End/bigsnitch
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

foo

Browse source
This commit is contained in:
Tim Blume 2021-06-29 16:55:52 +02:00
parent 34f7d960c2
commit e33d02aaa7
8 changed files with 97 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored
View file

@ -83,3 +83,4 @@ Thumbs.db
mitmaddon/venv/ mitmaddon/venv/
CMakeCache* CMakeCache*
CMakeFiles/ CMakeFiles/
.coverage

2
CMakeLists.txt
View file

@ -11,7 +11,7 @@ set(CMAKE_AUTOMOC ON)
set(CMAKE_AUTORCC ON) set(CMAKE_AUTORCC ON)
set(CMAKE_INCLUDE_CURRENT_DIR ON) set(CMAKE_INCLUDE_CURRENT_DIR ON)
set(CMAKE_CXX_STANDARD 17) set(CMAKE_CXX_STANDARD 20)
set(CMAKE_CXX_STANDARD_REQUIRED ON) set(CMAKE_CXX_STANDARD_REQUIRED ON)
set(CMAKE_ARCHIVE_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR}/lib) set(CMAKE_ARCHIVE_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR}/lib)

7
docs/network_simple_example.dot Normal file
View file

@ -0,0 +1,7 @@
digraph G {
HTTP_REQUEST -> ACK -> HTTP_RESPONSE -> ACK;
HTTP_REQUEST -> MODIFY;
HTTP_RESPONSE -> MODIFY;
HTTP_REQUEST -> KILL;
HTTP_RESPONSE -> KILL;
}

1
mitmaddon/requirements.txt
View file

@ -4,3 +4,4 @@ pyzmq
deepdiff deepdiff
pytest pytest
tox tox
coverage

1
mitmaddon/tox.ini
View file

@ -13,3 +13,4 @@ setenv =
PYTHONDONTWRITEBYTECODE=1 PYTHONDONTWRITEBYTECODE=1
commands = commands =
pytest pytest
coverage run -m pytest

35
plugins/mitmproxy/mitmproxy_network.cpp
View file

@ -22,6 +22,35 @@ void mitmproxyPlugin::reconnect()
this->connect(); this->connect();
} }
void mitmproxyPlugin::handle_packet(const Packet p)
{
switch(p.ptype) {
case PacketType::NACK: {
// probably input validation fail
return;
}
case PacketType::KILL: {
// the client should never kill packets, but ok
return;
}
case PacketType::ERROR: {
}
case PacketType::WARNING: {
}
case PacketType::ACK: {
}
case PacketType::HTTP_REQUEST: {
}
case PacketType::HTTP_RESPONSE: {
}
case PacketType::PING: {
}
}
}
QString mitmproxyPlugin::getName() QString mitmproxyPlugin::getName()
{ {
return QString("mitmproxy bridge"); return QString("mitmproxy bridge");
@ -43,6 +72,11 @@ void mitmproxyPlugin::process()
qDebug() << err.what(); qDebug() << err.what();
qDebug() << "malformed json received " << response.to_string().c_str(); qDebug() << "malformed json received " << response.to_string().c_str();
} }
auto p = Packet(j);
handle_packet(p);
/*
//std::cout << std::setw(4) << j << "\n\n"; //std::cout << std::setw(4) << j << "\n\n";
std::string msg_type; std::string msg_type;
if(!json_get(j, msg_type, "msg")) { if(!json_get(j, msg_type, "msg")) {
@ -77,6 +111,7 @@ void mitmproxyPlugin::process()
} else { } else {
qDebug() << "unknown or broken message type received: " << msg_type.c_str(); qDebug() << "unknown or broken message type received: " << msg_type.c_str();
} }
*/
qDebug() << "sending ack"; qDebug() << "sending ack";
std::string m = "{\"msg\": \"ack\"}"; std::string m = "{\"msg\": \"ack\"}";

52
plugins/mitmproxy/mitmproxy_network.h
View file

@ -4,10 +4,58 @@
#include "proxyinterface.h" #include "proxyinterface.h"
#include <QObject> #include <QObject>
#include <QtPlugin> #include <QtPlugin>
#include <QDebug>
#include <set> #include <set>
#include <zmq.hpp> #include <zmq.hpp>
enum PacketType {
NACK = 0,
ACK = 1,
KILL = 2,
WARNING = 3,
ERROR = 4,
PING = 5,
HTTP_REQUEST = 6,
HTTP_RESPONSE = 7
};
enum FlowState {
ERROR = 0,
UNSENT_HTTP_REQUEST = 1,
SENT_HTTP_REQUEST = 2,
UNSENT_HTTP_RESPONSE = 3,
SENT_HTTP_RESPONSE = 4
};
struct Flow {
FlowState state;
std::string id;
std::string data;
};
struct Packet {
PacketType ptype = PacketType::NACK;
std::string flowid = "";
std::string data = "";
Packet(json j) {
// input validation, on error use default values
try {
int ptype_int = j["ptype"];
if(ptype_int < PacketType::NACK ||
ptype_int > PacketType::HTTP_RESPONSE) {
return;
}
ptype = static_cast<PacketType>(ptype_int);
flowid = j["flowid"];
data = j["data"];
} catch (nlohmann::detail::parse_error& err) {
qDebug() << "broken packet constructed from json";
return;
}
};
};
/* /*
mitmproxy base plugin mitmproxy base plugin
@ -19,13 +67,13 @@ class mitmproxyPlugin : public QObject, public http::ProxyInterface
Q_PLUGIN_METADATA(IID HTTPProxyInterfaceIID FILE "mitmproxy.json") Q_PLUGIN_METADATA(IID HTTPProxyInterfaceIID FILE "mitmproxy.json")
Q_INTERFACES(http::ProxyInterface) Q_INTERFACES(http::ProxyInterface)
private: private:
std::set<std::string> received;
zmq::context_t context; zmq::context_t context;
zmq::socket_t *socket; zmq::socket_t *socket;
std::set<std::string> accepted_flows; std::map<std::string, Flow> flows;
bool is_connected = false; bool is_connected = false;
void connect(); void connect();
void reconnect(); void reconnect();
void handle_packet(const Packet p);
public: public:
//! name of the plugin //! name of the plugin

2
test.sh
View file

@ -1,6 +1,6 @@
#!/bin/sh #!/bin/sh
mitmdump -k -p 1878 -s ./mitmaddon/bigsnitch.py & #mitmdump -k -p 1878 -s ./mitmaddon/bigsnitch.py &
export mitmpid=$! export mitmpid=$!
#./build/bin/bigsnitch & #./build/bin/bigsnitch &