| 54 | self.urlfilter = re.compile(self.urlfilter) |
| 55 | |
| 56 | def http_handler(self, conn, request, response): |
| 57 | host = request.headers.get('host', conn.serverip) |
| 58 | url = host + request.uri |
| 59 | pretty_url = url |
| 60 | |
| 61 | # separate URL-encoded data from the location |
| 62 | if '?' in request.uri: |
| 63 | uri_location, uri_data = request.uri.split('?', 1) |
| 64 | pretty_url = host + uri_location |
| 65 | else: |
| 66 | uri_location, uri_data = request.uri, "" |
| 67 | |
| 68 | # Check if the URL matches a user-defined filter |
| 69 | if self.urlfilter and not self.urlfilter.search(pretty_url): |
| 70 | return |
| 71 | |
| 72 | if self.maxurilen > 0 and len(uri_location) > self.maxurilen: |
| 73 | uri_location = "{}[truncated]".format(uri_location[:self.maxurilen]) |
| 74 | pretty_url = host + uri_location |
| 75 | |
| 76 | # Set the first line of the alert to show some basic metadata |
| 77 | if response == None: |
| 78 | msg = ["{} (NO RESPONSE) {}".format(request.method, pretty_url)] |
| 79 | else: |
| 80 | msg = ["{} ({}) {} ({})".format(request.method, response.status, pretty_url, response.headers.get("content-type", "[no content-type]"))] |
| 81 | |
| 82 | # Determine if there is any POST data from the client and parse |
| 83 | if request and request.method == "POST": |
| 84 | try: |
| 85 | post_params = parse_qs(request.body.decode("utf-8"), keep_blank_values=True) |
| 86 | # If parse_qs only returns a single element with a null |
| 87 | # value, it's probably an eroneous evaluation. Most likely |
| 88 | # base64 encoded payload ending in an '=' character. |
| 89 | if len(post_params) == 1 and list(post_params.values()) == [["\x00"]]: |
| 90 | post_params = request.body |
| 91 | except UnicodeDecodeError: |
| 92 | post_params = request.body |
| 93 | else: |
| 94 | post_params = {} |
| 95 | |
| 96 | # Get some additional useful data |
| 97 | url_params = parse_qs(uri_data, keep_blank_values=True) |
| 98 | referer = request.headers.get("referer", None) |
| 99 | client_cookie = cookies.SimpleCookie(request.headers.get("cookie", "")) |
| 100 | server_cookie = cookies.SimpleCookie(response.headers.get("cookie", "")) |
| 101 | |
| 102 | # Piece together the alert message |
| 103 | if referer: |
| 104 | msg.append("Referer: {}".format(referer)) |
| 105 | |
| 106 | if client_cookie: |
| 107 | msg.append("Client Transmitted Cookies:") |
| 108 | for k, v in client_cookie.items(): |
| 109 | msg.append("\t{} -> {}".format(k, v.value)) |
| 110 | |
| 111 | if server_cookie: |
| 112 | msg.append("Server Set Cookies:") |
| 113 | for k, v in server_cookie.items(): |