poljakowski/cloak
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Added support for apache24 mod_wsgi.

Browse source
This commit is contained in:
darko-poljak 2015-09-20 08:10:07 +02:00
parent 25e17d32fd
commit 0630e5f841
4 changed files with 77 additions and 47 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
README.rst
View file

@ -14,7 +14,10 @@ below).
Content size can be limited. Content size can be limited.
It uses lock which allows only one request at a time. It uses lock which allows only one request at a time.
It is implemented with bottle microframework. It is implemented with bottle microframework.
It is a hack! :) It is a hack! :)
This tool was written to deceive/fool proxy which prevented me to
download usefull tools and/or source code files.
Usage Usage
===== =====
@ -39,19 +42,23 @@ save it to data.tar.xz:
cat DATA.txt | python x.py d > data.tar.xz cat DATA.txt | python x.py d > data.tar.xz
Run it in development mode: Run it in development mode using python wsgiref:
.. code:: bash .. code:: bash
python x.py ANY-ARG python x.py ANY-ARG
python x.py x python x.py x
Run it in production mode: Run it in production mode using python wsgiref:
.. code:: bash .. code:: bash
python x.py python x.py
Run it as apache24 wsig:
see apache-config file for apache configuration
When you use this same tool for prepareing target URL and decrypting When you use this same tool for prepareing target URL and decrypting
target content on the client then x.py need to be defined with the same AES target content on the client then x.py need to be defined with the same AES
KEY and IV values as on the server. KEY and IV values as on the server.
@ -61,6 +68,8 @@ Installation
Copy bottle.py and x.py to the desired server and directory and run it. Copy bottle.py and x.py to the desired server and directory and run it.
For use with apache24 install mod_wsgi and see apache-config file for apache configuration.
Documentation Documentation
============= =============
@ -82,7 +91,5 @@ Further development ideas
* Add configuration file. * Add configuration file.
* Add apache mod_wsgi support.
* Support defined maximum requests at a time instead of one lock. * Support defined maximum requests at a time instead of one lock.

13
apache-config Executable file
View file

@ -0,0 +1,13 @@
<VirtualHost _default_:80>
ServerName cloak
ServerAdmin webmaster@localhost
WSGIScriptAlias /x "/home/freebsd/x/wsgi.py"
WSGIDaemonProcess x user=www group=www python-path="/home/freebsd/x"
<Directory "/home/freebsd/x">
WSGIProcessGroup x
WSGIApplicationGroup %{GLOBAL%}
Require all granted
</Directory>
</VirtualHost>

6
wsgi.py Executable file
View file

@ -0,0 +1,6 @@
import os
os.chdir(os.path.dirname(__file__))
import x
application = x.b.default_app()

90
x.py
View file

@ -22,12 +22,15 @@ AES_MODE = AES.MODE_CFB
AES_IV = r'A123B890JKL @%#$' AES_IV = r'A123B890JKL @%#$'
AES_KEY = r')(*+AKIM 313 321kjah.;klk@sfsd%$' AES_KEY = r')(*+AKIM 313 321kjah.;klk@sfsd%$'
debug = False
py3k = sys.version_info >= (3, 0, 0) py3k = sys.version_info >= (3, 0, 0)
if py3k: if py3k:
import urllib.request as urlreq import urllib.request as urlreq
import urllib.parse as urlpar import urllib.parse as urlpar
stdout_write = sys.stdout.buffer.write stdout_write = sys.stdout.buffer.write
def get_content_length(r): def get_content_length(r):
foo = r.getheader('Content-Length') foo = r.getheader('Content-Length')
if foo: if foo:
@ -39,6 +42,7 @@ else:
import urllib as urlpar import urllib as urlpar
stdout_write = sys.stdout.write stdout_write = sys.stdout.write
def get_content_length(r): def get_content_length(r):
foo = r.info().getheaders('Content-Length') foo = r.info().getheaders('Content-Length')
if foo and len(foo) >= 1: if foo and len(foo) >= 1:
@ -108,49 +112,49 @@ def x(url):
aes = aes_new() aes = aes_new()
return base64.b64encode(zlib.compress(aes.encrypt(x))) return base64.b64encode(zlib.compress(aes.encrypt(x)))
argc = len(sys.argv) if __name__ == "__main__":
if argc > 1: argc = len(sys.argv)
aes = aes_new() if argc > 1:
if sys.argv[1] == '-h': aes = aes_new()
print("usage: {0} -h print help".format(sys.argv[0])) if sys.argv[1] == '-h':
print("usage: {0} c TARGET encode TARGET".format(sys.argv[0])) print("usage: {0} -h print help".format(sys.argv[0]))
print("usage: {0} d decode stdin".format(sys.argv[0])) print("usage: {0} c TARGET encode TARGET".format(sys.argv[0]))
print("usage: {0} ANY run server in debug mode on 8080".format( print("usage: {0} d decode stdin".format(sys.argv[0]))
sys.argv[0])) print("usage: {0} ANY run server in debug mode on"
print("usage: {0} run server on 80".format(sys.argv[0])) "8080".format(sys.argv[0]))
sys.exit(0) print("usage: {0} run server on 80".format(sys.argv[0]))
elif sys.argv[1] == 'c': sys.exit(0)
if argc < 3: elif sys.argv[1] == 'c':
print("missing target") if argc < 3:
sys.exit(1) print("missing target")
sys.exit(1)
else:
# encode target url
if sys.argv[1] == 'c':
foo = str.encode(sys.argv[2])
foo = aes.encrypt(foo)
foo = zlib.compress(foo)
foo = base64.b64encode(foo)
stdout_write(foo)
print()
sys.exit(0)
# decode data from stdin
elif sys.argv[1] == 'd':
foo = str.encode(sys.stdin.read())
foo = base64.b64decode(foo)
foo = zlib.decompress(foo)
foo = aes.decrypt(foo)
stdout_write(foo)
sys.exit(0)
else: else:
# encode target url # run dev server
if sys.argv[1] == 'c': host = DEV_HOST
foo = str.encode(sys.argv[2]) port = DEV_PORT
foo = aes.encrypt(foo) debug = True
foo = zlib.compress(foo)
foo = base64.b64encode(foo)
stdout_write(foo)
print()
sys.exit(0)
# decode data from stdin
elif sys.argv[1] == 'd':
foo = str.encode(sys.stdin.read())
foo = base64.b64decode(foo)
foo = zlib.decompress(foo)
foo = aes.decrypt(foo)
stdout_write(foo)
sys.exit(0)
else: else:
# run dev server # run production server
host = DEV_HOST host = PRODUCTION_HOST
port = DEV_PORT port = PRODUCTION_PORT
debug = True debug = False
else:
# run production server
host = PRODUCTION_HOST
port = PRODUCTION_PORT
debug = False
b.run(host=host, port=port, debug=debug, reloader=True)
b.run(host=host, port=port, debug=debug, reloader=True)