MCPcopy
hub / github.com/USArmyResearchLab/Dshell / http_handler

Method http_handler

dshell/plugins/http/httpdump.py:56–177  ·  view source on GitHub ↗
(self, conn, request, response)

Source from the content-addressed store, hash-verified

54 self.urlfilter = re.compile(self.urlfilter)
55
56 def http_handler(self, conn, request, response):
57 host = request.headers.get('host', conn.serverip)
58 url = host + request.uri
59 pretty_url = url
60
61 # separate URL-encoded data from the location
62 if '?' in request.uri:
63 uri_location, uri_data = request.uri.split('?', 1)
64 pretty_url = host + uri_location
65 else:
66 uri_location, uri_data = request.uri, ""
67
68 # Check if the URL matches a user-defined filter
69 if self.urlfilter and not self.urlfilter.search(pretty_url):
70 return
71
72 if self.maxurilen > 0 and len(uri_location) > self.maxurilen:
73 uri_location = "{}[truncated]".format(uri_location[:self.maxurilen])
74 pretty_url = host + uri_location
75
76 # Set the first line of the alert to show some basic metadata
77 if response == None:
78 msg = ["{} (NO RESPONSE) {}".format(request.method, pretty_url)]
79 else:
80 msg = ["{} ({}) {} ({})".format(request.method, response.status, pretty_url, response.headers.get("content-type", "[no content-type]"))]
81
82 # Determine if there is any POST data from the client and parse
83 if request and request.method == "POST":
84 try:
85 post_params = parse_qs(request.body.decode("utf-8"), keep_blank_values=True)
86 # If parse_qs only returns a single element with a null
87 # value, it's probably an eroneous evaluation. Most likely
88 # base64 encoded payload ending in an '=' character.
89 if len(post_params) == 1 and list(post_params.values()) == [["\x00"]]:
90 post_params = request.body
91 except UnicodeDecodeError:
92 post_params = request.body
93 else:
94 post_params = {}
95
96 # Get some additional useful data
97 url_params = parse_qs(uri_data, keep_blank_values=True)
98 referer = request.headers.get("referer", None)
99 client_cookie = cookies.SimpleCookie(request.headers.get("cookie", ""))
100 server_cookie = cookies.SimpleCookie(response.headers.get("cookie", ""))
101
102 # Piece together the alert message
103 if referer:
104 msg.append("Referer: {}".format(referer))
105
106 if client_cookie:
107 msg.append("Client Transmitted Cookies:")
108 for k, v in client_cookie.items():
109 msg.append("\t{} -> {}".format(k, v.value))
110
111 if server_cookie:
112 msg.append("Server Set Cookies:")
113 for k, v in server_cookie.items():

Callers

nothing calls this directly

Calls 2

infoMethod · 0.45
writeMethod · 0.45

Tested by

no test coverage detected