-
Notifications
You must be signed in to change notification settings - Fork 0
/
http_listener.py
155 lines (131 loc) · 4.14 KB
/
http_listener.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
#!/usr/bin/env python3
import os
import sys
import datetime
import json
from http.server import BaseHTTPRequestHandler, HTTPServer
import base64
# Config
HTTP_ADDR = ''
HTTP_PORT = 8080
class StdLogger():
def __init__(self, logname):
self.logfile = os.getcwd()+ logname + '.log'
def write(self, message):
f = open(self.logfile, 'a')
f.write('%s' % (message))
f.close()
class Logger():
def __init__(self, logname):
self.logfile = os.getcwd()+ logname + '.log'
def logtime(self):
now = datetime.datetime.now()
part1 = now.strftime('%Y-%m-%d %H:%M:%S')
return part1
def log(self, *args):
f = open(self.logfile, 'a')
ip,port, data= args[0],args[1],args[2]
if (isinstance(data, str)):
f.write(
json.dumps(
{"IP" : ip ,
"PORT": port,'DATA' : data,
'date':self.logtime()})
+ "\n")
f.close()
else:
username,password=data[0],data[1]
f.write(json.dumps(
{"username": username, "password": password, "IP" : ip ,
"PORT": port,
'date':self.logtime()})+ "\n")
f.close()
class RequestHandler(BaseHTTPRequestHandler):
# Create loggers
potlogger = Logger('logins')
accesslogger = Logger('access')
errorlogger = Logger('error')
# Get client source port
def srcport_string(self):
host, port = self.client_address[:2]
return port
#
# Override BaseHTTPServer
#
# Set server header
server_version = 'Admin Console/1.0'
sys_version = ''
# Hide error response body
error_message_format = ''
# Change log format
def log_request(self, code='-', size='-'):
self.log_message(
'"%s" %s "%s"',
self.requestline.replace('"', '\\"'),
str(code),
self.headers.get('User-Agent', '').replace('"', '\\"'))
# Log messages to access.log instead of stderr
def log_message(self, format, *args):
self.accesslogger.log(
self.address_string(),
self.srcport_string(),
format%args)
# Log errors to error.log instead of calling log_message()
def log_error(self, format, *args):
self.errorlogger.log(
self.address_string(),
self.srcport_string(),
format%args)
# Skip name resolving
def address_string(self):
host, port = self.client_address[:2]
return host
# Request handling
def do_HEAD(self):
# Always send 401 response
self.send_response(401)
self.send_header('WWW-Authenticate', 'Basic realm="ADMIN"')
self.send_header('Content-type', 'text/html')
self.end_headers()
# Decode and log credentials, if any.
authstring = self.headers.get('Authorization', None)
if authstring != None:
authparts = authstring.split()
if len(authparts) == 2 and authparts[0] == 'Basic':
try:
authdecoded = base64.b64decode(authparts[1])
authdecoded=authdecoded.decode('utf-8')
except TypeError as e:
self.errorlogger.log(
self.address_string(),
self.srcport_string(),
authparts[1])
else:
self.potlogger.log(
self.address_string(),
self.srcport_string(),
authdecoded.split(":",1))
# GET = HEAD
def do_GET(self):
self.do_HEAD()
# Main
def main():
# Redirect stdout and stderr
stdlog = StdLogger('logins')
outsave = sys.stdout
errsave = sys.stderr
sys.stdout = stdlog
sys.stderr = stdlog
# Start listener
httpd = HTTPServer(
(HTTP_ADDR, HTTP_PORT), RequestHandler)
try:
httpd.serve_forever()
except KeyboardInterrupt:
pass
httpd.server_close()
# Restore stdout and stderr
sys.stdout = outsave
sys.stderr = errsave
if __name__ == '__main__':
main()