예제 #1
0
파일: htptest.c 프로젝트: chiehwen/ironbee
/**
 * Invoked at the end of every transaction.
 *
 * @param connp
 */
int callback_response(htp_connp_t *connp) {
    stream_data *sd = (stream_data *)htp_connp_get_user_data(connp);

    char *x = bstr_util_strdup_to_c(connp->out_tx->request_line);
    fprintf(stdout, "[#%d/%d] %s\n", sd->id, sd->req_count, x);
    free(x);

    sd->req_count++;
}
예제 #2
0
TEST(BstrTest, DupToC) {
    char *c;
    bstr *str = bstr_dup_mem("ABCDEFGHIJKL\000NOPQRSTUVWXYZ", 20);

    c = bstr_util_memdup_to_c("1234\0006789", 9);
    EXPECT_STREQ("1234\\06789", c);
    free(c);

    c = bstr_util_strdup_to_c(str);
    EXPECT_STREQ("ABCDEFGHIJKL\\0NOPQRST", c);

    free(c);
    bstr_free(str);
}
예제 #3
0
static json_t *LogFileMetaGetHost(const Packet *p, const File *ff) {
    HtpState *htp_state = (HtpState *)p->flow->alstate;
    json_t *js = NULL;
    if (htp_state != NULL) {
        htp_tx_t *tx = AppLayerParserGetTx(IPPROTO_TCP, ALPROTO_HTTP, htp_state, ff->txid);
        if (tx != NULL && tx->request_hostname != NULL) {
            char *s = bstr_util_strdup_to_c(tx->request_hostname);
            if (s != NULL) {
                js = json_string(s);
                SCFree(s);
            }
            return js;
        }
    }

    return json_string("<unknown>");
}
예제 #4
0
static json_t *LogFileMetaGetUri(const Packet *p, const File *ff) {
    HtpState *htp_state = (HtpState *)p->flow->alstate;
    json_t *js = NULL;
    if (htp_state != NULL) {
        htp_tx_t *tx = AppLayerParserGetTx(IPPROTO_TCP, ALPROTO_HTTP, htp_state, ff->txid);
        if (tx != NULL) {
            HtpTxUserData *tx_ud = htp_tx_get_user_data(tx);
            if (tx_ud->request_uri_normalized != NULL) {
                char *s = bstr_util_strdup_to_c(tx_ud->request_uri_normalized);
                if (s != NULL) {
                    js = json_string(s);
                    SCFree(s);
                }
            }
            return js;
        }
    }

    return json_string("<unknown>");
}
예제 #5
0
static json_t *LogFileMetaGetUserAgent(const Packet *p, const File *ff) {
    HtpState *htp_state = (HtpState *)p->flow->alstate;
    json_t *js = NULL;
    if (htp_state != NULL) {
        htp_tx_t *tx = AppLayerParserGetTx(IPPROTO_TCP, ALPROTO_HTTP, htp_state, ff->txid);
        if (tx != NULL) {
            htp_header_t *h = NULL;
            h = (htp_header_t *)htp_table_get_c(tx->request_headers,
                                                "User-Agent");
            if (h != NULL) {
                char *s = bstr_util_strdup_to_c(h->value);
                if (s != NULL) {
                    js = json_string(s);
                    SCFree(s);
                }
                return js;
            }
        }
    }

    return json_string("<unknown>");
}
예제 #6
0
파일: htpy.c 프로젝트: 0rbytal/htpy
static PyObject *htpy_connp_get_uri(PyObject *self, PyObject *args) {
	htp_uri_t *uri;
	int fail = 0;
	PyObject *key, *val;
	PyObject *ret = PyDict_New();

	if (!ret) {
		PyErr_SetString(htpy_error, "Unable to create new dictionary.");
		return NULL;
	}

	/* Empty tx? That's odd. */
	if (!((htpy_connp *) self)->connp->in_tx)
		Py_RETURN_NONE;

	if (!((htpy_connp *) self)->connp->in_tx->parsed_uri)
		Py_RETURN_NONE;

	uri = ((htpy_connp *) self)->connp->in_tx->parsed_uri;

	if (uri->scheme) {
		key = Py_BuildValue("s", "scheme");
		val = Py_BuildValue("s", bstr_util_strdup_to_c(uri->scheme));
		if (!key || !val)
			fail = 1;
		if (PyDict_SetItem(ret, key, val) == -1)
			fail = 1;
		Py_XDECREF(key);
		Py_XDECREF(val);
	}

	if (uri->username) {
		key = Py_BuildValue("s", "username");
		val = Py_BuildValue("s", bstr_util_strdup_to_c(uri->username));
		if (!key || !val)
			fail = 1;
		if (PyDict_SetItem(ret, key, val) == -1)
			fail = 1;
		Py_XDECREF(key);
		Py_XDECREF(val);
	}

	if (uri->password) {
		key = Py_BuildValue("s", "password");
		val = Py_BuildValue("s", bstr_util_strdup_to_c(uri->password));
		if (!key || !val)
			fail = 1;
		if (PyDict_SetItem(ret, key, val) == -1)
			fail = 1;
		Py_XDECREF(key);
		Py_XDECREF(val);
	}

	if (uri->hostname) {
		key = Py_BuildValue("s", "hostname");
		val = Py_BuildValue("s", bstr_util_strdup_to_c(uri->hostname));
		if (!key || !val)
			fail = 1;
		if (PyDict_SetItem(ret, key, val) == -1)
			fail = 1;
		Py_XDECREF(key);
		Py_XDECREF(val);
	}

	if (uri->port) {
		key = Py_BuildValue("s", "port");
		val = Py_BuildValue("s", bstr_util_strdup_to_c(uri->port));
		if (!key || !val)
			fail = 1;
		if (PyDict_SetItem(ret, key, val) == -1)
			fail = 1;
		Py_XDECREF(key);
		Py_XDECREF(val);
	}

	if (uri->port_number) {
		key = Py_BuildValue("s", "port_number");
		val = Py_BuildValue("i", uri->port_number);
		if (!key || !val)
			fail = 1;
		if (PyDict_SetItem(ret, key, val) == -1)
			fail = 1;
		Py_XDECREF(key);
		Py_XDECREF(val);
	}

	if (uri->path) {
		key = Py_BuildValue("s", "path");
		val = Py_BuildValue("s", bstr_util_strdup_to_c(uri->path));
		if (!key || !val)
			fail = 1;
		if (PyDict_SetItem(ret, key, val) == -1)
			fail = 1;
		Py_XDECREF(key);
		Py_XDECREF(val);
	}

	if (uri->query) {
		key = Py_BuildValue("s", "query");
		val = Py_BuildValue("s", bstr_util_strdup_to_c(uri->query));
		if (!key || !val)
			fail = 1;
		if (PyDict_SetItem(ret, key, val) == -1)
			fail = 1;
		Py_XDECREF(key);
		Py_XDECREF(val);
	}

	if (uri->fragment) {
		key = Py_BuildValue("s", "fragment");
		val = Py_BuildValue("s", bstr_util_strdup_to_c(uri->fragment));
		if (!key || !val)
			fail = 1;
		if (PyDict_SetItem(ret, key, val) == -1)
			fail = 1;
		Py_XDECREF(key);
		Py_XDECREF(val);
	}

	// Exception should be set by Py_BuildValue or PyDict_SetItem failing.
	if (fail) {
		Py_DECREF(ret);
		return NULL;
	}

	return ret;
}
예제 #7
0
/* JSON format logging */
static void JsonHttpLogJSON(JsonHttpLogThread *aft, json_t *js, htp_tx_t *tx)
{
    LogHttpFileCtx *http_ctx = aft->httplog_ctx;
    json_t *hjs = json_object();
    if (hjs == NULL) {
        return;
    }

    char *c;
    /* hostname */
    if (tx->request_hostname != NULL)
    {
        c = bstr_util_strdup_to_c(tx->request_hostname);
        if (c != NULL) {
            json_object_set_new(hjs, "hostname", json_string(c));
            SCFree(c);
        }
    } else {
        json_object_set_new(hjs, "hostname", json_string("<unknown>"));
    }

    /* uri */
    if (tx->request_uri != NULL)
    {
        c = bstr_util_strdup_to_c(tx->request_uri);
        if (c != NULL) {
            json_object_set_new(hjs, "url", json_string(c));
            SCFree(c);
        }
    }

    /* user agent */
    htp_header_t *h_user_agent = NULL;
    if (tx->request_headers != NULL) {
        h_user_agent = htp_table_get_c(tx->request_headers, "user-agent");
    }
    if (h_user_agent != NULL) {
        c = bstr_util_strdup_to_c(h_user_agent->value);
        if (c != NULL) {
            json_object_set_new(hjs, "http_user_agent", json_string(c));
            SCFree(c);
        }
    } else {
        json_object_set_new(hjs, "http_user_agent", json_string("unknown>"));
    }

    /* x-forwarded-for */
    htp_header_t *h_x_forwarded_for = NULL;
    if (tx->request_headers != NULL) {
        h_x_forwarded_for = htp_table_get_c(tx->request_headers, "x-forwarded-for");
    }
    if (h_x_forwarded_for != NULL) {
        c = bstr_util_strdup_to_c(h_x_forwarded_for->value);
        if (c != NULL) {
            json_object_set_new(hjs, "xff", json_string(c));
            SCFree(c);
        }
    }

    /* content-type */
    htp_header_t *h_content_type = NULL;
    if (tx->response_headers != NULL) {
        h_content_type = htp_table_get_c(tx->response_headers, "content-type");
    }
    if (h_content_type != NULL) {
        char *p;
        c = bstr_util_strdup_to_c(h_content_type->value);
        if (c != NULL) {
            p = strchr(c, ';');
            if (p != NULL)
                *p = '\0';
            json_object_set_new(hjs, "http_content_type", json_string(c));
            SCFree(c);
        }
    }

    if (http_ctx->flags & LOG_HTTP_EXTENDED) {
        /* referer */
        htp_header_t *h_referer = NULL;
        if (tx->request_headers != NULL) {
            h_referer = htp_table_get_c(tx->request_headers, "referer");
        }
        if (h_referer != NULL) {
            c = bstr_util_strdup_to_c(h_referer->value);
            if (c != NULL) {
                json_object_set_new(hjs, "http_refer", json_string(c));
                SCFree(c);
            }
        }

        /* method */
        if (tx->request_method != NULL) {
            c = bstr_util_strdup_to_c(tx->request_method);
            if (c != NULL) {
                json_object_set_new(hjs, "http_method", json_string(c));
                SCFree(c);
            }
        }

        /* protocol */
        if (tx->request_protocol != NULL) {
            c = bstr_util_strdup_to_c(tx->request_protocol);
            if (c != NULL) {
                json_object_set_new(hjs, "protocol", json_string(c));
                SCFree(c);
            }
        }

        /* response status */
        if (tx->response_status != NULL) {
            c = bstr_util_strdup_to_c(tx->response_status);
            if (c != NULL) {
                json_object_set_new(hjs, "status", json_string(c));
                SCFree(c);
            }

            htp_header_t *h_location = htp_table_get_c(tx->response_headers, "location");
            if (h_location != NULL) {
                c = bstr_util_strdup_to_c(h_location->value);
                if (c != NULL) {
                    json_object_set_new(hjs, "redirect", json_string(c));
                    SCFree(c);
                }
            }
        }

        /* length */
        json_object_set_new(hjs, "length", json_integer(tx->response_message_len));
    }

    json_object_set_new(js, "http", hjs);
}