在本科做毕设的时候就接触到TCP代理这东西,当时需要使用代理来对发送和收到的数据做修改,同时使用代理也让我对HTTP协议有了更深的了解。
TCP Proxy用到的一个主要的东西就是socket。proxy通过socket分别对localhost和remotehost做连接,然后可以对通过proxy的流量和数据进行分析。
1 __author__ = 'seven' 2 import sys 3 import socket 4 import threading 5 6 7 def hexdump(src, length=16): 8 result = [] 9 digits = 4 if isinstance(src, unicode) else 2 10 11 for i in xrange(0, len(src), length): 12 s = src[i:i + length] 13 hexa = b' '.join(["%0*X" % (digits, ord(x)) for x in s]) 14 text = b''.join([x if 0x20 <= ord(x) < 0x7F else b'.' for x in s]) 15 result.append(b"%04X %-*s %s" % (i, length * (digits + 1), hexa, text)) 16 17 print b' '.join(result) 18 19 20 def receive_from(connection): 21 buffer = "" 22 23 # We set a 2 second time out depending on your target this may need to be adjusted 24 connection.settimeout(2) 25 26 try: 27 while True: 28 data = connection.recv(4096) 29 if not data: 30 break 31 buffer += data 32 except: 33 pass 34 35 return buffer 36 37 38 def request_handler(buffer): 39 # perform packet mofifications 40 return buffer 41 42 43 def response_handler(buffer): 44 # perform pakect modifications 45 return buffer 46 47 48 def proxy_handler(client_socket, remote_host, remote_port, receive_first): 49 remote_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM) 50 remote_socket.connect((remote_host, remote_port)) 51 52 if receive_first: 53 remote_buffer = receive_from(remote_socket) 54 hexdump(remote_buffer) 55 remote_buffer = response_handler(remote_buffer) 56 if len(remote_buffer): 57 print "[<==] Sending %d bytes to localhost." % len(remote_buffer) 58 client_socket.send(remote_buffer) 59 60 while True: 61 local_buffer = receive_from(client_socket) 62 if len(local_buffer): 63 print "[==>] Received %d bytes from localhost." % len(local_buffer) 64 hexdump(local_buffer) 65 local_buffer = request_handler(local_buffer) 66 remote_socket.send(local_buffer) 67 print "[==>] Sent to remote." 68 remote_buffer = receive_from(remote_socket) 69 if len(remote_buffer): 70 print "[<==] Received %d bytes from remote." % len(remote_buffer) 71 hexdump(remote_buffer) 72 remote_buffer = response_handler(remote_buffer) 73 client_socket.send(remote_buffer) 74 print "[<==] Sent to localhost." 75 if not len(local_buffer) or not len(remote_buffer): 76 client_socket.close() 77 remote_socket.close() 78 print "[*] No more data. Closing connections." 79 80 break 81 82 83 def server_loop(local_host, local_port, remote_host, remote_port, receive_first): 84 server = socket.socket(socket.AF_INET, socket.SOCK_STREAM) 85 try: 86 server.bind((local_host, local_port)) 87 except: 88 print "[!!] Failed to listen on %s:%d" % (local_host, local_port) 89 print "[!!] Check for other listening sockets or correct permissions." 90 sys.exit(0) 91 print "[*] Listening on %s:%d" % (local_host, local_port) 92 93 server.listen(5) 94 95 while True: 96 client_socket, addr = server.accept() 97 print "[==>] Received incoming connection from %s:%d" % (addr[0], addr[1]) 98 proxy_thread = threading.Thread(target=proxy_handler, 99 args=(client_socket, remote_host, remote_port, receive_first)) 100 proxy_thread.start() 101 102 103 def main(): 104 if len(sys.argv[1:]) != 5: 105 print "Usage: ./tcp proxy.py [localhost] [localport] [remotehost] [remoteport] [receive_first]" 106 print "Example: ./tcp proxy.py 127.0.0.1 9000 10.12.132.1 9000 True" 107 sys.exit(0) 108 109 local_host = sys.argv[1] 110 local_port = int(sys.argv[2]) 111 112 remote_host = sys.argv[3] 113 remote_port = int(sys.argv[4]) 114 115 receive_first = sys.argv[5] 116 117 if "True" in receive_first: 118 receive_first = True 119 else: 120 receive_first = False 121 122 server_loop(local_host, local_port, remote_host, remote_port, receive_first) 123 124 125 main()
在request_handler和response_handler函数中就可以对收到的数据进行修改。
高大上的hexdump函数来自http://code.activestate.com/recipes/142812-hex-dumper/,表示不怎么看得懂..如果有看得懂的朋友欢迎和我交流