Magic-Mirror/BDFProxy
1
0
Fork 0
mirror of https://github.com/secretsquirrel/BDFProxy.git synced 2024-11-26 22:10:25 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

removing dependencies on python_magic and libmagic

Browse Source
This commit is contained in:
secretsquirrel 2015-11-13 11:46:10 -05:00
parent 12e9094512
commit 70f2257db2
2 changed files with 65 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
README.md
View File

@ -64,8 +64,6 @@ Yes, some of those apps are protected by self checking mechanisms. I've been wo
mitmProxy - Kali Build .10
BDF - most current
Capstone (part of BDF)
libmagic
python-magic
---
##Supported Environment:
@ -144,6 +142,11 @@ We have it. The proxy window will quickly fill with massive amounts of cat link
###Change Log:
####11/13/2015
Remove python-magic dependencies because there are two libraries that are named as such. Which is confusing.
####10/19/2015
Add support for BDF Import Directory Patching into the a code cave vs a new section. Update IDA_IN_CAVE to True in the bdfproxy.cfg file for this. EXPERIMENTAL...

95
bdf_proxy.py
View File

@ -42,11 +42,10 @@ import tempfile
import zipfile
import tarfile
import json
import magic
from contextlib import contextmanager
from configobj import ConfigObj
version = "Version: v0.3.6"
version = "Version: v0.3.7"
@contextmanager
@ -157,19 +156,16 @@ class ProxyMaster(controller.Master):
def __init__(self, srv):
controller.Master.__init__(self, srv)
self.binaryMimeType = {'mimes': ['application/octet-stream', 'application/x-msdownload',
'application/x-msdos-program', 'binary/octet-stream',
'application/x-executable', 'application/x-dosexec']}
self.zipType = {'mimes': ['application/x-zip-compressed', 'application/zip'], 'params': {'type': 'ZIP', 'format': 'zip', 'filter': None}} # .zip
self.gzType = {'mimes': ['application/gzip', 'application/x-gzip', 'application/gnutar'], 'params': {'type': 'TAR', 'format': 'ustar', 'filter': 'gzip'}} # .gz
self.tarType = {'mimes': ['application/x-tar'], 'params': {'type': 'TAR', 'format': 'gnutar', 'filter': None}} # .tar
self.bzType = {'mimes': ['application/x-bzip2', 'application/x-bzip'], 'params': {'type': 'TAR', 'format': 'gnutar', 'filter': 'bzip2'}} # .bz / .bz2
self.archiveTypes = [self.zipType, self.gzType, self.tarType, self.bzType]
self.magicNumbers = {'elf': {'number': '7f454c46'.decode('hex'), 'offset': 0},
'pe': {'number': 'MZ', 'offset': 0},
'gz': {'number': '1f8b'.decode('hex'), 'offset': 0},
'bz': {'number': 'BZ', 'offset': 0},
'zip': {'number': '504b0304'.decode('hex'), 'offset': 0},
'tar': {'number': 'ustar', 'offset': 257},
'fatfile': {'number': 'cafebabe'.decode('hex'), 'offset': 0},
'machox64': {'number': 'cffaedfe'.decode('hex'), 'offset': 0},
'machox86': {'number': 'cefaedfe'.decode('hex'), 'offset': 0},
}
def run(self):
try:
@ -178,6 +174,12 @@ class ProxyMaster(controller.Master):
except KeyboardInterrupt:
self.shutdown()
def bytes_have_format(self, bytess, formatt):
number = self.magicNumbers[formatt]
if bytess[number['offset']:number['offset'] + len(number['number'])] == number['number']:
return True
return False
def set_config(self):
try:
self.user_config = ConfigObj(CONFIGFILE)
@ -190,7 +192,7 @@ class ProxyMaster(controller.Master):
def set_config_archive(self, ar):
try:
self.archive_type = ar['type']
self.archive_type = ar
self.archive_blacklist = self.user_config[self.archive_type]['blacklist']
self.archive_max_size = int(self.user_config[self.archive_type]['maxSize'])
self.archive_patch_count = int(self.user_config[self.archive_type]['patchCount'])
@ -215,20 +217,25 @@ class ProxyMaster(controller.Master):
def inject_tar(self, aTarFileBytes, formatt=None):
# When called will unpack and edit a Tar File and return a tar file"
if len(aTarFileBytes) > int(self.archive_max_size):
print "[!] TarFile over allowed size"
logging.info("TarFIle maxSize met %s", len(aTarFileBytes))
return aTarFileBytes
tmp_file = tempfile.NamedTemporaryFile()
tmp_file.write(aTarFileBytes)
tmp_file.seek(0)
compression_mode = ':'
if formatt == 'gzip':
if formatt == 'gz':
compression_mode = ':gz'
if formatt == 'bzip2':
if formatt == 'bz':
compression_mode = ':bz2'
try:
tar_file = tarfile.open(fileobj=tmp_file, mode='r' + compression_mode)
except tarfile.ReadError as ex:
EnhancedOutput.print_warning(ex)
except tarfile.ReadError:
EnhancedOutput.print_warning("Not a tar file!")
tmp_file.close()
return aTarFileBytes
@ -309,6 +316,11 @@ class ProxyMaster(controller.Master):
def inject_zip(self, aZipFile):
# When called will unpack and edit a Zip File and return a zip file
if len(aZipFile) > int(self.archive_max_size):
print "[!] ZipFile over allowed size"
logging.info("ZipFIle maxSize met %s", len(aZipFile))
return aZipFile
tmp_file = tempfile.NamedTemporaryFile()
tmp_file.write(aZipFile)
tmp_file.seek(0)
@ -451,7 +463,7 @@ class ProxyMaster(controller.Master):
ZERO_CERT=self.str2bool(self.WindowsIntelx64['ZERO_CERT']),
PATCH_METHOD=self.WindowsIntelx64['PATCH_METHOD'].lower(),
SUPPLIED_BINARY=self.WindowsIntelx64['SUPPLIED_BINARY'],
IDT_IN_CAVE=self.str2bool(self.WindowsIntelx64['IDT_IN_CAVE']),
IDT_IN_CAVE=self.str2bool(self.WindowsIntelx64['IDT_IN_CAVE']),
)
result = targetFile.run_this()
@ -487,7 +499,7 @@ class ProxyMaster(controller.Master):
PATCH_METHOD=self.WindowsIntelx86['PATCH_METHOD'].lower(),
SUPPLIED_BINARY=self.WindowsIntelx86['SUPPLIED_BINARY'],
XP_MODE=self.str2bool(self.WindowsIntelx86['XP_MODE']),
IDT_IN_CAVE=self.str2bool(self.WindowsIntelx86['IDT_IN_CAVE']),
IDT_IN_CAVE=self.str2bool(self.WindowsIntelx86['IDT_IN_CAVE']),
)
result = targetFile.run_this()
@ -663,6 +675,7 @@ class ProxyMaster(controller.Master):
setattr(self, key, value)
EnhancedOutput.logging_debug("Updating Config {0}: {1}".format(key, value))
'''
def inject(self, flow):
EnhancedOutput.print_size(flow)
@ -679,6 +692,7 @@ class ProxyMaster(controller.Master):
buf = self.inject_tar(flow, self.archive_params['filter'])
return buf
'''
def handle_request(self, flow):
print "*" * 10, "REQUEST", "*" * 10
@ -707,6 +721,9 @@ class ProxyMaster(controller.Master):
# Blacklists have the final say, but everything starts off as not patchable
# until a rule says True. Host whitelist over rides keyword whitelist.
# Fail safe.. rules must set it to true.
self.patchIT = False
self.hosts_whitelist_check(flow)
self.keys_whitelist_check(flow)
self.keys_backlist_check(flow)
@ -724,9 +741,15 @@ class ProxyMaster(controller.Master):
flow.reply()
else:
mime_type = magic.from_buffer(flow.reply.obj.response.content, mime=True)
if self.bytes_have_format(flow.reply.obj.response.content, 'zip') and self.str2bool(self.CompressedFiles) is True:
aZipFile = flow.reply.obj.response.content
self.set_config_archive('ZIP')
flow.reply.obj.response.content = self.inject_zip(aZipFile)
elif self.bytes_have_format(flow.reply.obj.response.content, 'pe') or self.bytes_have_format(flow.reply.obj.response.content, 'elf') or \
self.bytes_have_format(flow.reply.obj.response.content, 'fatfile') or self.bytes_have_format(flow.reply.obj.response.content, 'machox86') or \
self.bytes_have_format(flow.reply.obj.response.content, 'machox64'):
if mime_type in self.binaryMimeType['mimes']:
tmp = tempfile.NamedTemporaryFile()
tmp.write(flow.reply.obj.response.content)
tmp.flush()
@ -748,17 +771,19 @@ class ProxyMaster(controller.Master):
EnhancedOutput.logging_info("Patching failed for HOST: {0}, PATH: {1}".format(flow.request.host, flow.request.path))
# add_try to delete here
tmp.close()
else:
for archive in self.archiveTypes:
if mime_type in archive['mimes'] and self.str2bool(self.CompressedFiles) is True:
try:
self.set_config_archive(archive['params'])
flow.reply.obj.response.content = self.inject(flow.reply.obj.response.content)
except Exception as exc:
EnhancedOutput.print_error(exc)
EnhancedOutput.print_warning("Returning original file")
elif self.bytes_have_format(flow.reply.obj.response.content, 'gz') and self.str2bool(self.CompressedFiles) is True:
# assume .tar.gz for now
self.set_config_archive('TAR')
flow.reply.obj.response.content = self.inject_tar(flow.reply.obj.response.content, 'gz')
elif self.bytes_have_format(flow.reply.obj.response.content, 'bz') and self.str2bool(self.CompressedFiles) is True:
# assume .tar.bz for now
self.set_config_archive('TAR')
flow.reply.obj.response.content = self.inject_tar(flow.reply.obj.response.content, 'bz')
elif self.bytes_have_format(flow.reply.obj.response.content, 'tar') and self.str2bool(self.CompressedFiles) is True:
self.set_config_archive('TAR')
flow.reply.obj.response.content = self.inject_tar(flow.reply.obj.response.content, 'tar')
flow.reply()
@ -835,7 +860,7 @@ except Exception as e:
EnhancedOutput.print_info("Starting BDFProxy")
EnhancedOutput.print_info(version)
EnhancedOutput.print_info("Author: @midnite_runr | the[.]midnite).(runr<at>gmail|.|com")
EnhancedOutput.logging_info("################ Starting BDFProxy-ng ################")
EnhancedOutput.logging_info("################ Starting BDFProxy ################")
EnhancedOutput.logging_info("ConfigDump {0}".format(json.dumps(user_config, sort_keys=True, indent=4)))
m.run()