1 | #!/usr/bin/env python |
---|
2 | |
---|
3 | # Requires Python 2.7+ |
---|
4 | |
---|
5 | ''' |
---|
6 | This script reads a raw HTTP request from stdin and writes to stdout |
---|
7 | a Python script. The generated script sends the same (or a very similar) |
---|
8 | request using the httplib/http.client libraries. |
---|
9 | |
---|
10 | Certainly if you have a raw request, you could simply send it via TCP |
---|
11 | sockets, but if for some reason the server behaves oddly with flow control, |
---|
12 | insists on using gzip/deflate encoding, insists on using chunked encoding, |
---|
13 | or any number of other annoying things, then using an HTTP library is a |
---|
14 | lot more convenient. This script attempts to make that conversion easy. |
---|
15 | |
---|
16 | |
---|
17 | Copyright (C) 2011-2012 Virtual Security Research, LLC |
---|
18 | Author: Timothy D. Morgan |
---|
19 | |
---|
20 | This program is free software: you can redistribute it and/or modify |
---|
21 | it under the terms of the GNU Lesser General Public License, version 3, |
---|
22 | as published by the Free Software Foundation. |
---|
23 | |
---|
24 | This program is distributed in the hope that it will be useful, |
---|
25 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
---|
26 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
---|
27 | GNU General Public License for more details. |
---|
28 | |
---|
29 | You should have received a copy of the GNU General Public License |
---|
30 | along with this program. If not, see <http://www.gnu.org/licenses/>. |
---|
31 | ''' |
---|
32 | |
---|
33 | |
---|
34 | import sys |
---|
35 | import argparse |
---|
36 | try: |
---|
37 | from lxml import etree |
---|
38 | except: |
---|
39 | sys.stderr.write('ERROR: Could not import lxml module. Ensure it is installed.\n') |
---|
40 | sys.stderr.write(' Under Debian, the package name is "python-lxml"\n.') |
---|
41 | sys.exit(1) |
---|
42 | |
---|
43 | parser = argparse.ArgumentParser( |
---|
44 | description='A script which accepts an HTTP request and prints out a' |
---|
45 | ' generated Python script which sends a similar request. This is useful' |
---|
46 | ' when one wants to automate sending a large number of requests to a' |
---|
47 | ' particular page or application.' |
---|
48 | ' For more information, see: http://code.google.com/p/bletchley/wiki/Overview') |
---|
49 | parser.add_argument( |
---|
50 | 'requestfile', type=file, nargs='?', default=sys.stdin, |
---|
51 | help='A file containing an HTTP request. Defaults to stdin if omitted.') |
---|
52 | parser.add_argument( |
---|
53 | '--burp', action='store_true', help='Input file is a XML export from Burp.' |
---|
54 | ' (First request in file is used.)') |
---|
55 | args = parser.parse_args() |
---|
56 | |
---|
57 | if args.burp: |
---|
58 | safe_parser = etree.ETCompatXMLParser(resolve_entities=False) |
---|
59 | root = etree.parse(args.requestfile, parser=safe_parser) |
---|
60 | input_req = root.xpath('/items/item/request')[0].text |
---|
61 | root = None |
---|
62 | else: |
---|
63 | input_req = args.requestfile.read() |
---|
64 | |
---|
65 | |
---|
66 | print('''#!/usr/bin/env python |
---|
67 | |
---|
68 | import sys |
---|
69 | # function with either Python 2.7 or 3.x |
---|
70 | try: |
---|
71 | import http.client as httpc |
---|
72 | except: |
---|
73 | import httplib as httpc |
---|
74 | ''') |
---|
75 | |
---|
76 | |
---|
77 | if '\r\n\r\n' in input_req: |
---|
78 | raw_headers,body = input_req.split('\r\n\r\n', 1) |
---|
79 | elif '\n\n' in input_req: |
---|
80 | raw_headers,body = input_req.split('\n\n', 1) |
---|
81 | else: |
---|
82 | raw_headers = input_req |
---|
83 | body = '' |
---|
84 | |
---|
85 | header_lines = raw_headers.split('\n') |
---|
86 | method,path,version = header_lines[0].split(' ', 2) |
---|
87 | |
---|
88 | host = 'TODO' |
---|
89 | port = 80 |
---|
90 | use_ssl = False |
---|
91 | |
---|
92 | headers = [] |
---|
93 | for l in header_lines[1:]: |
---|
94 | if len(l) < 1: |
---|
95 | break |
---|
96 | # Handle header line continuations |
---|
97 | if l[0] == '\t': |
---|
98 | if len(headers) == 0: |
---|
99 | continue |
---|
100 | name,values = headers[-1] |
---|
101 | values.append(l.lstrip('\t')) |
---|
102 | headers[-1] = (name,values) |
---|
103 | continue |
---|
104 | |
---|
105 | name,value = l.split(':',1) |
---|
106 | value = value.lstrip(' ').rstrip('\r') |
---|
107 | |
---|
108 | # Skip headers that have to do with transfer encodings and connection longevity |
---|
109 | if name.lower() not in ['accept','accept-language', |
---|
110 | 'accept-encoding','accept-charset', |
---|
111 | 'connection', 'keep-alive', 'host', |
---|
112 | 'content-length']: |
---|
113 | headers.append((name,[value])) |
---|
114 | |
---|
115 | if name.lower() == 'host': |
---|
116 | if ':' in value: |
---|
117 | host,port = value.split(':',1) |
---|
118 | if port == 443: |
---|
119 | use_ssl = True |
---|
120 | else: |
---|
121 | host = value |
---|
122 | |
---|
123 | print(''' |
---|
124 | # TODO: ensure the host, port, and SSL settings are correct. |
---|
125 | host = %s |
---|
126 | port = %s |
---|
127 | use_ssl = %s |
---|
128 | ''' % (repr(host),repr(port),repr(use_ssl))) |
---|
129 | |
---|
130 | chunked_body = '\n '.join([repr(body[i:i+40]) for i in range(0,len(body),40)]) |
---|
131 | |
---|
132 | print(''' |
---|
133 | def sendRequest(connection): |
---|
134 | method = %s |
---|
135 | path = %s |
---|
136 | body = (%s) |
---|
137 | |
---|
138 | connection.putrequest(method, path) |
---|
139 | ''' % (repr(method), repr(path), chunked_body)) |
---|
140 | |
---|
141 | for name,values in headers: |
---|
142 | if len(values) > 1: |
---|
143 | continuations = ','.join([repr(v) for v in values[1:]]) |
---|
144 | print(''' connection.putheader(%s, %s, %s)''' % (repr(name),repr(values[0]),continuations)) |
---|
145 | else: |
---|
146 | print(''' connection.putheader(%s, %s)''' % (repr(name),repr(values[0]))) |
---|
147 | |
---|
148 | print(''' |
---|
149 | if len(body) > 0: |
---|
150 | connection.putheader('Content-Length', len(body)) |
---|
151 | connection.endheaders() |
---|
152 | connection.send(body) |
---|
153 | |
---|
154 | return connection.getresponse() |
---|
155 | |
---|
156 | |
---|
157 | connection = None |
---|
158 | if use_ssl: |
---|
159 | connection = httpc.HTTPSConnection(host, port) |
---|
160 | else: |
---|
161 | connection = httpc.HTTPConnection(host, port) |
---|
162 | |
---|
163 | # TODO: customize code here to retrieve what you need from the response(s) |
---|
164 | # For information on the response object's interface, see: |
---|
165 | # http://docs.python.org/library/httplib.html#httpresponse-objects |
---|
166 | |
---|
167 | connection.connect() |
---|
168 | response = sendRequest(connection) |
---|
169 | print(response.getheaders()) |
---|
170 | print(repr(response.read())) |
---|
171 | connection.close() |
---|
172 | ''') |
---|