Tor Network Status -- Tor Exit Query

From: Matteo Nastasi (mop) Date: Sat, 27 Sep 2014 17:46:47 +0000 (+0200) Subject: Merge branch 'master' into brisk X-Git-Url: http://mop.ddnsfree.com/gitweb/?a=commitdiff_plain;h=b248fce17bc2598406a52da26d80537b8f87f324;hp=c7d496408f733c5cac096cd7ebebdeaeaf3d051c;p=curl-de-sac.git Merge branch 'master' into brisk --- diff --git a/INSTALL.sh b/INSTALL.sh index e8de2f7..042ea51 100755 --- a/INSTALL.sh +++ b/INSTALL.sh @@ -9,6 +9,7 @@ apache_conf="/etc/apache2/sites-available/default" # brisk_debug="0xffff" web_path="/home/nastasi/web/curl-de-sacccc" web_url="http://localhost/curl-de-sac" +tor_chk_url="http://localhost/curl-de-sac/test/tor_mock.php" dbg_level=998 # ftok_path="/home/nastasi/brisk-priv/ftok/brisk" # proxy_path="/home/nastasi/brisk-priv/proxy/brisk" @@ -26,7 +27,7 @@ function usage () { echo "$1 chk - run lintian on all ph* files." # echo "$1 pkg - build brisk packages." - echo "$1 [-w ] [-f ] [-p ]" # [-W] [-n 3|5] [-t <(n>=4)>] [-T ] [-G ] [-A ] [-a ] [-U ] [-u ] [-d ] [-k ] [-l ] [-y ] [-P ] [-x]" + echo "$1 [-w ] [-f ] [-p ] [-t ]" # [-W] [-n 3|5] [-t <(n>=4)>] [-T ] [-G ] [-A ] [-a ] [-U ] [-u ] [-d ] [-k ] [-l ] [-y ] [-P ] [-x]" # echo "$1 [-W] [-n 3|5] [-t <(n>=4)>] [-T ] [-G ] [-A ] [-a ] [-f ] [-p ] [-U ] [-u ] [-d ] [-w ] [-k ] [-l ] [-y ] [-P ] [-x]" echo "$1 [-w ]" echo " -h this help" @@ -42,6 +43,7 @@ function usage () { echo " -d set debug level - def. $dbg_level" echo " -w dir where place the web tree - def. \"$web_path\"" echo " -U web url to retrieve test pages - def. \"$web_url\"" + echo " -t tor chk url - def. \"$tor_chk_url\"" # echo " -k dir where place ftok files - def. \"$ftok_path\"" # echo " -l dir where save logs - def. \"$legal_path\"" # echo " -y dir where place proxy files - def. \"$proxy_path\"" @@ -150,6 +152,7 @@ while [ $# -gt 0 ]; do -d*) dbg_level="$(get_param "-d" "$1" "$2")"; sh=$?;; -w*) web_path="$(get_param "-w" "$1" "$2")"; sh=$?;; -U*) web_url="$(get_param "-U" "$1" "$2")" ; sh=$?;; + -t*) tor_chk_url="$(get_param "-t" "$1" "$2")" ; sh=$?;; # -k*) ftok_path="$(get_param "-k" "$1" "$2")"; sh=$?;; # -y*) proxy_path="$(get_param "-y" "$1" "$2")"; sh=$?;; # -P*) prefix_path="$(get_param "-P" "$1" "$2")"; sh=$?;; @@ -186,6 +189,8 @@ echo " outconf: \"$outconf\"" echo " dbg_level: $dbg_level" echo " web_path: \"$web_path\"" echo " web_url: \"$web_url\"" +echo " tor_chk_url: \"$tor_chk_url\"" + # echo " ftok_path: \"$ftok_path\"" # echo " legal_path: \"$legal_path\"" # echo " proxy_path: \"$proxy_path\"" @@ -210,6 +215,7 @@ if [ ! -z "$outconf" ]; then echo "dbg_level=$dbg_level" echo "web_path=\"$web_path\"" echo "web_url=\"$web_url\"" + echo "tor_chk_url=\"$tor_chk_url\"" # echo "ftok_path=\"$ftok_path\"" # echo "proxy_path=\"$proxy_path\"" # echo "legal_path=\"$legal_path\"" @@ -218,7 +224,7 @@ if [ ! -z "$outconf" ]; then # echo "usock_path=\"$usock_path\"" # echo "sys_user=\"$sys_user\"" # echo "web_only=\"$web_only\"" - # echo "test_add=\"$test_add\"" + echo "test_add=\"$test_add\"" ) > "$outconf" fi @@ -296,7 +302,7 @@ fi # sed -i "s/^var G_send_time *= *[0-9]\+/var G_send_time = $send_time/g" $(find ${web_path} -type f -name '*.js' -exec grep -l '^var G_send_time *= *[0-9]\+' {} \;) # # .ph[pho] substitutions -sed -i "s@^define *( *'WEB_URL', *'[^']\+' *)@define('WEB_URL', '$web_url')@g;s@define *( *'DBG_LEVEL', *[0-9]\+ *)@define('DBG_LEVEL', $dbg_level)@g" $(find ${web_path} -type f -name '*.ph*') +sed -i "s@^define *( *'WEB_URL', *'[^']\+' *)@define('WEB_URL', '$web_url')@g;s@define *( *'DBG_LEVEL', *[0-9]\+ *)@define('DBG_LEVEL', $dbg_level)@g;s@define *( *'TOR_CHK_URL', *'[^']\+' *)@define('TOR_CHK_URL', '$tor_chk_url')@g" $(find ${web_path} -type f -name '*.ph*') # sed -i "s/define *( *'BIN5_PLAYERS_N', *[0-9]\+ *)/define('BIN5_PLAYERS_N', $players_n)/g" $(find ${web_path} -type f -name '*.ph*' -exec grep -l "define *( *'BIN5_PLAYERS_N', *[0-9]\+ *)" {} \;) diff --git a/TODO.txt b/TODO.txt index 1a0ae14..3dd0fa5 100644 --- a/TODO.txt +++ b/TODO.txt @@ -1,5 +1,7 @@ TODO LIST +- pass the callback function to the command class + - move name and timeout class to register function to be able to use the same class different times diff --git a/web/Obj/curl-de-brisk.phh b/web/Obj/curl-de-brisk.phh new file mode 100755 index 0000000..8dd8889 --- /dev/null +++ b/web/Obj/curl-de-brisk.phh @@ -0,0 +1,206 @@ +ctx = $ctx; + $this->user_idx = $user_idx; + $this->user_sess = $user_sess; + $this->conn_ip = $conn_ip; + $this->is_auth = $is_auth; + } +} + +class Tor_chk_cmd_cls extends CDS_cmd_cls { + function Tor_chk_cmd_cls() + { + parent::__construct("tor_chk", 10); + } + + function create($cds, $ctx, $user_idx, $user_sess, $conn_ip, $is_auth) + { + if ($cds->dbg_get() > 0) { + printf("'tor_chk'::create url:[%s]\n", 'TOR_CHK_URL'); + } + + do { + $opts = array( CURLOPT_HEADER => 0, + CURLOPT_RETURNTRANSFER => 1, + CURLOPT_FORBID_REUSE => true, + CURLOPT_HTTPHEADER => array('Connection: close'), + CURLOPT_POST => true, + CURLOPT_POSTFIELDS => array('QueryIP' => $conn_ip)); + + if (($ch = parent::pre_create($cds, TOR_CHK_URL, $opts)) == FALSE) + break; + + if (parent::create($cds, $ch) == FALSE) + break; + + $cmd = new Tor_chk_cmd($this, $ch, $ctx, $user_idx, $user_sess, $conn_ip, $is_auth); + + return $cmd; + } while (FALSE); + + return FALSE; + } + + function process($cmd, $ret) + { + if ($this->dbg_get() > 2) { + printf("CURL: 'tor_chk' process: curl_multi_getcontent\n"); + print_r($ret); + } + + $content = curl_multi_getcontent($cmd->ch_get()); + if ($this->dbg_get() > 0) { printf("'tor_chk' process: [%s]\n", $content); } + + $is_tor = FALSE; + if (mb_strpos($content, + "The IP Address you entered matches one or more active Tor servers", + 0, "UTF-8") !== FALSE) { + // printf("WARNING: stripos ok\n"); + $is_tor = TRUE; + } + else if (mb_strpos($content, + "The IP Address you entered is NOT an active Tor server", + 0, "UTF-8") === FALSE) { + printf("WARNING: tor check disabled\n"); + } + else { + // printf("WARNING: NOT an active Tor server on IP [%s]\n", $cmd->conn_ip); + ; + } + + $cmd->ctx->tor_chk_postprocess($cmd->user_idx, $cmd->user_sess, $cmd->conn_ip, $cmd->is_auth, $is_tor); + + return TRUE; + } + + function timeout($cmd) + { + printf("'tor_chk' timeout function reached\n"); + } +} + +class Proxy_chk_cmd_cls extends CDS_cmd_cls { + function Proxy_chk_cmd_cls() + { + parent::__construct("proxy_chk", 10); + + $this->scan_headers = array( + 'HTTP_VIA', + 'HTTP_X_FORWARDED_FOR', + 'HTTP_FORWARDED_FOR', + 'HTTP_X_FORWARDED', + 'HTTP_FORWARDED', + 'HTTP_CLIENT_IP', + 'HTTP_FORWARDED_FOR_IP', + 'VIA', + 'X_FORWARDED_FOR', + 'FORWARDED_FOR', + 'X_FORWARDED', + 'FORWARDED', + 'CLIENT_IP', + 'FORWARDED_FOR_IP', + 'HTTP_PROXY_CONNECTION' + ); + } + + function create($cds, $ctx, $user_idx, $user_sess, $conn_ip, $is_auth, $headers) + { + if ($cds->dbg_get() > 0) { + printf("'proxy_chk'::create url:[%s]\n", 'PROXY_CHK_URL'); + } + + foreach($this->scan_headers as $key){ + //proxy detected? lets log... + if($headers[$key]) { + // we already are behind a PROXY, this are our headers + if ($key == 'X-Proxy-ID') { + if ($headers[$key] == '860705422') + continue; + } + else if ($key == 'X-Forwarded-For') { + if ($headers[$key] == '172.16.9.66') + continue; + } + else if ($key == 'Via') { + if ($headers[$key] == '1.1 172.16.8.1 (Mikrotik HttpProxy)') + continue; + } + + $ctx->proxy_chk_postprocess($user_idx, $user_sess, $conn_ip, $is_auth, TRUE); + return TRUE; + } + } + + do { + $opts = array( CURLOPT_HEADER => 0, + CURLOPT_RETURNTRANSFER => 1, + CURLOPT_FORBID_REUSE => true, + CURLOPT_HTTPHEADER => array('Connection: close'), + CURLOPT_POST => true, + CURLOPT_POSTFIELDS => array('conn_ip' => $conn_ip)); + + if (($ch = parent::pre_create($cds, PROXY_CHK_URL, $opts)) == FALSE) + break; + + if (parent::create($cds, $ch) == FALSE) + break; + + $cmd = new Proxy_chk_cmd($this, $ch, $ctx, $user_idx, $user_sess, $conn_ip, $is_auth); + + return $cmd; + } while (FALSE); + + return FALSE; + } + + function process($cmd, $ret) + { + if ($this->dbg_get() > 2) { + printf("CURL: 'proxy_chk' process: curl_multi_getcontent\n"); + print_r($ret); + } + + $content = curl_multi_getcontent($cmd->ch_get()); + if ($this->dbg_get() > 0) { printf("'proxy_chk' process: [%s]\n", $content); } + + $is_proxy = FALSE; + if (mb_strpos($content, "is_proxy=true", 0, "UTF-8") !== FALSE) { + // printf("WARNING: stripos ok\n"); + $is_proxy = TRUE; + } + else if (mb_strpos($content, "is_proxy=false", 0, "UTF-8") === FALSE) { + printf("WARNING: proxy check disabled\n"); + } + else { + // printf("WARNING: NOT an active Proxy server on IP [%s]\n", $cmd->conn_ip); + ; + } + + $cmd->ctx->proxy_chk_postprocess($cmd->user_idx, $cmd->user_sess, $cmd->conn_ip, $cmd->is_auth, $is_proxy); + + return TRUE; + } + + function timeout($cmd) + { + printf("'proxy_chk' timeout function reached\n"); + } +} + +?> diff --git a/webtest/Data/tor_mock_bad.html b/webtest/Data/tor_mock_bad.html new file mode 100644 index 0000000..5d641b8 --- /dev/null +++ b/webtest/Data/tor_mock_bad.html @@ -0,0 +1,63 @@ + + + + + + +Tor Network Status -- Tor Exit Query + + +

+ + + + + + + + + + + + + + + + + + +

You can use this page to determine if an +IP address is an active Tor server, and optionally see if that Tor +server's Exit Policy would permit it to exit to a certain destination +IP address and port.

-The IP Address you entered is NOT an active Tor server-

+ + + + + +

+
+ + + +

+ +

+

+ +

+ + + + + +

Tor Network Status v3.6.1
View Complete Change History
Copyright Â© 2006-2007, Joseph B. Kowalski
Portions Copyright Â© 2007, Kasimir Gabert
Source code is available under BSD license at project.torstatus.kgprog.com

+ \ No newline at end of file diff --git a/webtest/Data/tor_mock_ok.html b/webtest/Data/tor_mock_ok.html new file mode 100644 index 0000000..1b5e30a --- /dev/null +++ b/webtest/Data/tor_mock_ok.html @@ -0,0 +1,63 @@ + + + + + + +Tor Network Status -- Tor Exit Query + + +

+ + + + + + + + + + + + + + + + + + +

Tor Network Status -- Tor Exit Query

-The IP Address you entered matches one or more active Tor servers-

Server name: hviv103

+ + + + + +

+
+ + + +

+ +

+

+ +

+ + + + + +

+ \ No newline at end of file diff --git a/webtest/cds_test02.php b/webtest/cds_test02.php new file mode 100755 index 0000000..5dec4b4 --- /dev/null +++ b/webtest/cds_test02.php @@ -0,0 +1,96 @@ +#!/usr/bin/php +cmd_cls_register($tor_chk_cls)) == FALSE) { + fprintf(STDERR, "MAIN: 'tor_chk_cls' registration failed\n"); + exit(1); + } + + if (($debug & 1) == 1) { + printf("MAIN: CDS:\n"); + print_r($cds); + printf("\n"); + } + + // for ($i = -15 ; $i < 30 ; $i++) { + for ($i = 0 ; $i < 10 ; $i++) { + printf("MAIN: START ITERATION %d\n", $i); + + if ($i == 2) { + // Case OK + printf("MAIN: load 'tor_chk'\n"); + if ($cds->execute("tor_chk", $brisk, 24, "caffe", "178.162.193.213") == FALSE) { + printf("MAIN: push 'tor_chk' command failed\n"); + exit(123); + } + } + + else if ($i == 4) { + // Case Malformed output + printf("MAIN: load 'tor_chk'\n"); + if ($cds->execute("tor_chk", $brisk, 24, "caffe", "178.162.193.214") == FALSE) { + printf("MAIN: push 'tor_chk' command failed\n"); + exit(123); + } + } + else if ($i == 6) { + // Case NO + printf("MAIN: load 'tor_chk'\n"); + if ($cds->execute("tor_chk", $brisk, 24, "caffe", "178.162.193.215") == FALSE) { + printf("MAIN: push 'tor_chk' command failed\n"); + exit(123); + } + } + + printf("MAIN:"); + if (($debug & 1) == 1) { + printf(" CDS:\n"); + print_r($cds); + printf("\n"); + } + + printf("MAIN: Call process\n"); + $cds->process(); + sleep(1); + } + printf("MAIN: finished, dump cds:\n"); + print_r($cds); + // start loop + // print status + // if input data execute some command + // if end => clean exit + exit(0); +} + +main(); + +?> \ No newline at end of file diff --git a/webtest/tor_mock.php b/webtest/tor_mock.php new file mode 100644 index 0000000..50a9b37 --- /dev/null +++ b/webtest/tor_mock.php @@ -0,0 +1,20 @@ +

-The IP Address you entered matches one or more active Tor servers-

Server name: hviv103

+ + readfile("Data/tor_mock_ok.html"); +} +else if ($query_ip == "178.162.193.214") { + echo "NOTHING NOTHING!"; +} +else { + readfile("Data/tor_mock_bad.html"); +} +?>