Create a gist now

Instantly share code, notes, and snippets.

Embed
What would you like to do?
该脚本会在8080端口开启一个服务并记录所有访问到该服务的HTTP请求,返回访问时间并将请求包转化为Burpsuite等工具可用的格式记录在日志里。依赖Flask(pip install Flask),使用: python httplogger.py log.log
# coding=utf-8
# By Nearg1e
import logging
import datetime
import string
from sys import argv
from flask import Flask, request
app = Flask(__name__)
logger = logging.getLogger('reqlogging')
def log_init(filepath):
f = open(filepath, 'a+')
Log_Handle = logging.StreamHandler(f)
FORMATTER = logging.Formatter(
"\r[%(asctime)s] %(message)s",
"%H:%M:%S"
)
Log_Handle.setFormatter(FORMATTER)
logger.addHandler(Log_Handle)
logger.setLevel(logging.DEBUG)
def filename_format(filename=""):
unfilestr = string.punctuation.replace("./-", "")
for s in unfilestr:
filename = filename.replace(s, "_")
return filename
def current_date():
return "{}.txt".format(datetime.datetime.now().strftime("%Y-%m-%d"))
@app.route('/', methods=['GET', 'POST', 'OPTIONS', 'PUT', 'DELETE', 'HEAD', 'PATCH'])
@app.route('/<path:urlpath>', methods=['GET', 'POST', 'OPTIONS', 'PUT', 'DELETE', 'HEAD', 'PATCH'])
def web(urlpath='/'):
request_text = ""
infodict = {
"method" : request.method,
"path" : request.full_path,
"httpver" : request.environ.get('SERVER_PROTOCOL')
}
line_1st = "{method} {path} {httpver}\n".format(**infodict)
request_text += line_1st
for key, value in request.headers.to_list():
item = "{}: {}\n".format(key, value)
request_text += item
request_text += "\n"
if request.method.upper() == "POST":
post_para_list = []
for item in request.form.items():
post_para_list.append("{}={}".format(*item))
post_para = "&".join(post_para_list)
request_text += post_para
request_text += "\n"
logger.info("{}\n{}".format(line_1st, request_text))
return request_text.replace('\n', '<br>')
if __name__ == "__main__":
filepath = filename_format(argv[1]) if len(argv) == 2 else current_date()
log_init(filepath)
app.run(debug=True, threaded=True, port=8080, host="0.0.0.0")
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment