBUG, } logLevel = "INFO" COLORS = { 'WARNING': YELLOW, 'INFO': WHITE, 'DEBUG': BLUE, 'CRITICAL': YELLOW, 'ERROR': RED, 'RED': RED, 'GREEN': GREEN, 'YELLOW': YELLOW, 'BLUE': BLUE, 'MAGENTA': MAGENTA, 'CYAN': CYAN, 'WHITE': WHITE, } def formatter_message(message, use_color=True): if use_color: message = message.replace("$RESET", RESET_SEQ).replace("$BOLD", BOLD_SEQ) else: message = message.replace("$RESET", "").replace("$BOLD", "") return message class ColoredFormatter(logging.Formatter): def __init__(self, msg, use_color=True): logging.Formatter.__init__(self, msg) self.use_color = use_color def format(self, record): levelname = record.levelname if self.use_color and levelname in COLORS: levelname_color = COLOR_SEQ % (30 + COLORS[levelname]) + levelname + RESET_SEQ record.levelname = levelname_color return logging.Formatter.format(self, record) class ColoredLogger(logging.Logger): def __init__(self, name): FORMAT = "[$BOLD%(levelname)-18s$RESET] %(message)s" COLOR_FORMAT = formatter_message(FORMAT, True) logging.Logger.__init__(self, name, logLevel) if (name == "transfer"): COLOR_FORMAT = "\x1b[80D\x1b[1A\x1b[K%s" % COLOR_FORMAT color_formatter = ColoredFormatter(COLOR_FORMAT) console = logging.StreamHandler() console.setFormatter(color_formatter) self.addHandler(console) return logging.setLoggerClass(ColoredLogger) log = logging.getLogger(__name__) transferLog = logging.getLogger("transfer") class SocksCmdNotImplemented(Exception): pass class SocksProtocolNotImplemented(Exception): pass class RemoteConnectionFailed(Exception): pass class session(Thread): def __init__(self, pSocket, connectString): Thread.__init__(self) self.pSocket = pSocket self.connectString = connectString o = urlparse(connectString) try: self.httpPort = o.port except: if o.scheme == "https": self.httpPort = 443 else: self.httpPort = 80 self.httpScheme = o.scheme self.httpHost = o.netloc.split(":")[0] self.httpPath = o.path self.cookie = None if o.scheme == "http": self.httpScheme = urllib3.HTTPConnectionPool else: self.httpScheme = urllib3.HTTPSConnectionPool def parseSocks5(self, sock): log.debug("SocksVersion5 detected") nmethods, methods = (sock.recv(1), sock.recv(1)) sock.sendall(VER + METHOD) ver = sock.recv(1) if ver == "\x02": # this is a hack for proxychains ver, cmd, rsv, atyp = (sock.recv(1), sock.recv(1), sock.recv(1), sock.recv(1)) else: cmd, rsv, atyp = (sock.recv(1), sock.recv(1), sock.recv(1)) target = None targetPort = None if atyp == "\x01": # IPv4 # Reading 6 bytes for the IP and Port target = sock.recv(4) targetPort = sock.recv(2) target = "." .join([str(ord(i)) for i in target]) elif atyp == "\x03": # Hostname targetLen = ord(sock.recv(1)) # hostname length (1 byte) target = sock.recv(targetLen) targetPort = sock.recv(2) target = "".join([unichr(ord(i)) for i in target]) elif atyp == "\x04": # IPv6 target = sock.recv(16) targetPort = sock.recv(2) tmp_addr = [] for i in xrange(len(target) / 2): tmp_addr.append(unichr(ord(target[2 * i]) * 256 + ord(target[2 * i + 1]))) target = ":".join(tmp_addr) targetPort = ord(targetPort[0]) * 256 + ord(targetPort[1]) if cmd == "\x02": # BIND raise SocksCmdNotImplemented("Socks5 - BIND not implemented") elif cmd == "\x03": # UDP raise SocksCmdNotImplemented("Socks5 - UDP not implemented") elif cmd == "\x01": # CONNECT serverIp = target try: serverIp = gethostbyname(target) except: log.error("oeps") serverIp = "".join([chr(int(i)) for i in serverIp.split(".")]) self.cookie = self.setupRemoteSession(target, targetPort) if self.cookie: sock.sendall(VER + SUCCESS + "\x00" + "\x01" + serverIp + chr(targetPort / 256) + chr(targetPort % 256)) return True else: sock.sendall(VER + REFUSED + "\x00" + "\x01" + serverIp + chr(targetPort / 256) + chr(targetPort % 256)) raise RemoteConnectionFailed("[%s:%d] Remote failed" % (target, targetPort)) raise SocksCmdNotImplemented("Socks5 - Unknown CMD") def parseSocks4(self, sock): log.debug("SocksVersion4 detected") cmd = sock.recv(1) if cmd == "\x01": # Connect targetPort = sock.recv(2) targetPort = ord(targetPort[0]) * 256 + ord(targetPort[1]) target = sock.recv(4) sock.recv(1) target = ".".join([str(ord(i)) for i in target]) serverIp = target try: serverIp = gethostbyname(target) except: log.error("oeps") serverIp = "".join([chr(int(i)) for i in serverIp.split(".")]) self.cookie = self.setupRemoteSession(target, targetPort) if self.cookie: sock.sendall(chr(0) + chr(90) + serverIp + chr(targetPort / 256) + chr(targetPort % 256)) return True else: sock.sendall("\x00" + "\x91" + serverIp + chr(targetPort / 256) + chr(targetPort % 256)) raise RemoteConnectionFailed("Remote connection failed") else: raise SocksProtocolNotImplemented("Socks4 - Command [%d] Not implemented" % ord(cmd)) def handleSocks(self, sock): # This is where we setup the socks connection ver = sock.recv(1) if ver == "\x05": return self.parseSocks5(sock) elif ver == "\x04": return self.parseSocks4(sock) def setupRemoteSession(self, target, port): headers = {"X-CMD": "CONNECT", "X-TARGET": target, "X-PORT": port} self.target = target self.port = port cookie = None conn = self.httpScheme(host=self.httpHost, port=self.httpPort) # response = conn.request("POST", self.httpPath, params, headers) response = conn.urlopen('POST', self.connectString + "?cmd=connect&target=%s&port=%d" % (target, port), headers=dict(headers,**basic_header), body="") if response.status == 200: status = response.getheader("x-status") if status == "OK": cookie = response.getheader("set-cookie") log.info("[%s:%d] HTTP [200]: cookie [%s]" % (self.target, self.port, cookie)) else: if response.getheader("X-ERROR") is not None: log.error(response.getheader("X-ERROR")) else: log.error("[%s:%d] HTTP [%d]: [%s]" % (self.target, self.port, response.status, response.getheader("X-ERROR"))) log.error("[%s:%d] RemoteError: %s" % (self.target, self.port, response.data)) conn.close() return cookie def closeRemoteSession(self): headers = {"X-CMD": "DISCONNECT", "Cookie": self.cookie} params = "" conn = self.httpScheme(host=self.httpHost, port=self.httpPort) response = conn.request("POST", self.httpPath + "?cmd=disconnect", params, dict(headers, **basic_header)) if response.status == 200: log.info("[%s:%d] Connection Terminated" % (self.target, self.port)) conn.close() def reader(self): conn = urllib3.PoolManager() while True: try: if not self.pSocket: break data = "" headers = {"X-CMD": "READ", "Cookie": self.cookie, "Connection": "Keep-Alive"} response = conn.urlopen('POST', self.connectString + "?cmd=read", headers=dict(headers,**basic_header), body="") data = None if response.status == 200: status = response.getheader("x-status") if status == "OK": if response.getheader("set-cookie") is not None: cookie = response.getheader("set-cookie") data = response.data # Yes I know this is horrible, but its a quick fix to issues with tomcat 5.x bugs that have been reported, will find a propper fix laters try: if response.getheader("server").find("Apache-Coyote/1.1") > 0: data = data[:len(data) - 1] except: pass if data is None: data = "" else: data = None log.error("[%s:%d] HTTP [%d]: Status: [%s]: Message [%s] Shutting down" % (self.target, self.port, response.status, status, response.getheader("X-ERROR"))) else: log.error("[%s:%d] HTTP [%d]: Shutting down" % (self.target, self.port, response.status)) if data is None: # Remote socket closed break if len(data) == 0: sleep(0.1) continue transferLog.info("[%s:%d] <<<< [%d]" % (self.target, self.port, len(data))) self.pSocket.send(data) except Exception, ex: raise ex self.closeRemoteSession() log.debug("[%s:%d] Closing localsocket" % (self.target, self.port)) try: self.pSocket.close() except: log.debug("[%s:%d] Localsocket already closed" % (self.target, self.port)) def writer(self): global READBUFSIZE conn = urllib3.PoolManager() while True: try: self.pSocket.settimeout(1) data = self.pSocket.recv(READBUFSIZE) if not data: break headers = {"X-CMD": "FORWARD", "Cookie": self.cookie, "Content-Type": "application/octet-stream", "Connection": "Keep-Alive"} response = conn.urlopen('POST', self.connectString + "?cmd=forward", headers=dict(headers, **basic_header), body=data) if response.status == 200: status = response.getheader("x-status") if status == "OK": if response.getheader("set-cookie") is not None: self.cookie = response.getheader("set-cookie") else: log.error("[%s:%d] HTTP [%d]: Status: [%s]: Message [%s] Shutting down" % (self.target, self.port, response.status, status, response.getheader("x-error"))) break else: log.error("[%s:%d] HTTP [%d]: Shutting down" % (self.target, self.port, response.status)) break transferLog.info("[%s:%d] >>>> [%d]" % (self.target, self.port, len(data))) except timeout: continue except Exception, ex: raise ex break self.closeRemoteSession() log.debug("Closing localsocket") try: self.pSocket.close() except: log.debug("Localsocket already closed") def run(self): try: if self.handleSocks(self.pSocket): log.debug("Staring reader") r = Thread(target=self.reader, args=()) r.start() log.debug("Staring writer") w = Thread(target=self.writer, args=()) w.start() r.join() w.join() except SocksCmdNotImplemented, si: log.error(si.message) self.pSocket.close() except SocksProtocolNotImplemented, spi: log.error(spi.message) self.pSocket.close() except Exception, e: log.error(e.message) self.closeRemoteSession() self.pSocket.close() def askGeorg(connectString): connectString = connectString o = urlparse(connectString) try: httpPort = o.port except: if o.scheme == "https": httpPort = 443 else: httpPort = 80 httpScheme = o.scheme httpHost = o.netloc.split(":")[0] httpPath = o.path if o.scheme == "http": httpScheme = urllib3.HTTPConnectionPool else: httpScheme = urllib3.HTTPSConnectionPool conn = httpScheme(host=httpHost, port=httpPort) response = conn.request("GET", httpPath,headers = basic_header) if response.status == 200: if BASICCHECKSTRING == response.data.strip(): log.info(BASICCHECKSTRING) return True conn.close() return False if __name__ == '__main__': print """\033[1m \033[1;33m _____ _____ ______ __|___ |__ ______ _____ _____ ______ | | | ___|| ___| || ___|/ \| | | ___| | \ | ___|| | | || ___|| || \ | | | |__|\__\|______||______| __||______|\_____/|__|\__\|______| |_____| ... every office needs a tool like Georg willem@sensepost.com / @_w_m__ sam@sensepost.com / @trowalts etienne@sensepost.com / @kamp_staaldraad \033[0m """ log.setLevel(logging.DEBUG) parser = argparse.ArgumentParser(description='Socks server for reGeorg HTTP(s) tunneller') parser.add_argument("-l", "--listen-on", metavar="", help="The default listening address", default="127.0.0.1") parser.add_argument("-p", "--listen-port", metavar="", help="The default listening port", type=int, default="8888") parser.add_argument("-r", "--read-buff", metavar="", help="Local read buffer, max data to be sent per POST", type=int, default="1024") parser.add_argument("-u", "--url", metavar="", required=True, help="The url containing the tunnel script") parser.add_argument("-v", "--verbose", metavar="", help="Verbose output[INFO|DEBUG]", default="INFO") args = parser.parse_args() if (args.verbose in LEVEL): log.setLevel(LEVEL[args.verbose]) log.info("Log Level set to [%s]" % args.verbose) log.info("Starting socks server [%s:%d], tunnel at [%s]" % (args.listen_on, args.listen_port, args.url)) log.info("Checking if Georg is ready") if not askGeorg(args.url): log.info("Georg is not ready, please check url") exit() READBUFSIZE = args.read_buff servSock = socket(AF_INET, SOCK_STREAM) servSock.setsockopt(SOL_SOCKET, SO_REUSEADDR, 1) servSock.bind((args.listen_on, args.listen_port)) servSock.listen(1000) while True: try: sock, addr_info = servSock.accept() sock.settimeout(SOCKTIMEOUT) log.debug("Incomming connection") session(sock, args.url).start() except KeyboardInterrupt, ex: break except Exception, e: log.error(e) servSock.close()
查找差异