/morozv1.go
Secret
Last active Mar 10, 2017
| package main | |
| import ( | |
| "compress/zlib" | |
| "encoding/json" | |
| "fmt" | |
| "io" | |
| "log" | |
| "net/http" | |
| "net/http/httputil" | |
| "os" | |
| ) | |
| func main() { | |
| http.HandleFunc("/", dumpHandler) | |
| http.HandleFunc("/preflight/", preflight) | |
| http.HandleFunc("/logs", logHandler) | |
| // http.HandleFunc("/ruledownload/", ruleDownload) | |
| log.Fatal(http.ListenAndServeTLS(":8080", "server.crt", "server.key", nil)) | |
| } | |
| type Rule struct { | |
| RuleType string `json:"rule_type"` | |
| Policy string `json:"policy"` | |
| SHA256 string `json:"sha256"` | |
| CustomMessage string `json:"custom_msg,omitempty"` | |
| } | |
| type ruleResp struct { | |
| Rules []*Rule `json:"rules"` | |
| } | |
| func ruleDownload(w http.ResponseWriter, r *http.Request) { | |
| // w.Write([]byte(`{"rules": [{"rule_type": "BINARY", "policy": "BLACKLIST", "sha256": "2dc104631939b4bdf5d6bccab76e166e37fe5e1605340cf68dab919df58b8eda", "custom_msg": "hi there"}]}`)) | |
| rules := ruleResp{ | |
| Rules: []*Rule{ | |
| &Rule{ | |
| RuleType: "BINARY", | |
| Policy: "BLACKLIST", | |
| SHA256: "2dc104631939b4bdf5d6bccab76e166e37fe5e1605340cf68dab919df58b8eda", | |
| CustomMessage: "BlackListing Firefox", | |
| }, | |
| }, | |
| } | |
| if err := json.NewEncoder(w).Encode(rules); err != nil { | |
| log.Println(err) | |
| return | |
| } | |
| } | |
| func logHandler(w http.ResponseWriter, r *http.Request) { | |
| out, err := httputil.DumpRequest(r, false) | |
| if err != nil { | |
| log.Println(err) | |
| return | |
| } | |
| fmt.Println(string(out)) | |
| f, _ := os.Create("/tmp/santa.log.gz") | |
| defer r.Body.Close() | |
| defer f.Close() | |
| io.Copy(f, r.Body) | |
| } | |
| func dumpHandler(w http.ResponseWriter, r *http.Request) { | |
| out, err := httputil.DumpRequest(r, false) | |
| if err != nil { | |
| log.Println(err) | |
| return | |
| } | |
| fmt.Println(string(out)) | |
| // fmt.Println("start ----") | |
| // fmt.Println(r.RequestURI) | |
| // defer fmt.Println("end ----") | |
| defer r.Body.Close() | |
| zr, err := zlib.NewReader(r.Body) | |
| if err != nil { | |
| log.Println(err) | |
| return | |
| } | |
| defer zr.Close() | |
| io.Copy(os.Stdout, zr) | |
| fmt.Println("") | |
| } | |
| func preflight(w http.ResponseWriter, r *http.Request) { | |
| out, err := httputil.DumpRequest(r, false) | |
| if err != nil { | |
| log.Println(err) | |
| return | |
| } | |
| fmt.Println(string(out)) | |
| defer r.Body.Close() | |
| zr, err := zlib.NewReader(r.Body) | |
| if err != nil { | |
| log.Println(err) | |
| return | |
| } | |
| defer zr.Close() | |
| io.Copy(os.Stdout, zr) | |
| fmt.Println("") | |
| w.Write([]byte(`{"request_clean_sync": true, "blacklist_regex": "^(?:/Users)/.*", "batch_size": 1, "upload_logs_url": "https://santa:8080/logs"}`)) | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment