From 107140acd8c6d44befe96cad135a16f36a07417c Mon Sep 17 00:00:00 2001 From: Liam Glanfield Date: Fri, 26 Oct 2018 22:26:56 +0100 Subject: [PATCH] Added support for 'X-Forwarded-For' header --- lib/listeners/http.py | 23 +++++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) diff --git a/lib/listeners/http.py b/lib/listeners/http.py index 2b8e722af..ecf20a43b 100644 --- a/lib/listeners/http.py +++ b/lib/listeners/http.py @@ -939,9 +939,16 @@ def check_ip(): """ Before every request, check if the IP address is allowed. """ - if not self.mainMenu.agents.is_ip_allowed(request.remote_addr): + + if request.headers.getlist("X-Forwarded-For"): + clientIP = request.headers.getlist("X-Forwarded-For")[0] + else: + clientIP = request.remote_addr + clientIP = clientIP.encode('utf-8') + + if not self.mainMenu.agents.is_ip_allowed(clientIP): listenerName = self.options['Name']['Value'] - message = "[!] {} on the blacklist/not on the whitelist requested resource".format(request.remote_addr) + message = "[!] {} on the blacklist/not on the whitelist requested resource".format(clientIP) signal = json.dumps({ 'print': True, 'message': message @@ -996,7 +1003,11 @@ def handle_get(request_uri): This is used during the first step of the staging process, and when the agent requests taskings. """ - clientIP = request.remote_addr + if request.headers.getlist("X-Forwarded-For"): + clientIP = request.headers.getlist("X-Forwarded-For")[0] + else: + clientIP = request.remote_addr + clientIP = clientIP.encode('utf-8') listenerName = self.options['Name']['Value'] message = "[*] GET request for {}/{} from {}".format(request.host, request_uri, clientIP) @@ -1100,7 +1111,11 @@ def handle_post(request_uri): """ stagingKey = listenerOptions['StagingKey']['Value'] - clientIP = request.remote_addr + if request.headers.getlist("X-Forwarded-For"): + clientIP = request.headers.getlist("X-Forwarded-For")[0] + else: + clientIP = request.remote_addr + clientIP = clientIP.encode('utf-8') requestData = request.get_data()