Skip to content

Commit

Permalink
Merge branch 'master' of https://github.com/wwhtrbbtt/TrackMe
Browse files Browse the repository at this point in the history
  • Loading branch information
peet committed Feb 5, 2023
2 parents 01c268f + a3d6ef2 commit fb5f6db
Show file tree
Hide file tree
Showing 10 changed files with 76 additions and 97 deletions.
9 changes: 9 additions & 0 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
FROM golang:1.18-alpine3.16

WORKDIR /app
COPY go.mod go.sum ./
COPY *.go ./
RUN go mod download
RUN go build -o ./out/app *.go

CMD [ "./out/app" ]
10 changes: 10 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -102,6 +102,16 @@ Param: `?by=<peetprint>`

Returns the most seen other identifiers (user-agent, h2, JA3) that were seen together with this identifier. Only works when connected to a database.

## Docker

You can also run the server in a docker container using docker-compose.

```bash
# generate certs and update your config.json
docker-compose -up --build
# visit https://localhost/api/all
```

## TLS & HTTP2 fingerprinting resources

- [TLS 1.3, every byte explained](https://tls13.xargs.org/)
Expand Down
6 changes: 3 additions & 3 deletions config.example.json
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
{
"log_to_db": true,
"log_to_db": false,
"tls_port": "443",
"http_port": "80",
"cert_file": "certs/chain.pem",
"key_file": "certs/key.pem",
"host": "0.0.0.0",
"mongoURL": "",
"mongo_database": "TrackMe",
"mongo_collection": "requests"
"mongo_log_ips": false,
"mongo_collection": "requests",
"mongo_log_ips": false
}
27 changes: 21 additions & 6 deletions connection_handler.go
Original file line number Diff line number Diff line change
Expand Up @@ -118,6 +118,11 @@ func parseHTTP2(f *http2.Framer, c chan ParsedFrame) {
if frame.PriorityParam.Exclusive {
p.Priority.Exclusive = 1
}
case *http2.GoAwayFrame:
p.GoAway = &GoAway{}
p.GoAway.LastStreamID = frame.LastStreamID
p.GoAway.ErrCode = uint32(frame.ErrCode)
p.GoAway.DebugData = frame.DebugData()
}

c <- p
Expand Down Expand Up @@ -235,6 +240,8 @@ func handleHTTP2(conn net.Conn, tlsFingerprint TLSDetails) {
}

var frame ParsedFrame
var headerFrame ParsedFrame

go parseHTTP2(fr, c)

for {
Expand All @@ -251,28 +258,36 @@ func handleHTTP2(conn net.Conn, tlsFingerprint TLSDetails) {
// log.Println(frame)
frames = append(frames, frame)
if frame.Type == "HEADERS" {
headerFrame = frame
}
if len(frame.Flags) > 0 && frame.Flags[0] == "EndStream (0x1)" {
break
}
}

// get method and path from the first headers frame
// get method, path and user-agent from the header frame
var path string
var method string
var userAgent string

for _, h := range frame.Headers {
for _, h := range headerFrame.Headers {
if strings.HasPrefix(h, ":method") {
method = strings.Split(h, ": ")[1]
}
if strings.HasPrefix(h, ":path") {
path = strings.Split(h, ": ")[1]
}
if strings.HasPrefix(h, "user-agent") {
userAgent = strings.Split(h, ": ")[1]
}
}

resp := Response{
IP: conn.RemoteAddr().String(),
HTTPVersion: "h2",
path: path,
Method: method,
UserAgent: userAgent,
Http2: &Http2Details{
SendFrames: frames,
AkamaiFingerprint: GetAkamaiFingerprint(frames),
Expand All @@ -292,18 +307,18 @@ func handleHTTP2(conn net.Conn, tlsFingerprint TLSDetails) {
encoder.WriteField(hpack.HeaderField{Name: "content-type", Value: ctype})

// Write HEADERS frame
err = fr.WriteHeaders(http2.HeadersFrameParam{StreamID: frame.Stream, BlockFragment: hbuf.Bytes(), EndHeaders: true})
err = fr.WriteHeaders(http2.HeadersFrameParam{StreamID: headerFrame.Stream, BlockFragment: hbuf.Bytes(), EndHeaders: true})
if err != nil {
log.Println("could not write headers: ", err)
return
}

chunks := splitBytesIntoChunks(res, 1024)
for _, c := range chunks {
fr.WriteData(frame.Stream, false, c)
fr.WriteData(headerFrame.Stream, false, c)
}
fr.WriteData(frame.Stream, true, []byte{})
fr.WriteGoAway(frame.Stream, http2.ErrCodeNo, []byte{})
fr.WriteData(headerFrame.Stream, true, []byte{})
fr.WriteGoAway(headerFrame.Stream, http2.ErrCodeNo, []byte{})

time.Sleep(time.Millisecond * 500)
conn.Close()
Expand Down
15 changes: 15 additions & 0 deletions docker-compose.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
version: "2.2"

services:
peet-tls:
image: peet-tls
build:
context: .
dockerfile: Dockerfile
volumes:
- ${PWD}/certs/:/app/certs
- ${PWD}/config.json:/app/config.json
- ${PWD}/blockedIPs:/app/blockedIPs
ports:
- "443:443"
- "80:80"
1 change: 0 additions & 1 deletion go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,6 @@ module main
go 1.17

require (
github.com/honeytrap/honeytrap v0.0.0-20211220121207-05965fc67dea
github.com/wwhtrbbtt/utls v0.0.0-20220918194152-45ee2a20799c
go.mongodb.org/mongo-driver v1.9.0
golang.org/x/net v0.0.0-20220708220712-1185a9018129
Expand Down
93 changes: 8 additions & 85 deletions go.sum

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion main.go
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@ func redirect(w http.ResponseWriter, r *http.Request) {
}

func StartRedirectServer(host, port string) {
// Starts a HTTP server on port 80 that redirects to the HTTPS server on port 443
// Starts an HTTP server on port 80 that redirects to the HTTPS server on port 443

local = host == "" && port != "443"

Expand Down
8 changes: 8 additions & 0 deletions structs.go
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,7 @@ type Response struct {
HTTPVersion string `json:"http_version"`
path string `json:"-"`
Method string `json:"method"`
UserAgent string `json:"user_agent,omitempty"`
TLS TLSDetails `json:"tls"`
Http1 *Http1Details `json:"http1,omitempty"`
Http2 *Http2Details `json:"http2,omitempty"`
Expand Down Expand Up @@ -74,6 +75,12 @@ type Priority struct {
Exclusive int `json:"exclusive"`
}

type GoAway struct {
LastStreamID uint32
ErrCode uint32
DebugData []byte
}

type ParsedFrame struct {
Type string `json:"frame_type,omitempty"`
Stream uint32 `json:"stream_id,omitempty"`
Expand All @@ -84,6 +91,7 @@ type ParsedFrame struct {
Increment uint32 `json:"increment,omitempty"`
Flags []string `json:"flags,omitempty"`
Priority *Priority `json:"priority,omitempty"`
GoAway *GoAway `json:"goaway,omitempty"`
}

type Config struct {
Expand Down
2 changes: 1 addition & 1 deletion utils.go
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,7 @@ func GetUserAgent(res Response) string {
var ua string

if res.HTTPVersion == "h2" {
headers = res.Http2.SendFrames[len(res.Http2.SendFrames)-1].Headers
return res.UserAgent
} else {
if res.Http1 == nil {
return ""
Expand Down

0 comments on commit fb5f6db

Please sign in to comment.