Python urllib.request.remote_addr() Examples
The following are 9
code examples of urllib.request.remote_addr().
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example.
You may also want to check out all available functions/classes of the module
urllib.request
, or try the search function
.
.
Example #1
| Source File: user.py From picoCTF with MIT License | 6 votes |
|
def _validate_captcha(data):
"""
Validate a captcha with google's reCAPTCHA.
Args:
data: the posted form data
"""
settings = api.config.get_settings()["captcha"]
post_data = urllib.parse.urlencode(
{
"secret": settings["reCAPTCHA_private_key"],
"response": data["g-recaptcha-response"],
"remoteip": flask.request.remote_addr,
}
).encode("utf-8")
request = urllib.request.Request(settings["captcha_url"], post_data, method="POST")
response = urllib.request.urlopen(request).read().decode("utf-8")
parsed_response = json.loads(response)
return parsed_response["success"] is True
Example #2
| Source File: peba.py From PEBA with GNU General Public License v3.0 | 6 votes |
|
def retrieveAlertsCyber():
""" Retrieve Alerts from ElasticSearch and return formatted
XML with limited alert content
"""
# get result from cache
getCacheResult = getCache(request.url, "url")
if getCacheResult is not False:
app.logger.debug('Returning /retrieveAlertsCyber from Cache for %s' % str(request.remote_addr))
return Response(getCacheResult)
# query ES
else:
returnResult = formatAlertsXml(queryAlerts(app.config['MAXALERTS'], checkCommunityIndex(request), getRelevantIndices(2)))
setCache(request.url, returnResult, 1, "url")
app.logger.debug('Returning /retrieveAlertsCyber from ES for %s' % str(request.remote_addr))
return Response(returnResult, mimetype='text/xml')
Example #3
| Source File: peba.py From PEBA with GNU General Public License v3.0 | 6 votes |
|
def querySingleIP():
""" Retrieve Attack data from index about a single IP
"""
# get result from cache
getCacheResult = getCache(request.url, "url")
if getCacheResult is not False:
app.logger.debug('Returning /querySingleIP from Cache for %s' % str(request.remote_addr))
return Response(getCacheResult)
# query ES
else:
returnResult = formatSingleIP(queryForSingleIP(app.config['MAXALERTS'], request.args.get('ip'), checkCommunityIndex(request), getRelevantIndices(0)))
setCache(request.url, returnResult, 60, "url")
app.logger.debug('Returning /querySingleIP from ES for %s' % str(request.remote_addr))
return Response(returnResult, mimetype='text/xml')
# Routes with both XML and JSON output
Example #4
| Source File: peba.py From PEBA with GNU General Public License v3.0 | 6 votes |
|
def retrieveAlertsJson():
""" Retrieve last 5 Alerts in JSON without IPs """
# set cacheItem independent from url parameters, respect community index
cacheEntry = request.url
# get result from cache
getCacheResult = getCache(cacheEntry, "url")
if getCacheResult is not False:
app.logger.debug('Returning /retrieveAlertsJson from Cache %s' % str(request.remote_addr))
return jsonify(getCacheResult)
# query ES
else:
numAlerts = 35
# Retrieve last X Alerts from ElasticSearch and return JSON formatted with limited alert content
returnResult = formatAlertsJson(queryAlertsWithoutIP(numAlerts, checkCommunityIndex(request), getRelevantIndices(2)))
setCache(cacheEntry, returnResult, 25, "url")
app.logger.debug('UNCACHED %s' % str(request.url))
return jsonify(returnResult)
Example #5
| Source File: honeyku.py From honeyku with GNU General Public License v3.0 | 5 votes |
|
def catch_all(path):
# Load the config file
config=load_config()
# Honeytoken alerts
if request.path in config['traps'] and request.path != "/favicon.ico":
# Preparing the alert message
alertMessage = alert_msg(request, config)
# Slack alert
if config['alert']['slack']['enabled'] == "true":
WEBHOOK_URL = config['alert']['slack']['webhook-url']
slack_alerter(alertMessage, WEBHOOK_URL)
# Email alert
if config['alert']['email']['enabled'] == "true":
email_alerter(alertMessage, config)
# SMS alert
#TODO: Complete and test the SMS alert
#if config['alert']['sms']['enabled'] == "true":
# sms_alerter(alertMessage, config)
#TODO: HTTP Endpoint Support
# Honeypot event logs
if request.headers.getlist("X-Forwarded-For"):
source_ip = request.headers.getlist("X-Forwarded-For")[0]
else:
source_ip = request.remote_addr
logger.info('{{"sourceip":"{}","host":"{}","request":"{}","http_method":"{}","body":"{}","user_agent":"{}"}}'.format(
source_ip, request.url_root, request.full_path, request.method, request.data, request.user_agent.string))
# Prepare and send the custom HTTP response
contype, body = generate_http_response(request, config)
# Customize the response using a template (in case you want to return a dynamic response, etc.)
# You can comment the next 2 lines if you don't want to use this. /Just an example/
if body == "custom.html":
return (render_template(body, browser = request.user_agent.browser, ua = request.user_agent.string))
return (send_file(body, mimetype=contype) if "image" in contype else render_template(body))
Example #6
| Source File: http_helpers.py From shavar with Mozilla Public License 2.0 | 5 votes |
|
def proxy(request, scheme, netloc, timeout=5):
"""Proxies and return the result from the other server.
- scheme: http or https
- netloc: proxy location
"""
parsed = urlparse(request.url)
path = parsed.path
params = parsed.params
query = parsed.query
fragment = parsed.fragment
url = urlunparse((scheme, netloc, path, params, query, fragment))
method = request.method
data = request.body
# copying all X- headers
xheaders = {}
for header, value in list(request.headers.items()):
if not header.startswith('X-'):
continue
xheaders[header] = value
if 'X-Forwarded-For' not in request.headers:
xheaders['X-Forwarded-For'] = request.remote_addr
if hasattr(request, '_authorization'):
xheaders['Authorization'] = request._authorization
status, headers, body = get_url(url, method, data, timeout=timeout,
extra_headers=xheaders)
return Response(body, status, list(headers.items()))
Example #7
| Source File: user.py From picoCTF with MIT License | 4 votes |
|
def rate_limit(limit=5, duration=60, by_ip=False, allow_bypass=False):
"""
Limits requests per user or ip to specified limit threshold
with lingering duration/expiry (as opposed to rolling interval).
Note that non-user IP limits should be more generous given shared IPs
likely in school networks.
Does not use Walrus rate_limit to avoid having to instantiate new instance
per rate-limit target.
:param limit: number of requests allowed before limit is enforced
:param duration: expiration of last request before limit is reset
:param by_ip: force keying by ip. Note that requests out of user context
default to ip-based key
:param allow_bypass: allow inclusion of bypass secret in HTTP header
"""
def decorator(f):
@wraps(f)
def wrapper(*args, **kwargs):
settings = api.config.get_settings()
if not settings.get("enable_rate_limiting", True):
return f(*args, **kwargs)
app_config = current_app.config
if allow_bypass or app_config.get("TESTING", False):
bypass_header = request.headers.get("Limit-Bypass")
if bypass_header == app_config["RATE_LIMIT_BYPASS_KEY"]:
return f(*args, **kwargs)
key_id = request.remote_addr
if is_logged_in():
current_user = get_user()
# Bypass admin
if current_user.get("admin", False):
return f(*args, **kwargs)
if not by_ip:
key_id = current_user["uid"]
_db = cache.get_conn()
key = "rate_limit:{}:{}".format(request.path, key_id)
# Avoid race conditions of setting (get-value + 1)
_db.incr(key)
_db.expire(key, duration)
count = int(_db.get(key))
if count is not None and count <= limit:
return f(*args, **kwargs)
else:
limit_msg = (
"Too many requests, slow down! "
"Limit: {}, {}s duration".format(limit, duration)
)
raise PicoException(limit_msg, 429)
return wrapper
return decorator
Example #8
| Source File: utils.py From flask-security with MIT License | 4 votes |
|
def login_user(user, remember=None, authn_via=None):
"""Perform the login routine.
If *SECURITY_TRACKABLE* is used, make sure you commit changes after this
request (i.e. ``app.security.datastore.commit()``).
:param user: The user to login
:param remember: Flag specifying if the remember cookie should be set.
Defaults to ``False``
:param authn_via: A list of strings denoting which mechanism(s) the user
authenticated with.
These should be one or more of ["password", "sms", "authenticator", "email"] or
other 'auto-login' mechanisms.
"""
if remember is None:
remember = config_value("DEFAULT_REMEMBER_ME")
if not _login_user(user, remember): # pragma: no cover
return False
if _security.trackable:
remote_addr = request.remote_addr or None # make sure it is None
old_current_login, new_current_login = (
user.current_login_at,
_security.datetime_factory(),
)
old_current_ip, new_current_ip = user.current_login_ip, remote_addr
user.last_login_at = old_current_login or new_current_login
user.current_login_at = new_current_login
user.last_login_ip = old_current_ip
user.current_login_ip = new_current_ip
user.login_count = user.login_count + 1 if user.login_count else 1
_datastore.put(user)
session["fs_cc"] = "set" # CSRF cookie
session["fs_paa"] = time.time() # Primary authentication at - timestamp
identity_changed.send(
current_app._get_current_object(), identity=Identity(user.fs_uniquifier)
)
user_authenticated.send(
current_app._get_current_object(), user=user, authn_via=authn_via
)
return True
Example #9
| Source File: honeyku.py From honeyku with GNU General Public License v3.0 | 4 votes |
|
def alert_msg(req, conf):
""" Prepare alert message dictionary """
# Message fields
url_root = req.url_root
full_path = req.full_path
path = req.path
data = req.data
http_method = req.method
useragent_str = req.user_agent.string
browser = req.user_agent.browser
browser_version = req.user_agent.version
browser_lang = req.user_agent.language
platform = req.user_agent.platform
headers = "{}".format(req.headers)
args = ["{}={}".format(key, value) for key, value in request.args.items()]
# X-Forwarded-For: the originating IP address of the client connecting to the Heroku router
if req.headers.getlist("X-Forwarded-For"):
source_ip = req.headers.getlist("X-Forwarded-For")[0]
else:
source_ip = req.remote_addr
# Search the config for the token note
note = None
if path in conf['traps']:
# Check if the token is defined and has note
for token in args:
if (token in conf['traps'][path]) and ("token-note" in conf['traps'][path][token]):
note = conf['traps'][path][token]['token-note']
# If the 'note' is still empty, use the trap/uri note (if there's any)
if ("trap-note" in conf['traps'][path]) and note is None:
note = conf['traps'][path]['trap-note']
#TODO: Threat Intel Lookup (Cymon v2)
# Message dictionary
msg = {
"token-note": note if note else "None",
"host": url_root,
"path": full_path if full_path else "None",
"http-method": http_method,
"token": args[0] if args else "None", #Only the first arg
"body": data if data else "None",
"source-ip": source_ip,
"user-agent": useragent_str,
"browser": browser if browser else "None",
"browser_version": browser_version if browser_version else "None",
"browser_lang": browser_lang if browser_lang else "None",
"platform": platform if platform else "None",
"http-headers": headers
#"threat-intel": threat_intel
}
return msg
