Created
October 13, 2022 17:30
-
-
Save thinkst-cs/bda57a71974dab6a432c44ea55b33596 to your computer and use it in GitHub Desktop.
Canary Relay Example - Return JSON but Trigger a Canarytoken
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| """ | |
| Very simple HTTP server in python for logging requests | |
| Usage:: | |
| ./server.py [<port>] | |
| Original https://gist.github.com/mdonkers/63e115cc0c79b4f6b8b3a6b797e485c7 | |
| """ | |
| from http.server import BaseHTTPRequestHandler, HTTPServer | |
| from urllib import request | |
| import requests | |
| import logging | |
| class S(BaseHTTPRequestHandler): | |
| def _set_response(self): | |
| self.send_response(200) | |
| self.send_header('Content-type', 'text/html') | |
| self.end_headers() | |
| def do_GET(self): | |
| logging.info("GET request,\nPath: %s\nHeaders:\n%s\n", str(self.path), str(self.headers)) | |
| self._set_response() | |
| #self.wfile.write("GET request for {}".format(self.path).encode('utf-8')) | |
| #Fetch Canary | |
| canary_url = "http://canarytokens.com/about/traffic/bdqbzwsfgrt8z4858hb7iacdc/submit.aspx" | |
| headers = self.headers | |
| # I think this is an wasy way to clone headers and send them to canarytokens.org | |
| # Probably could add like Source IP / Forwarded for too? | |
| f = requests.get(canary_url,headers=headers) | |
| # return fake JSON | |
| self.wfile.write('{"name":"John"}'.encode('utf-8')) | |
| def do_POST(self): | |
| content_length = int(self.headers['Content-Length']) # <--- Gets the size of data | |
| post_data = self.rfile.read(content_length) # <--- Gets the data itself | |
| logging.info("POST request,\nPath: %s\nHeaders:\n%s\n\nBody:\n%s\n", | |
| str(self.path), str(self.headers), post_data.decode('utf-8')) | |
| self._set_response() | |
| #self.wfile.write("POST request for {}".format(self.path).encode('utf-8')) | |
| f = request.urlopen("http://canarytokens.com/about/traffic/bdqbzwsfgrt8z4858hb7iacdc/submit.aspx") | |
| # return fake JSON | |
| self.wfile.write('{"name":"John"}'.encode('utf-8')) | |
| def run(server_class=HTTPServer, handler_class=S, port=8080): | |
| logging.basicConfig(level=logging.INFO) | |
| server_address = ('', port) | |
| httpd = server_class(server_address, handler_class) | |
| logging.info('Starting httpd...\n') | |
| try: | |
| httpd.serve_forever() | |
| except KeyboardInterrupt: | |
| pass | |
| httpd.server_close() | |
| logging.info('Stopping httpd...\n') | |
| if __name__ == '__main__': | |
| from sys import argv | |
| if len(argv) == 2: | |
| run(port=int(argv[1])) | |
| else: | |
| run() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment