Post Reply 
Another Filtering Proxy
Jun. 17, 2015, 09:14 AM (This post was last modified: Jun. 17, 2015 09:23 AM by cattleyavns.)
Post: #22
RE: Another Filtering Proxy
Okay, continue, I fixed a SERIOUS problem of http.server library:

- Technical details:
+ Use Firefox
+ Open Network tool (Tools -> Developer Tools -> Network)
+ open http://www.facebook.com
+ Find this url ('ai.php', filter this url with the Network tool's search box), response status icon filled with pink color, not green color, pink means error:
Quote:O https://www.facebook.com/ai.php?ego=++++++++++++

Because, http.server library parses 'raw_requestline' the wrong way, so our GET|POST|CONNECT|HEAD command will look like this:
Code:
__user+++++GET

And probably there is no do___user+++++GET, only do_GET

And here is my patch, I modified http.server's parse_request function and embed it into ProxyTool.py, just replace your ProxyTool.py with:

Code:
#!/usr/bin/env python3
# -*- coding: utf-8 -*-

"HTTP Proxy Tools, pyOpenSSL version"

_name = "ProxyTool"
__author__ = 'phoenix'
__version__ = '1.0'

import time
from datetime import datetime
import logging
import cgi
import socket
import select
import selectors
import ssl

from http.server import HTTPServer, BaseHTTPRequestHandler
from socketserver import ThreadingMixIn
from CertTool import get_cert
#Fix SERIOUS problem https://www.facebook.com/ai.php++++ 501(pink, Firefox) on www.facebook.com and youtube.com too
import http.client
import re
#Fix SERIOUS problem

from colorama import *
init(autoreset=True)

logger = logging.getLogger('__main__')

message_format = """\
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html;charset=utf-8">
        <title>Proxy Error: %(code)d</title>
    </head>
    <body>
        <h1>%(code)d: %(message)s</h1>
        <p>The following error occurred while trying to access <strong>%(url)s</strong></p>
        <p><strong>%(explain)s</strong></p>
        <hr>Generated on %(now)s by %(server)s.
    </body>
</html>
"""

def read_write(socket1, socket2):
    "Read and Write contents between 2 sockets, wait 5s for no data before return"
    start = time.time()
    with selectors.DefaultSelector() as selector:
        socket1.setblocking(False)
        socket2.setblocking(False)
        selector.register(socket1, selectors.EVENT_READ)
        selector.register(socket2, selectors.EVENT_READ)
        while True:
            tasks = selector.select(5)
            if not tasks: break
            for key, events in tasks:
                if events & selectors.EVENT_READ:
                    reader = key.fileobj
                    writer = socket2 if reader is socket1 else socket1
                    try:
                        data = reader.recv(1024)
                        if data:
                            writer.sendall(data)
                        else:
                            # EOF
                            selector.unregister(reader)
                            selector.unregister(writer)
                    except (ConnectionAbortedError, ConnectionResetError, BrokenPipeError):
                        pass
        logger.debug("took %.2Fs" % (time.time()-start))

def read_write(socket1, socket2, max_idling=10):
    "Read and Write contents between 2 sockets"
    iw = [socket1, socket2]
    ow = []
    count = 0
    while True:
        count += 1
        (ins, _, exs) = select.select(iw, ow, iw, 1)
        if exs: break
        if ins:
            for reader in ins:
                writer = socket2 if reader is socket1 else socket1
                try:
                    data = reader.recv(1024)
                    if data:
                        writer.send(data)
                        count = 0
                except (ConnectionAbortedError, ConnectionResetError, BrokenPipeError):
                    pass
        if count == max_idling: break

class ProxyRequestHandler(BaseHTTPRequestHandler):
    """RequestHandler with do_CONNECT method defined
    """
    server_version = "%s/%s" % (_name, __version__)
    # do_CONNECT() will set self.ssltunnel to override this
    ssltunnel = False
    # Override default value 'HTTP/1.0'
    protocol_version = 'HTTP/1.1'
    
    def parse_request(self):
        """Parse a request (internal).

        The request should be stored in self.raw_requestline; the results
        are in self.command, self.path, self.request_version and
        self.headers.

        Return True for success, False for failure; on failure, an
        error is sent back.

        """
#Fix SERIOUS problem https://www.facebook.com/ai.php++++ 501(pink, Firefox) on www.facebook.com and youtube.com too
        self.command = None  # set in case of error on the first line
        self.request_version = version = self.default_request_version
        self.close_connection = 1
        requestline = str(self.raw_requestline, 'iso-8859-1')
        requestline = requestline.rstrip('\r\n')
        self.requestline = requestline
        words = requestline.split()
        #if "ai.php" in words:
        
        if re.match('^(GET|POST|CONNECT|PUT|DELETE|PATCH|HEAD)$', words[0]):
            pass
        else:
            words[0] = re.sub('^.*?(GET|POST|CONNECT|PUT|DELETE|PATCH|HEAD)$', '\\1', words[0])
        #print(words[0])
        if len(words) == 3:
            command, path, version = words
            if version[:5] != 'HTTP/':
                self.send_error(400, "Bad request version (%r)" % version)
                return False
            try:
                base_version_number = version.split('/', 1)[1]
                version_number = base_version_number.split(".")
                # RFC 2145 section 3.1 says there can be only one "." and
                #   - major and minor numbers MUST be treated as
                #      separate integers;
                #   - HTTP/2.4 is a lower version than HTTP/2.13, which in
                #      turn is lower than HTTP/12.3;
                #   - Leading zeros MUST be ignored by recipients.
                if len(version_number) != 2:
                    raise ValueError
                version_number = int(version_number[0]), int(version_number[1])
            except (ValueError, IndexError):
                self.send_error(400, "Bad request version (%r)" % version)
                return False
            if version_number >= (1, 1) and self.protocol_version >= "HTTP/1.1":
                self.close_connection = 0
            if version_number >= (2, 0):
                self.send_error(505,
                          "Invalid HTTP Version (%s)" % base_version_number)
                return False
        elif len(words) == 2:
            command, path = words
            self.close_connection = 1
            if command != 'GET':
                self.send_error(400,
                                "Bad HTTP/0.9 request type (%r)" % command)
                return False
        elif not words:
            return False
        else:
            self.send_error(400, "Bad request syntax (%r)" % requestline)
            return False
        #print(command)
        self.command, self.path, self.request_version = command, path, version

        # Examine the headers and look for a Connection directive.
        try:
            self.headers = http.client.parse_headers(self.rfile,
                                                     _class=self.MessageClass)
        except http.client.LineTooLong:
            self.send_error(400, "Line too long")
            return False

        conntype = self.headers.get('Connection', "")
        if conntype.lower() == 'close':
            self.close_connection = 1
        elif (conntype.lower() == 'keep-alive' and
              self.protocol_version >= "HTTP/1.1"):
            self.close_connection = 0
        # Examine the headers and look for an Expect directive
        expect = self.headers.get('Expect', "")
        if (expect.lower() == "100-continue" and
                self.protocol_version >= "HTTP/1.1" and
                self.request_version >= "HTTP/1.1"):
            if not self.handle_expect_100():
                return False
        return True
    
    def log_message(self, format, *args):
        return

    def do_CONNECT(self):
        "Descrypt https request and dispatch to http handler"
        # request line: CONNECT www.example.com:443 HTTP/1.1
        self.host, self.port = self.path.split(":")
        # SSL MITM
        self.wfile.write(("HTTP/1.1 200 Connection established\r\n" +
                          "Proxy-agent: %s\r\n" % self.version_string() +
                          "\r\n").encode('ascii'))
        commonname = '.' + self.host.partition('.')[-1] if self.host.count('.') >= 2 else self.host
        dummycert = get_cert(commonname)
        # set a flag for do_METHOD
        self.ssltunnel = True

        ssl_sock = ssl.wrap_socket(self.connection, keyfile=dummycert, certfile=dummycert, server_side=True)
        # Ref: Lib/socketserver.py#StreamRequestHandler.setup()
        self.connection = ssl_sock
        self.rfile = self.connection.makefile('rb', self.rbufsize)
        self.wfile = self.connection.makefile('wb', self.wbufsize)
        # dispatch to do_METHOD()
        self.handle_one_request()

    def handle_one_request(self):
        """Catch more exceptions than default

        Intend to catch exceptions on local side
        Exceptions on remote side should be handled in do_*()
        """
        try:
            BaseHTTPRequestHandler.handle_one_request(self)
            return
        except (ConnectionError, FileNotFoundError) as e:
            logger.warning(Fore.RED + "%s", e)
        except (ssl.SSLEOFError, ssl.SSLError) as e:
            if hasattr(self, 'url'):
                # Happens after the tunnel is established
                logger.warning(Fore.YELLOW + '"%s" while operating on established local SSL tunnel for [%s]' % (e, self.url))
            else:
                logger.warning(Fore.YELLOW + '"%s" while trying to establish local SSL tunnel for [%s]' % (e, self.path))
        self.close_connection = 1

    def sendout_error(self, url, code, message=None, explain=None):
        "Modified from http.server.send_error() for customized display"
        try:
            shortmsg, longmsg = self.responses[code]
        except KeyError:
            shortmsg, longmsg = '???', '???'
        if message is None:
            message = shortmsg
        if explain is None:
            explain = longmsg
        content = (message_format %
                   {'code': code, 'message': message, 'explain': explain,
                    'url': url, 'now': datetime.today(), 'server': self.server_version})
        body = content.encode('UTF-8', 'replace')
        self.send_response_only(code, message)
        self.send_header("Content-Type", self.error_content_type)
        self.send_header('Content-Length', int(len(body)))
        self.end_headers()
        if self.command != 'HEAD' and code >= 200 and code not in (204, 304):
            self.wfile.write(body)

    def deny_request(self):
        self.send_response_only(403)
        self.send_header('Content-Length', 0)
        self.end_headers()


    def redirect(self, url):
        self.send_response_only(302)
        self.send_header('Content-Length', 0)
        self.send_header('Location', url)
        self.end_headers()

    def forward_to_https_proxy(self):
        "Forward https request to upstream https proxy"
        logger.debug('Using Proxy - %s' % self.proxy)
        proxy_host, proxy_port = self.proxy.split('//')[1].split(':')
        server_conn = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
        try:
            server_conn.connect((proxy_host, int(proxy_port)))
            server_conn.send(('CONNECT %s HTTP/1.1\r\n\r\n' % self.path).encode('ascii'))
            server_conn.settimeout(0.1)
            datas = b''
            while True:
                try:
                    data = server_conn.recv(4096)
                except socket.timeout:
                    break
                if data:
                    datas += data
                else:
                    break
            server_conn.setblocking(True)
            if b'200' in datas and b'established' in datas.lower():
                logger.info(Fore.CYAN + '[P] SSL Pass-Thru: https://%s/' % self.path)
                self.wfile.write(("HTTP/1.1 200 Connection established\r\n" +
                                  "Proxy-agent: %s\r\n\r\n" % self.version_string()).encode('ascii'))
                read_write(self.connection, server_conn)
            else:
                logger.warning(Fore.YELLOW + 'Proxy %s failed.', self.proxy)
                if datas:
                    logger.debug(datas)
                    self.wfile.write(datas)
        finally:
            # We don't maintain a connection reuse pool, so close the connection anyway
            server_conn.close()

    def forward_to_socks5_proxy(self):
        "Forward https request to upstream socks5 proxy"
        logger.warning(Fore.YELLOW + 'Socks5 proxy not implemented yet, please use https proxy')

    def tunnel_traffic(self):
        "Tunnel traffic to remote host:port"
        logger.info(Fore.CYAN + '[D] SSL Pass-Thru: https://%s/' % self.path)
        server_conn = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
        try:
            server_conn.connect((self.host, int(self.port)))
            self.wfile.write(("HTTP/1.1 200 Connection established\r\n" +
                              "Proxy-agent: %s\r\n" % self.version_string() +
                              "\r\n").encode('ascii'))
            read_write(self.connection, server_conn)
        except TimeoutError:
            self.wfile.write(b"HTTP/1.1 504 Gateway Timeout\r\n\r\n")
            logger.warning(Fore.YELLOW + 'Timed Out: https://%s:%s/' % (self.host, self.port))
        except socket.gaierror as e:
            self.wfile.write(b"HTTP/1.1 503 Service Unavailable\r\n\r\n")
            logger.warning(Fore.YELLOW + '%s: https://%s:%s/' % (e, self.host, self.port))
        finally:
            # We don't maintain a connection reuse pool, so close the connection anyway
            server_conn.close()

    def ssl_get_response(self, conn):
        try:
            server_conn = ssl.wrap_socket(conn, cert_reqs=ssl.CERT_REQUIRED, ca_certs="cacert.pem", ssl_version=ssl.PROTOCOL_TLSv1)
            server_conn.sendall(('%s %s HTTP/1.1\r\n' % (self.command, self.path)).encode('ascii'))
            server_conn.sendall(self.headers.as_bytes())
            if self.postdata:
                server_conn.sendall(self.postdata)
            while True:
                data = server_conn.recv(4096)
                if data:
                    self.wfile.write(data)
                else: break
        except (ssl.SSLEOFError, ssl.SSLError) as e:
            logger.error(Fore.RED + Style.BRIGHT + "[SSLError]")
            self.send_error(417, message="Exception %s" % str(e.__class__), explain=str(e))

    def purge_headers(self, headers):
        "Remove hop-by-hop headers that shouldn't pass through a Proxy"
        for name in ["Connection", "Keep-Alive", "Upgrade",
                     "Proxy-Connection", "Proxy-Authenticate"]:
            try:
                del headers[name]
            except:
                pass

    def write_headers(self, headers):
        self.purge_headers(headers)
        for key, value in headers.items():
            self.send_header(key, value)
        self.end_headers()
        
    def write_headers2(self, headers):
        self.purge_headers(headers)
        for key, value in headers.items():
            self.send_header(key, value)
        
    def purge_write_headers(self, headers):
        self.purge_headers(headers)
        for key, value in headers.items():
            self.send_header(key, value)
        self.end_headers()
        
    def stream_to_client(self, response):
        bufsize = 1024 * 64
        #need_chunked = 'Transfer-Encoding' in response.headers
        written = 0
        while True:
            data = response.read(bufsize)
            if not data:
                if 'Transfer-Encoding' in response.headers:
                    self.wfile.write(b'0\r\n\r\n')
                break
            if 'Transfer-Encoding' in response.headers:
                self.wfile.write(('%x\r\n' % len(data)).encode('ascii'))
            self.wfile.write(data)
            if 'Transfer-Encoding' in response.headers:
                self.wfile.write(b'\r\n')
            written += len(data)
        return written
        
    def stream_to_client2(self, response):
        bufsize = 1024 * 64
        #need_chunked = 'Transfer-Encoding' in response.headers
        written = 0
        while True:
            data = response.read(bufsize)
            if not data:
                if 'Transfer-Encoding' in response.headers:
                    self.wfile.write(b'0\r\n\r\n')
                break
            if 'Transfer-Encoding' in response.headers:
                self.wfile.write(('%x\r\n' % len(data)).encode('ascii'))
            self.wfile.write(data)
            if 'Transfer-Encoding' in response.headers:
                self.wfile.write(b'\r\n')
            written += len(data)
        return written
        
    def http_request_info(self):
        """Return HTTP request information in bytes
        """    
        context = ["CLIENT VALUES:",
                   "client_address = %s" % str(self.client_address),
                   "requestline = %s" % self.requestline,
                   "command = %s" % self.command,
                   "path = %s" % self.path,
                   "request_version = %s" % self.request_version,
                   "",
                   "SERVER VALUES:",
                   "server_version = %s" % self.server_version,
                   "sys_version = %s" % self.sys_version,
                   "protocol_version = %s" % self.protocol_version,
                   "",
                   "HEADER RECEIVED:"]
        for name, value in sorted(self.headers.items()):
            context.append("%s = %s" % (name, value.rstrip()))

        if self.command == "POST":
            context.append("\r\nPOST VALUES:")
            form = cgi.FieldStorage(fp=self.rfile,
                                    headers=self.headers,
                                    environ={'REQUEST_METHOD': 'POST'})
            for field in form.keys():
                fielditem = form[field]
                if fielditem.filename:
                    # The field contains an uploaded file
                    file_data = fielditem.file.read()
                    file_len = len(file_data)
                    context.append('Uploaded %s as "%s" (%d bytes)'
                                   % (field, fielditem.filename, file_len))
                else:
                    # Regular form value
                    context.append("%s = %s" % (field, fielditem.value))
                                    
        return("\r\n".join(context).encode('ascii'))

def demo():
    PORT = 8000

    class ProxyServer(ThreadingMixIn, HTTPServer):
        """Handle requests in a separate thread."""
        pass

    class RequestHandler(ProxyRequestHandler):
        "Displaying HTTP request information"
        server_version = "DemoProxy/0.1"

        def do_METHOD(self):
            "Universal method for GET, POST, HEAD, PUT and DELETE"
            message = self.http_request_info()
            self.send_response(200)
            # 'Content-Length' is important for HTTP/1.1
            self.send_header('Content-Length', len(message))
            self.end_headers()
            self.wfile.write(message)

        do_GET = do_POST = do_HEAD = do_PUT = do_DELETE = do_OPTIONS = do_METHOD

    print('%s serving now, <Ctrl-C> to stop ...' % RequestHandler.server_version)
    print('Listen Addr  : localhost:%s' % PORT)
    print("-" * 10)
    server = ProxyServer(('', PORT), RequestHandler)
    server.serve_forever()

if __name__ == '__main__':
    try:
        demo()
    except KeyboardInterrupt:
        print("Quitting...")
Add Thank You Quote this message in a reply
[-] The following 1 user says Thank You to cattleyavns for this post:
defconnect
Post Reply 


Messages In This Thread
Another Filtering Proxy - whenever - Nov. 22, 2014, 09:35 AM
RE: Another Filtering Proxy - whenever - Nov. 29, 2014, 11:24 AM
RE: Another Filtering Proxy - GunGunGun - Nov. 29, 2014, 02:15 PM
RE: Another Filtering Proxy - whenever - Nov. 30, 2014, 12:35 PM
RE: Another Filtering Proxy - GunGunGun - Dec. 03, 2014, 09:07 PM
RE: Another Filtering Proxy - whenever - Dec. 04, 2014, 01:09 AM
RE: Another Filtering Proxy - GunGunGun - Dec. 04, 2014, 02:33 AM
RE: Another Filtering Proxy - GunGunGun - Dec. 04, 2014, 03:27 PM
RE: Another Filtering Proxy - whenever - Dec. 05, 2014, 08:36 AM
RE: Another Filtering Proxy - GunGunGun - Dec. 05, 2014, 09:05 AM
RE: Another Filtering Proxy - whenever - Dec. 08, 2014, 03:30 AM
RE: Another Filtering Proxy - GunGunGun - Dec. 08, 2014, 09:09 AM
RE: Another Filtering Proxy - whenever - Dec. 08, 2014, 12:11 PM
RE: Another Filtering Proxy - whenever - Dec. 28, 2014, 10:50 AM
RE: Another Filtering Proxy - cattleyavns - May. 26, 2015, 06:22 AM
RE: Another Filtering Proxy - whenever - May. 27, 2015, 02:26 PM
RE: Another Filtering Proxy - cattleyavns - May. 28, 2015, 04:26 AM
RE: Another Filtering Proxy - whenever - May. 28, 2015, 09:53 AM
RE: Another Filtering Proxy - cattleyavns - May. 29, 2015, 04:07 AM
RE: Another Filtering Proxy - whenever - Jun. 03, 2015, 07:56 AM
RE: Another Filtering Proxy - cattleyavns - Jun. 05, 2015, 12:26 PM
RE: Another Filtering Proxy - whenever - Jul. 19, 2015, 07:32 AM
RE: Another Filtering Proxy - cattleyavns - Jul. 19, 2015, 05:53 PM
RE: Another Filtering Proxy - cattleyavns - Jun. 17, 2015 09:14 AM
RE: Another Filtering Proxy - cattleyavns - Jul. 01, 2015, 08:55 AM
RE: Another Filtering Proxy - whenever - Jul. 20, 2015, 03:31 AM
RE: Another Filtering Proxy - cattleyavns - Jul. 20, 2015, 06:17 AM
RE: Another Filtering Proxy - cattleyavns - Jan. 05, 2016, 04:53 PM
RE: Another Filtering Proxy - whenever - Jan. 06, 2016, 08:44 AM
RE: Another Filtering Proxy - cattleyavns - Jan. 06, 2016, 07:40 PM
RE: Another Filtering Proxy - whenever - Jan. 07, 2016, 02:25 AM
RE: Another Filtering Proxy - cattleyavns - Jan. 07, 2016, 08:41 AM
RE: Another Filtering Proxy - cattleyavns - Jan. 10, 2016, 07:27 AM
RE: Another Filtering Proxy - cattleyavns - Jan. 25, 2016, 04:37 PM
RE: Another Filtering Proxy - whenever - May. 16, 2016, 08:42 AM

Forum Jump: