forked from magisterquis/sshhipot
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathrequest.go
85 lines (77 loc) · 1.79 KB
/
request.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
package main
/*
* request.go
* Handle ssh requests
* By J. Stuart McMurray
* Created 20160517
* Last Modified 20160702
*/
import (
"crypto/subtle"
"fmt"
"log"
"golang.org/x/crypto/ssh"
)
/* Requestable is anything with a SendRequest */
type Requestable interface {
SendRequest(
name string,
wantReply bool,
payload []byte,
) (bool, []byte, error)
}
/* handleReqs logs each received request and proxies it to the server. */
/* handleReqs handles the requests which come in on reqs and proxies them to
rable. All of this is logged to lg, prefixed with desc, which should
indicate the direction (e.g. attacker->server) of the request. */
func handleReqs(
reqs <-chan *ssh.Request,
rable Requestable,
lg *log.Logger,
direction string,
) {
/* Read requests until there's no more */
for r := range reqs {
handleRequest(r, rable, lg, direction)
}
}
/* handleRequest handles a single request, which is proxied to rable and logged
via lg. */
func handleRequest(
r *ssh.Request,
rable Requestable,
lg *log.Logger,
direction string,
) {
rl := fmt.Sprintf(
"Type:%q WantReply:%v Payload:%q Direction:%q",
r.Type,
r.WantReply,
r.Payload,
direction,
)
/* Ignore certain requests, because we're bad people */
if IGNORENMS {
for _, ir := range IGNOREREQUESTS {
if 1 == subtle.ConstantTimeCompare(
[]byte(r.Type),
[]byte(ir),
) {
lg.Printf("Ignoring Request %s", rl)
return
}
}
}
/* Proxy to server */
ok, data, err := rable.SendRequest(r.Type, r.WantReply, r.Payload)
if nil != err {
lg.Printf("Unable to proxy request %s Error:%v", rl, err)
return
}
/* TODO: Pass to server */
if err := r.Reply(ok, data); nil != err {
lg.Printf("Unable to respond to request %s Error:%v", rl, err)
return
}
lg.Printf("Request %s Ok:%v Response:%q", rl, ok, data)
}