owtf.proxy package

Submodules

owtf.proxy.cache_handler module

owtf.proxy.cache_handler

Inbound Proxy Module developed by Bharadwaj Machiraju (blog.tunnelshade.in) as a part of Google Summer of Code 2013

class owtf.proxy.cache_handler.CacheHandler(cache_dir, request, cookie_regex, blacklist)

Bases: object

This class will be used by the request handler to either load or dump to cache. Main things that are done here :- * The request_hash is generated here * The file locks are managed here * .rd files are created here

calculate_hash(callback=None)

Based on blacklist boolean the cookie regex is used for filtering of cookies in request_hash generation. However the original request is not tampered.

Parameters:

callback – Callback function

Returns:

Return type:

create_response_object()

Create a proxy response object from cache file

Returns:

Return type:

dump(response)

This function takes in a HTTPResponse object and dumps the request and response data. It also creates a .rd file with same file name

Note

This is used by transaction logger

Parameters:

response – The proxy response

Returns:

Return type:

load()

This is the function which is called for every request. If file is not found in cache, then a file lock is created for that and a None is returned.

Returns:

Load a transaction from cache

Return type:

class owtf.proxy.cache_handler.DummyObject

Bases: object

This class is just used to create a fake response object

owtf.proxy.cache_handler.request_from_cache(file_path)

A fake request object is created with necessary attributes

Parameters:

file_path (str) – The file path for the cache file

Returns:

Return type:

owtf.proxy.cache_handler.response_from_cache(file_path)

A fake response object is created with necessary attributes

Parameters:

file_path (str) – The file path for the cache file

Returns:

Return type:

owtf.proxy.gen_cert module

owtf.proxy.gen_cert

Inbound Proxy Module developed by Bharadwaj Machiraju (blog.tunnelshade.in) as a part of Google Summer of Code 2013

owtf.proxy.gen_cert.gen_signed_cert(domain, ca_crt, ca_key, ca_pass, certs_folder)

This function takes a domain name as a parameter and then creates a certificate and key with the domain name(replacing dots by underscores), finally signing the certificate using specified CA and returns the path of key and cert files. If you are yet to generate a CA then check the top comments

Parameters:

• domain (str) – domain for the cert

• ca_crt (str) – ca.crt file path

• ca_key (str) – ca.key file path

• ca_pass (str) – Password for the certificate

• certs_folder (str)

Returns:

Key and cert path

Return type:

str

owtf.proxy.main module

owtf.proxy.proxy module

owtf.proxy.proxy

Inbound Proxy Module developed by Bharadwaj Machiraju (blog.tunnelshade.in) as a part of Google Summer of Code 2013.

class owtf.proxy.proxy.CustomWebSocketClientConnection(request: HTTPRequest, on_message_callback: Callable[[None | str | bytes], None] | None = None, compression_options: Dict[str, Any] | None = None, ping_interval: float | None = None, ping_timeout: float | None = None, max_message_size: int = 10485760, subprotocols: List[str] | None = [])

Bases: WebSocketClientConnection

class owtf.proxy.proxy.CustomWebSocketHandler(application: Application, request: HTTPServerRequest, **kwargs: Any)

Bases: WebSocketHandler

Class is used for handling websocket traffic.

• Object of this class replaces the main request handler for a request with header => “Upgrade: websocket”

• wss:// - CONNECT request is handled by main handler

on_close()

Called when websocket is closed. So handshake request-response pair along with websocket data as response body is saved

Returns:

None

Return type:

None

on_message(message)

Everytime a message is received from client side, this instance method is called.

Parameters:

message (str) – Message to write or store

Returns:

None

Return type:

None

on_response(message)

A callback when a message is recieved from upstream.

Parameters:

message

Returns:

Return type:

store_downstream_data(message)

Save websocket data sent from client to server. i.e add it to HTTPRequest.response_buffer with direction (<<)

Parameters:

message (str) – Downstream data

Returns:

None

Return type:

None

store_upstream_data(message)

Save websocket data sent from client to server. i.e add it to HTTPRequest.response_buffer with direction (>>)

Parameters:

message (str) – Message to be stored

Returns:

None

Return type:

None

upstream_connect(io_loop=None, callback=None)

Custom alternative to tornado.websocket.websocket_connect.

Note

Returns a future instance.

Parameters:

• io_loop

• callback

Returns:

Return type:

class owtf.proxy.proxy.ProxyHandler(application, request, **kwargs)

Bases: RequestHandler

This RequestHandler processes all the requests that the application received.

SUPPORTED_METHODS = ['GET', 'POST', 'CONNECT', 'HEAD', 'PUT', 'DELETE', 'OPTIONS', 'TRACE']

connect()

Gets called when a connect request is received.

• The host and port are obtained from the request uri

• SSL interception is performed by terminating client SSL and establishing upstream SSL

• An OK response is written back to client

• Decrypted data is forwarded bidirectionally between client and server

Returns:

None

Return type:

None

delete()

Handle all requests except the connect request. Once ssl stream is formed between browser and proxy, the requests are then processed by this function.

Returns:

None

Return type:

None

finish_response(response)

Write a new response and cache it

Parameters:

response

Returns:

None

Return type:

None

get()

Handle all requests except the connect request. Once ssl stream is formed between browser and proxy, the requests are then processed by this function.

Returns:

None

Return type:

None

handle_data_chunk(data)

Callback when a small chunk is received.

Parameters:

data (str) – Data to write

Returns:

None

Return type:

None

head()

Handle all requests except the connect request. Once ssl stream is formed between browser and proxy, the requests are then processed by this function.

Returns:

None

Return type:

None

options()

Handle all requests except the connect request. Once ssl stream is formed between browser and proxy, the requests are then processed by this function.

Returns:

None

Return type:

None

post()

Handle all requests except the connect request. Once ssl stream is formed between browser and proxy, the requests are then processed by this function.

Returns:

None

Return type:

None

put()

Handle all requests except the connect request. Once ssl stream is formed between browser and proxy, the requests are then processed by this function.

Returns:

None

Return type:

None

restricted_request_headers = None

restricted_response_headers = None

server = None

set_default_headers()

Automatically called by Tornado, and is used to remove “Server” header set by tornado

Returns:

None

Return type:

None

set_status(status_code, reason=None)

Sets the status code for our response. Overriding is done so as to handle unknown response codes gracefully.

Parameters:

• status_code (int) – status code to set

• reason (str) – Status code reason

Returns:

None

Return type:

None

trace()

Handle all requests except the connect request. Once ssl stream is formed between browser and proxy, the requests are then processed by this function.

Returns:

None

Return type:

None

owtf.proxy.proxy.cleanup_large_log_file()

Clean up log file if it’s too large

owtf.proxy.proxy.disable_request_logging()

Disable request logging to prevent disk space issues

owtf.proxy.proxy.enable_request_logging()

Re-enable request logging

owtf.proxy.proxy.log_request(request, method, url, headers=None, body=None, is_https=False, is_response=False)

Log intercepted request/response details to file

owtf.proxy.proxy.log_response(status_code, url, headers=None, body=None, is_https=False)

Log HTTP response details

owtf.proxy.proxy.prepare_curl_callback(curl)

owtf.proxy.proxy.set_logging_rate_limit(entries_per_minute)

Set the maximum number of log entries per minute

owtf.proxy.socket_wrapper module

owtf.proxy.socket_wrapper

owtf.proxy.socket_wrapper.starttls(socket, domain, ca_crt, ca_key, ca_pass, certs_folder, success=None, failure=None, io_loop: IOLoop | None = None, **options)

Wrap an active socket in an SSL socket.

Taken from https://gist.github.com/weaver/293449/4d9f64652583611d267604531a1d5f8c32ac6b16.

Parameters:

• socket

• domain

• ca_crt

• ca_key

• ca_pass

• certs_folder

• success

• failure

• io_loop

• options

Returns:

Return type:

owtf.proxy.tor_manager module

owtf.proxy.tor_manager

TOR manager module developed by Marios Kourtesis <name.surname@gmail.com>

class owtf.proxy.tor_manager.TOR_manager(args)

Bases: object

authenticate()

This function is handling the authentication process to TOR control connection.

Returns:

Return type:

static is_tor_running()

Check if tor is running

Returns:

True if running, else False

Return type:

bool

static msg_configure_tor()

static msg_start_tor(self)

open_connection()

Opens a new connection to TOR control

Returns:

Return type:

renew_ip()

Sends an NEWNYM message to TOR control in order to renew the IP address

Returns:

True if IP is renewed, else False

Return type:

bool

run()

Starts a new TOR_control_process which will renew the IP address.

Returns:

Return type:

tor_control_process()

This will run in a new process in order to renew the IP address after certain time.

Returns:

None

Return type:

None

owtf.proxy.transaction_logger module

Module contents