hpsocket https中间人劫持 demo

steak 5月前 469

Code AardioLine:185复制
  • 1.
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20.
  • 21.
  • 22.
  • 23.
  • 24.
  • 25.
  • 26.
  • 27.
  • 28.
  • 29.
  • 30.
  • 31.
  • 32.
  • 33.
  • 34.
  • 35.
  • 36.
  • 37.
  • 38.
  • 39.
  • 40.
  • 41.
  • 42.
  • 43.
  • 44.
  • 45.
  • 46.
  • 47.
  • 48.
  • 49.
  • 50.
  • 51.
  • 52.
  • 53.
  • 54.
  • 55.
  • 56.
  • 57.
  • 58.
  • 59.
  • 60.
  • 61.
  • 62.
  • 63.
  • 64.
  • 65.
  • 66.
  • 67.
  • 68.
  • 69.
  • 70.
  • 71.
  • 72.
  • 73.
  • 74.
  • 75.
  • 76.
  • 77.
  • 78.
  • 79.
  • 80.
  • 81.
  • 82.
  • 83.
  • 84.
  • 85.
  • 86.
  • 87.
  • 88.
  • 89.
  • 90.
  • 91.
  • 92.
  • 93.
  • 94.
  • 95.
  • 96.
  • 97.
  • 98.
  • 99.
  • 100.
  • 101.
  • 102.
  • 103.
  • 104.
  • 105.
  • 106.
  • 107.
  • 108.
  • 109.
  • 110.
  • 111.
  • 112.
  • 113.
  • 114.
  • 115.
  • 116.
  • 117.
  • 118.
  • 119.
  • 120.
  • 121.
  • 122.
  • 123.
  • 124.
  • 125.
  • 126.
  • 127.
  • 128.
  • 129.
  • 130.
  • 131.
  • 132.
  • 133.
  • 134.
  • 135.
  • 136.
  • 137.
  • 138.
  • 139.
  • 140.
  • 141.
  • 142.
  • 143.
  • 144.
  • 145.
  • 146.
  • 147.
  • 148.
  • 149.
  • 150.
  • 151.
  • 152.
  • 153.
  • 154.
  • 155.
  • 156.
  • 157.
  • 158.
  • 159.
  • 160.
  • 161.
  • 162.
  • 163.
  • 164.
  • 165.
  • 166.
  • 167.
  • 168.
  • 169.
  • 170.
  • 171.
  • 172.
  • 173.
  • 174.
  • 175.
  • 176.
  • 177.
  • 178.
  • 179.
  • 180.
  • 181.
  • 182.
  • 183.
  • 184.
  • 185.
    • import win.ui;
    • /*DSG{{*/
    • winform = win.form(text="HTTP中间人服务端";right=759;bottom=469)
    • winform.add(
    • edit={cls="edit";left=2;top=2;right=757;bottom=465;edge=1;multiline=1;style=1539;z=1}
    • )
    • /*}}*/
    • import hpsocket.ssl.httpServer
    • import hpsocket.ssl
    • hp=hpsocket.ssl.httpServer()
    • string.save("c:\chain.crt",string.load("\res\chain.crt"))
    • string.save("c:\key.key",string.load("\res\key.key"))
    • string.save("c:\cert.crt",string.load("\res\cert.crt"))
    • string.save("c:\HPSocket4C-SSL_U.dll",string.load("\res\HPSocket4C-SSL_U.dll"))
    • var dll = ..raw.loadDll("c:\HPSocket4C-SSL_U.dll");
    • caFile = "c:\chain.crt"
    • keyFile = "c:\key.key"
    • certFile = "c:\cert.crt"
    • hp=hpsocket.ssl.httpServer()
    • winform.edit.print("SSL初始化:",hp.sslSetupContext(0,certFile,keyFile,null,caFile))
    • hp.threadGlobal = {
    • winform = winform;
    • }
    • hp.onThreadCreated = function(){
    • import win;
    • import web.json;
    • import thread.command;
    • import inet.http;
    • http=inet.http();
    • import web.rest.htmlClient
    • wrhc=web.rest.htmlClient()
    • }
    • hp.onUpgrade = function(hpHttpServer,connId,upgradeType){
    • winform.edit.print("upgradeType",upgradeType)
    • hpHttpServer.sendWsSwitchingProtocols(connId)
    • //thread.command.handshake()
    • }
    • hp.onHeader = function(hpHttpServer,connId,name,value){
    • //winform.edit.print("onHeader",name,value)
    • if name == "Host" and value == "myhost.com:7777"{
    • /*
    • hpHttpServer.sendSwitchingProtocols(connId,{
    • ["Connection"] = "Upgrade";
    • ["Upgrade"] = "websocket";
    • ["Sec-WebSocket-Accept"] = hpHttpServer.getWsSecAccept(connId);
    • ["Sec-WebSocket-Protocol"] = hpHttpServer.getWsSecProtocol(connId)[1];
    • } );
    • */
    • }
    • }
    • //接收客户端提交的数据
    • hp.onBody = function(hpHttpServer,connId,pData,len){
    • //保存数据到前面创建的动态指针
    • hpHttpServer.appendString(connId,pData,len)
    • var data = ..raw.tostring(pData,1,len)
    • //winform.edit.print("onBody",data)
    • }
    • //协议解析失败触发此事件
    • hp.onParseError = function(hpHttpServer,connId,errorCode,errorDesc){
    • hpHttpServer.reallocString(connId,0);
    • winform.edit.print("协意解释失败:",hpHttpServer.lasterr())
    • }
    • //一个连接关闭触发此事件
    • hp.onClose = function(hpHttpServer,connId,enOperation,errCode){
    • //winform.edit.print("onClose",enOperation,errCode)
    • hpHttpServer.reallocString(connId,0);
    • }
    • //HTTP头读取完成触发下面的事件,注意所有事件都运行在监听线程而不是界面线程内
    • hp.onHeadersComplete = function(hpHttpServer,connId){
    • //winform.edit.print( hpHttpServer.getRequestUri(connId) )
    • //winform.edit.print( tostring(hpHttpServer.getAllHeaders(connId)) )
    • //分配内存并绑定一个动态指针到指定的连接
    • hpHttpServer.reallocString(connId,hpHttpServer.getContentLength(connId))
    • //thread.command.clientstart()
    • //head=hpHttpServer.getHeaders(connId,"Accept","User-Agent","Authorization")
    • //winform.edit.print(head)
    • }
    • hp.onMessageComplete = function(hpHttpServer,connId){
    • winform.edit.print("URL:"++hpHttpServer.getRequestUri(connId))
    • //winform.edit.print(hpHttpServer.getMethod(connId))
    • url=hpHttpServer.getRequestUri(connId)
    • method=hpHttpServer.getMethod(connId)
    • var temp=hpHttpServer.getAllHeaders(connId)
    • head={}
    • for(i=1;temp.array.length;1){
    • if temp.array[i].name != "Host" { //host值不转发
    • head[temp.array[i].name]=temp.array[i].value
    • }
    • }
    • body=hpHttpServer.getString(connId)
    • //hpHttpServer.sendResponse(connId,"202")
    • thread.set("connId",connId )
    • //winform.edit.dump(""url,method)
    • ret=thread.command.proxy(url,method,head,body)
    • hpHttpServer.sendResponse(connId,ret,head)
    • //hpHttpServer.sendResponse(connId,body,headers,statusCode,desc)
    • }
    • hp.onWsMessageBody = function(hpHttpServer,connId,pData,len){
    • var data = ..raw.tostring(pData,1,len)
    • //winform.edit.print("onWsMessageBody",data)
    • hpHttpServer.appendString(connId,pData,len)
    • }
    • hp.onWsMessageComplete = function(hpHttpServer,connId){
    • //str=hpHttpServer.getWsMessageState(connId)
    • //str=..raw.tostring(hpHttpServer.getConnectionExtra(connId),1)
    • str=hpHttpServer.getString(connId)
    • winform.edit.print(str)
    • //thread.command.clientsend(str)
    • //winform.edit.print(hpHttpServer.getWsUrl(connId))
    • //thread.command.clientsend(str)//发去官方服务器
    • }
    • hp.onWsMessageHeader = function(hpHttpServer,connId,final,reserved,opCode,mask,bodyLen){
    • hpHttpServer.reallocString(connId,bodyLen)
    • //winform.edit.print("onWsMessageHeader",connId,final,reserved,opCode,mask,bodyLen)
    • }
    • hp.start(,443)
    • if hp.getState()==1 winform.edit.print("开启https服务端成功")
    • //==========================================================================
    • import thread.command
    • import web.rest.jsonClient
    • import web.json
    • thc=thread.command()
    • wrhc=web.rest.jsonClient()
    • thc.proxy=function(url,Method,head,body){
    • import debug
    • //debug.debug()
    • server="https://xxxx.qq.com/"
    • //winform.edit.print(url,Method,head,body)
    • head["Accept-Encoding"]=null
    • wrhc.setHeaders(head)
    • //winform.edit.print(server++url)
    • var ret=null
    • select(Method) {
    • case "GET" {
    • ret=wrhc.get(server++url,body)
    • }
    • case "PUT" {
    • ret=wrhc.put(server++url,body)
    • }
    • case "POST" {
    • ret=wrhc.post(server++url,body)
    • }
    • case "DELETE" {
    • ret=wrhc.delete(server++url,body)
    • }
    • }
    • ret=web.json.stringify(ret)
    • winform.edit.print(ret)
    • return ret;
    • }
    • winform.show();
    • win.loopMessage();
    • return winform;


    最新回复 (1)
    • mndsoft 5月前
      0 2

      hpsocket 这个库不错,可惜没有高手继续更新了。

    返回
    发新帖