groob/morozv1.go Secret

## morozv1.go
package main

import (
	"compress/zlib"
	"encoding/json"
	"fmt"
	"io"
	"log"
	"net/http"
	"net/http/httputil"
	"os"
)

func main() {
	http.HandleFunc("/", dumpHandler)
	http.HandleFunc("/preflight/", preflight)
	http.HandleFunc("/logs", logHandler)
	// http.HandleFunc("/ruledownload/", ruleDownload)
	log.Fatal(http.ListenAndServeTLS(":8080", "server.crt", "server.key", nil))
}

type Rule struct {
	RuleType      string `json:"rule_type"`
	Policy        string `json:"policy"`
	SHA256        string `json:"sha256"`
	CustomMessage string `json:"custom_msg,omitempty"`
}

type ruleResp struct {
	Rules []*Rule `json:"rules"`
}

func ruleDownload(w http.ResponseWriter, r *http.Request) {
	// w.Write([]byte(`{"rules": [{"rule_type": "BINARY", "policy": "BLACKLIST", "sha256": "2dc104631939b4bdf5d6bccab76e166e37fe5e1605340cf68dab919df58b8eda", "custom_msg": "hi there"}]}`))
	rules := ruleResp{
		Rules: []*Rule{
			&Rule{
				RuleType:      "BINARY",
				Policy:        "BLACKLIST",
				SHA256:        "2dc104631939b4bdf5d6bccab76e166e37fe5e1605340cf68dab919df58b8eda",
				CustomMessage: "BlackListing Firefox",
			},
		},
	}
	if err := json.NewEncoder(w).Encode(rules); err != nil {
		log.Println(err)
		return
	}
}
func logHandler(w http.ResponseWriter, r *http.Request) {
	out, err := httputil.DumpRequest(r, false)
	if err != nil {
		log.Println(err)
		return
	}
	fmt.Println(string(out))
	f, _ := os.Create("/tmp/santa.log.gz")
	defer r.Body.Close()
	defer f.Close()
	io.Copy(f, r.Body)
}

func dumpHandler(w http.ResponseWriter, r *http.Request) {
	out, err := httputil.DumpRequest(r, false)
	if err != nil {
		log.Println(err)
		return
	}
	fmt.Println(string(out))
	// fmt.Println("start ----")
	// fmt.Println(r.RequestURI)
	// defer fmt.Println("end ----")
	defer r.Body.Close()
	zr, err := zlib.NewReader(r.Body)
	if err != nil {
		log.Println(err)
		return
	}
	defer zr.Close()
	io.Copy(os.Stdout, zr)
	fmt.Println("")
}

func preflight(w http.ResponseWriter, r *http.Request) {
	out, err := httputil.DumpRequest(r, false)
	if err != nil {
		log.Println(err)
		return
	}
	fmt.Println(string(out))
	defer r.Body.Close()
	zr, err := zlib.NewReader(r.Body)
	if err != nil {
		log.Println(err)
		return
	}
	defer zr.Close()
	io.Copy(os.Stdout, zr)
	fmt.Println("")
	w.Write([]byte(`{"request_clean_sync": true, "blacklist_regex": "^(?:/Users)/.*", "batch_size": 1, "upload_logs_url": "https://santa:8080/logs"}`))
}
	package main

	import (
	"compress/zlib"
	"encoding/json"
	"fmt"
	"io"
	"log"
	"net/http"
	"net/http/httputil"
	"os"
	)

	func main() {
	http.HandleFunc("/", dumpHandler)
	http.HandleFunc("/preflight/", preflight)
	http.HandleFunc("/logs", logHandler)
	// http.HandleFunc("/ruledownload/", ruleDownload)
	log.Fatal(http.ListenAndServeTLS(":8080", "server.crt", "server.key", nil))
	}

	type Rule struct {
	RuleType string `json:"rule_type"`
	Policy string `json:"policy"`
	SHA256 string `json:"sha256"`
	CustomMessage string `json:"custom_msg,omitempty"`
	}

	type ruleResp struct {
	Rules []*Rule `json:"rules"`
	}

	func ruleDownload(w http.ResponseWriter, r *http.Request) {
	// w.Write([]byte(`{"rules": [{"rule_type": "BINARY", "policy": "BLACKLIST", "sha256": "2dc104631939b4bdf5d6bccab76e166e37fe5e1605340cf68dab919df58b8eda", "custom_msg": "hi there"}]}`))
	rules := ruleResp{
	Rules: []*Rule{
	&Rule{
	RuleType: "BINARY",
	Policy: "BLACKLIST",
	SHA256: "2dc104631939b4bdf5d6bccab76e166e37fe5e1605340cf68dab919df58b8eda",
	CustomMessage: "BlackListing Firefox",
	},
	},
	}
	if err := json.NewEncoder(w).Encode(rules); err != nil {
	log.Println(err)
	return
	}
	}
	func logHandler(w http.ResponseWriter, r *http.Request) {
	out, err := httputil.DumpRequest(r, false)
	if err != nil {
	log.Println(err)
	return
	}
	fmt.Println(string(out))
	f, _ := os.Create("/tmp/santa.log.gz")
	defer r.Body.Close()
	defer f.Close()
	io.Copy(f, r.Body)
	}

	func dumpHandler(w http.ResponseWriter, r *http.Request) {
	out, err := httputil.DumpRequest(r, false)
	if err != nil {
	log.Println(err)
	return
	}
	fmt.Println(string(out))
	// fmt.Println("start ----")
	// fmt.Println(r.RequestURI)
	// defer fmt.Println("end ----")
	defer r.Body.Close()
	zr, err := zlib.NewReader(r.Body)
	if err != nil {
	log.Println(err)
	return
	}
	defer zr.Close()
	io.Copy(os.Stdout, zr)
	fmt.Println("")
	}

	func preflight(w http.ResponseWriter, r *http.Request) {
	out, err := httputil.DumpRequest(r, false)
	if err != nil {
	log.Println(err)
	return
	}
	fmt.Println(string(out))
	defer r.Body.Close()
	zr, err := zlib.NewReader(r.Body)
	if err != nil {
	log.Println(err)
	return
	}
	defer zr.Close()
	io.Copy(os.Stdout, zr)
	fmt.Println("")
	w.Write([]byte(`{"request_clean_sync": true, "blacklist_regex": "^(?:/Users)/.*", "batch_size": 1, "upload_logs_url": "https://santa:8080/logs"}`))
	}