E gGddlZddlZddlZddlZddlZddlZddlZddlZddlZddl Z ddl Z ddl Z ddl Z ddl Z ddlZ dZdZdejde jfdZdejddfdZGd d ZGd d e jZGd de je jZdZejdzZejdzZGddej Z!dZ"Gddej Z#dZ$dZ%Gddej&j'Z(de j)e*fdZ+de*de j)e*fdZ,Gdde j-Z.Gdd e.Z/e j0e*e1fZ2Gd!d"Z3Gd#d$Z4dS)%Nz 127.0.0.1irfilereturncv|}tj|SN)readlinestripjsonloads)rxs g/var/www/sysmax/venv/lib/python3.11/site-packages/seleniumwire/thirdparty/mitmproxy/platform/windows.pyreadr s+   A :a==wfilec|tj|dz|dS)N )writer dumpsencodeflush)datars r rrs@ KK 4  ''))E1222 KKMMMMMrc`eZdZUejed<ejed<dZdZdZ dejfdZ dS) ResolversocklockcDd|_tj|_dSr)r threadingRLockrselfs r __init__zResolver.__init__'s O%% rc|j5t|ddddS#1swxYwYdSr)rTransparentProxysetup_connectrs r r#zResolver.setup+s Y    " " $ $ $ MMOOO                  s.AA Ac|jr|jtjtjtj|_|jt tf|jd|_ |jd|_ ttj |j dS)Nwbrb)rclosesocketAF_INET SOCK_STREAMconnectREDIRECT_API_HOSTREDIRECT_API_PORTmakefilerrrosgetpidrs r r$zResolver._connect0s 9  IOO   M&.&2DEE  ,.?@AAAY''-- Y''--  bikk4:&&&&&rcsockc |dd\}}tjdd|}|ddd}|j5 t ||f|jt|j}|tdt|cdddS#ttj f$r8|||cYcdddSwxYw#1swxYwYdS)Nz^::ffff:(?=\d+.\d+.\d+.\d+$)%rz$Cannot resolve original destination.) getpeernameresubsplitrrrr r RuntimeErrortupleEOFErrorr)errorr$ original_addr)rr2ipportaddrs r r@zResolver.original_addr:so$$&&rr*D V3R < < XXc1  a  Y 1 1 1r4j$*---DJ''<&'MNNNT{{ 1 1 1 1 1 1 1 1fl+ 1 1 1 ))%0000 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1s1DA B22?D1D?DDD DN) __name__ __module__ __qualname__r)__annotations__rrr r#r$r@rr rr#s| - /&&& ''' 16= 1 1 1 1 1 1rrceZdZdZdZdS)APIRequestHandlerz TransparentProxy API: Returns the pickled server address, port tuple for each received pickled client address, port tuple. cv|jj} t|j}||5 t t|j} |j|}n#t$rd}YnwxYwt||j X#1swxYwYdS#ttj f$rYdSwxYwr) server proxifierr rexemptr=client_server_mapKeyErrorrrr>r)r?)rrMpidclientrLs r handlezAPIRequestHandler.handlePs&*k&;  DJ''C!!#&& . .."4 #3#344F&!*!._MIB_TCP6TABLE_OWNER_PID dwNumEntriestableN)rDrErFrmrnrorcrpsizesr _MIB_TCP6TABLE_OWNER_PIDrss1 V_2 3 +d2 3 rrxrm Structure)rwrxs` r MIB_TCP6TABLE_OWNER_PIDr{sK       6#3   $ # % %%rceZdZdejjfdefdejjfdefdejjfdejjfgZdS)MIB_TCPROW_OWNER_PIDrjrdrfrgrirkN)rDrErFrmrnroIN4_ADDRrprHrr r}r}sY FO)* ! -. " ./ -. HHHrr}cLGfddtj}|S)Nc:eZdZdejjfdezfgZdS)7MIB_TCPTABLE_OWNER_PID.._MIB_TCPTABLE_OWNER_PIDrtruN)rDrErFrmrnror}rprvsr _MIB_TCPTABLE_OWNER_PIDrs1 V_2 3 *T1 2 rrry)rwrs` r MIB_TCPTABLE_OWNER_PIDrsK       &"2   # " $ $$rc<eZdZdZdZdZdZdZdZdZ dZ d S) TcpConnectionTableict|j|_tj|j|_t|j|_tj|j|_ i|_ dSr) rDEFAULT_TABLE_SIZE_tcprmrnro _tcp_sizer{_tcp6 _tcp6_size_maprs r r zTcpConnectionTable.__init__se*4+BCC ..t/FGG,T-DEE  ///0GHH rc|j|Sr)rritems r __getitem__zTcpConnectionTable.__getitem__syrc4|jSr)r__iter__rs r rzTcpConnectionTable.__iter__sy!!###rc4|jSr)r__len__rs r rzTcpConnectionTable.__len__sy  """rcdi|_||dSr)r _refresh_ipv4 _refresh_ipv6rs r refreshzTcpConnectionTable.refreshs3   rcxtjjtj|jtj|jdtjtd}|dkr~|jj d|jj D]]}tj tjt|j}tj|j}|j|j||f<^dS|t&kr4t)|jj|_|dSt/d|z)NFrz2[IPv4] Unknown GetExtendedTcpTable return code: %s)rmwindlliphlpapiGetExtendedTcpTablebyrefrrr)r*TCP_TABLE_OWNER_PID_CONNECTIONSrurt inet_ntopbytesrdhtonsrfrkrERROR_INSUFFICIENT_BUFFERrvaluerr<rretrowlocal_ip local_ports r rz TcpConnectionTable._refresh_ipv4sm$88 L # # L ( (  N +    !88y'> (>'>? D D!+FNE#/&&(( (   zS  ttttt  s < 77<)rDrErFdaemonrrrGLayerNETWORKtypingCallablePacketstrFlagr rrrOptionalrr]r^s@r rr s F!!!! !) 6   14 78  ~  }         $ $ $ foho6        rrczeZdZUejeed<dejej gdfde ddffd Z dZ xZ S) RedirectLocal trusted_pidsredirect_requestNrrct|_t|_||_t |j|dSr)rtcp_connectionssetrrrXr rS)rrrr\s r r zRedirectLocal.__init__=sI 233EE 0 f-----rc|j|jf}||jvr|j|j|d}||jvr||dS|j|ddS)NTrecalculate_checksum) src_addrsrc_portrrgetrrrsend)rrrRrQs r rSzRedirectLocal.handleGs/6?3 - - -  ( ( * * *"&&vt44 d' ' '  ! !& ) ) ) ) ) N  T  B B B B Br)rDrErFrSetintrGrrrrr rSr]r^s@r rr:s*S/!!!. /8?*;T*AB..  ......CCCCCCCrrcbeZdZUdZdZejeed<dZ de de fdZ de d e dd fd Z d S) ClientServerMapzA thread-safe LRU dict.iconnection_cache_sizecftj|_tj|_dSr)rLock_lock collections OrderedDictrrs r r zClientServerMap.__init__`s%^%% +-- rrrc^|j5|j|cdddS#1swxYwYdSr)rrrs r rzClientServerMap.__getitem__dsw Z # #9T? # # # # # # # # # # # # # # # # # #s "&&keyrNc6|j5||j|<|j|t|j|jkr7|jdt|j|jk7ddddS#1swxYwYdS)NF)rr move_to_endlenrpopitem)rrrs r __setitem__zClientServerMap.__setitem__hs Z ) )"DIcN I ! !# & & &di..4#=== !!%(((di..4#=== ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) )sA9BBB) rDrErFrTrrClassVarrrGr TConnectionrrrHrr rr\s!!276?3/777...# # ####){);)4))))))rrc >eZdZUdZdZejeed<dZ eje ed<e ed<e ed<e ed<e ed<e ed < ddedede deje d df dZedZdZdZdejfdZdejfdZejde fdZdS)r"a Transparent Windows Proxy for mitmproxy based on WinDivert/PyDivert. This module can be used to redirect both traffic that is forwarded by the host and traffic originating from the host itself. Requires elevated (admin) privileges. Can be started separately by manually running the file. How it works: (1) First, we intercept all packages that match our filter. We both consider traffic that is forwarded by the OS (WinDivert's NETWORK_FORWARD layer) as well as traffic sent from the local machine (WinDivert's NETWORK layer). In the case of traffic from the local machine, we need to exempt packets sent from the mitmproxy to not create a redirect loop. To accomplish this, we use Windows' GetExtendedTcpTable syscall and determine the source application's PID. For each intercepted package, we 1. Store the source -> destination mapping (address and port) 2. Remove the package from the network (by not reinjecting it). 3. Re-inject the package into the local network stack, but with the destination address changed to the mitmproxy. (2) Next, the mitmproxy receives the forwarded packet, but does not know the real destination yet (which we overwrote with the mitmproxy's address). On Linux, we would now call getsockopt(SO_ORIGINAL_DST). We now access the redirect module's API (see APIRequestHandler), submit the source information and get the actual destination back (which we stored in 1.1). (3) The mitmproxy now establishes the upstream connection as usual. (4) Finally, the mitmproxy sends the response back to the client. To make it work, we need to change the packet's source address back to the original destination (using the mapping from 1.1), to which the client believes it is talking to. Limitations: - We assume that ephemeral TCP ports are not re-used for multiple connections at the same time. The mitmproxy will fail if an application connects to example.com and example.org from 192.168.0.42:4242 simultaneously. This could be mitigated by introducing unique "meta-addresses" which mitmproxy sees, but this would remove the correct client info from mitmproxy. Nlocalforwardresponseicmp proxy_portrrOT'tcp.DstPort == 80 or tcp.DstPort == 443rc||_|p d|dtd|_t|_t d|_t|_t|ttft|_ tj|j j|_d|j_|r/t%|j|jt(jj|_|rt1|j|j|_t%|jd||_t%dd t(jj |_dS) Nztcp.DstPort != z and tcp.DstPort != z and tcp.DstPort < 49152z2001:4860:4860::8888)targetTzoutbound and tcp.SrcPort == cdSrrH)_s r z+TransparentProxy.__init__..sdrrr)rr.rr ipv4_addressr ipv6_addressrrOrVr-rJapirThread serve_forever api_threadrrrrrNETWORK_FORWARDrrrredirect_responserrDROPr)rrrrrs r r zTransparentProxy.__init__s@%  j ij i i>O i i i )NN)*@AA!0!2!2T$57H#IK\]]#*$(2HIII!%  #% .DL  &% DJ!  " 7: 7 7    N -$    rctjtjtj}|tt f}|r$t }|dSdSr)r)r*r+ connect_exr-r.r"r)clsrserver_unavailablerMs r r#zTransparentProxy.setupsf M&.&*< = =\\+<>O*PQQ  (**I OO       rc |j|j|j|jr|j|jr|jdSdSr)r rrrrrrs r rzTransparentProxy.starts    < ! L   :  J         rc|jr|j|jr|j|j|j|jdSr)rrrrrrrs r rzTransparentProxy.shutdowns : " J   ! ! ! < $ L ! ! # # #      rrc|j|jf}|j|jf|j|<|jt jkr|jsJ|j|_nZ|jt j kr6|j st|j|_ |j sJ|j |_ntd|j |_tjjj|_|jj|dS)NzUnknown address family)rrdst_addrdst_portrOaddress_familyr)r*rrrrr<rrconsts DirectionINBOUND directionrrrrrrRs r rz!TransparentProxy.redirect_requests/6?3*0/6?)Kv&  FN 2 2$ $ $ $"/FOO  "fo 5 5$ C$1&/$B$B!$ $ $ $"/FOO788 8/#?4< $$V,,,,,rc|j|jf} |j|\|_|_|n"#t $rtd|YnwxYw|jj |ddS)z} If the mitmproxy responds to the client, let the client believe the target server sent the packets. z8Warning: Previously unseen connection from mitmproxy to FrN) rrrOrrrecalculate_checksumsrPprintrrrrs r r z"TransparentProxy.redirect_response s /6?3 +/3/Ef/M ,FOV_  ( ( * * * * W W W UVUU V V V V V W $$V%$HHHHHs?AArQc#K|jr|jj| dV|jr!|jj|dSdS#|jr |jj|wwxYwr)rraddremove)rrQs r rNzTransparentProxy.exempts : - J # ' ' , , , 4 EEEz 4 '..s33333 4 4tz 4 '..s3333 4s A)B)TTrr)rDrErFrTrrrrrGrrrrrboolr classmethodr#rrrrrr  contextlibcontextmanagerrNrHrr r"r"ps&&N-1E6?= )000)-GV_X &--- NNNOOO KKK&&&&'P 2 2 2 2  2 $ 2  2 2 2 2 h[-x----2IIIII 4#444444rr")5rcollections.abcr$rmctypes.wintypesior r0r9r) socketserverrrrpydivert.constsr-r.BufferedReaderAnyr BufferedWriterrrStreamRequestHandlerrJThreadingMixIn TCPServerrVrc_ubyterlr~rzrcr{r}rrabcMappingrrrrrrrrTuplerrrr"rHrr r5s    !fj r(T $1$1$1$1$1$1$1$1N 9,##### +\-C###! >B  >A      F,   &&&6+%%%#$@[@[@[@[@[0@[@[@[F foc*     S V_S%9    -----y---`CCCCCHCCC>l38$ ))))))))(t4t4t4t4t4t4t4t4t4t4r