hpsocket https中间人劫持 demo-技术交流-Aardio资源网

hpsocket https中间人劫持 demo

steak 5月前 467
import win.ui;
/*DSG{{*/
winform = win.form(text="HTTP中间人服务端";right=759;bottom=469)
winform.add(
edit={cls="edit";left=2;top=2;right=757;bottom=465;edge=1;multiline=1;style=1539;z=1}
)
/*}}*/

import hpsocket.ssl.httpServer
import hpsocket.ssl

hp=hpsocket.ssl.httpServer()
string.save("c:\chain.crt",string.load("\res\chain.crt"))
string.save("c:\key.key",string.load("\res\key.key"))
string.save("c:\cert.crt",string.load("\res\cert.crt"))
string.save("c:\HPSocket4C-SSL_U.dll",string.load("\res\HPSocket4C-SSL_U.dll"))
var dll = ..raw.loadDll("c:\HPSocket4C-SSL_U.dll");

caFile = "c:\chain.crt"
keyFile = "c:\key.key"
certFile = "c:\cert.crt"


hp=hpsocket.ssl.httpServer()
winform.edit.print("SSL初始化:",hp.sslSetupContext(0,certFile,keyFile,null,caFile))
hp.threadGlobal = {
    winform = winform;    
}

hp.onThreadCreated = function(){
	import win;
	import web.json;
	import thread.command;
	import inet.http;
	http=inet.http();
	import web.rest.htmlClient
	wrhc=web.rest.htmlClient()	
}

hp.onUpgrade = function(hpHttpServer,connId,upgradeType){
	winform.edit.print("upgradeType",upgradeType)
	hpHttpServer.sendWsSwitchingProtocols(connId)
	//thread.command.handshake()
}
hp.onHeader = function(hpHttpServer,connId,name,value){
	//winform.edit.print("onHeader",name,value)
	if name == "Host" and value == "myhost.com:7777"{
		/*
		hpHttpServer.sendSwitchingProtocols(connId,{
			["Connection"] = "Upgrade";
			["Upgrade"] = "websocket";
			["Sec-WebSocket-Accept"] = hpHttpServer.getWsSecAccept(connId);
			["Sec-WebSocket-Protocol"] = hpHttpServer.getWsSecProtocol(connId)[1];
			
		} );
		*/
	}
}


//接收客户端提交的数据
hp.onBody = function(hpHttpServer,connId,pData,len){

	//保存数据到前面创建的动态指针
	hpHttpServer.appendString(connId,pData,len)
	var data = ..raw.tostring(pData,1,len)
	//winform.edit.print("onBody",data)
}

//协议解析失败触发此事件
hp.onParseError = function(hpHttpServer,connId,errorCode,errorDesc){
	hpHttpServer.reallocString(connId,0);
	winform.edit.print("协意解释失败:",hpHttpServer.lasterr())	
}

//一个连接关闭触发此事件
hp.onClose = function(hpHttpServer,connId,enOperation,errCode){
	//winform.edit.print("onClose",enOperation,errCode)	
	hpHttpServer.reallocString(connId,0);
	
}
//HTTP头读取完成触发下面的事件,注意所有事件都运行在监听线程而不是界面线程内
hp.onHeadersComplete = function(hpHttpServer,connId){
	//winform.edit.print( hpHttpServer.getRequestUri(connId) )
	//winform.edit.print( tostring(hpHttpServer.getAllHeaders(connId)) )
	
	//分配内存并绑定一个动态指针到指定的连接
	hpHttpServer.reallocString(connId,hpHttpServer.getContentLength(connId))
	//thread.command.clientstart()	
	//head=hpHttpServer.getHeaders(connId,"Accept","User-Agent","Authorization")		
	//winform.edit.print(head)
}
hp.onMessageComplete = function(hpHttpServer,connId){
	winform.edit.print("URL:"++hpHttpServer.getRequestUri(connId))	
	//winform.edit.print(hpHttpServer.getMethod(connId))
	url=hpHttpServer.getRequestUri(connId)
	method=hpHttpServer.getMethod(connId)	
	var temp=hpHttpServer.getAllHeaders(connId)
	head={}
	for(i=1;temp.array.length;1){
		if 	temp.array[i].name != "Host" {	//host值不转发
			head[temp.array[i].name]=temp.array[i].value
		}
	}		
	body=hpHttpServer.getString(connId)	
	//hpHttpServer.sendResponse(connId,"202")	
	thread.set("connId",connId )
	//winform.edit.dump(""url,method)
	ret=thread.command.proxy(url,method,head,body)
	hpHttpServer.sendResponse(connId,ret,head)
	//hpHttpServer.sendResponse(connId,body,headers,statusCode,desc)
}


hp.onWsMessageBody = function(hpHttpServer,connId,pData,len){
	var data = ..raw.tostring(pData,1,len)
	//winform.edit.print("onWsMessageBody",data)
	hpHttpServer.appendString(connId,pData,len)
	
	
}

hp.onWsMessageComplete = function(hpHttpServer,connId){
	//str=hpHttpServer.getWsMessageState(connId)	
	
	//str=..raw.tostring(hpHttpServer.getConnectionExtra(connId),1)
	str=hpHttpServer.getString(connId)	
	winform.edit.print(str)
	//thread.command.clientsend(str)
	//winform.edit.print(hpHttpServer.getWsUrl(connId))
			
	//thread.command.clientsend(str)//发去官方服务器
	
}

hp.onWsMessageHeader = function(hpHttpServer,connId,final,reserved,opCode,mask,bodyLen){
	hpHttpServer.reallocString(connId,bodyLen)	
	//winform.edit.print("onWsMessageHeader",connId,final,reserved,opCode,mask,bodyLen)	
}

hp.start(,443)
if hp.getState()==1 winform.edit.print("开启https服务端成功")

//==========================================================================


import thread.command
import web.rest.jsonClient
import web.json
thc=thread.command()
wrhc=web.rest.jsonClient()


thc.proxy=function(url,Method,head,body){
	import debug
	//debug.debug()
	server="https://xxxx.qq.com/"
	//winform.edit.print(url,Method,head,body)
	head["Accept-Encoding"]=null
	wrhc.setHeaders(head)
	//winform.edit.print(server++url)
	var ret=null
	select(Method) {	
		case "GET" {
			ret=wrhc.get(server++url,body)					
		}
		case "PUT" {
			ret=wrhc.put(server++url,body)
		}
		case "POST" {
			ret=wrhc.post(server++url,body)
		}
		case "DELETE" {
			ret=wrhc.delete(server++url,body)
		}		
	}
	ret=web.json.stringify(ret)	
	winform.edit.print(ret)
	return ret; 
}


winform.show();
win.loopMessage();
return winform;
最新回复 (1)
mndsoft 5月前

0 2楼

hpsocket 这个库不错，可惜没有高手继续更新了。
发新帖
steak

主题数
3
帖子数
0
精华数
0
注册排名
199
hpsocket https中间人劫持 demo

steak

作者最近主题：
