From fa920e498aa985c1dbe3124ac3cc615117646c13 Mon Sep 17 00:00:00 2001 From: Beeram12 Date: Sat, 8 Mar 2025 16:17:21 +0530 Subject: [PATCH 1/2] Added handler for HTTP2/PRI --- protocols/protocols.go | 2 +- protocols/tcp/http.go | 10 +++++++++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/protocols/protocols.go b/protocols/protocols.go index 31e9087..bad52e5 100644 --- a/protocols/protocols.go +++ b/protocols/protocols.go @@ -75,7 +75,7 @@ func MapTCPProtocolHandlers(log interfaces.Logger, h interfaces.Honeypot) map[st return nil } // poor mans check for HTTP request - httpMap := map[string]bool{"GET ": true, "POST": true, "HEAD": true, "OPTI": true, "CONN": true} + httpMap := map[string]bool{"GET ": true, "POST": true, "HEAD": true, "OPTI": true, "CONN": true,"PRI": true} if _, ok := httpMap[strings.ToUpper(string(snip))]; ok { return tcp.HandleHTTP(ctx, bufConn, md, log, h) } diff --git a/protocols/tcp/http.go b/protocols/tcp/http.go index 221ffbb..b18ef8c 100644 --- a/protocols/tcp/http.go +++ b/protocols/tcp/http.go @@ -123,7 +123,15 @@ func HandleHTTP(ctx context.Context, conn net.Conn, md connection.Metadata, logg logger.Error("Failed to close the HTTP connection", producer.ErrAttr(err)) } }() - + + reader := bufio.NewReader(conn) + preface,err := reader.Peek(24) + if err==nil && bytes.Equal(preface, []byte("PRI * HTTP/2.0\r\n\r\nSM\r\n\r\n")){ + settingsFrame := []byte("\x00\x00\x00\x04\x00\x00\x00\x00\x00") + _,_ = conn.Write(settingsFrame) + return conn.Close() + } + req, err := http.ReadRequest(bufio.NewReader(conn)) if err != nil { return fmt.Errorf("failed to read the HTTP request: %w", err) From 76d70b2545c1fe6967dae70c2c14d4b98c8edff4 Mon Sep 17 00:00:00 2001 From: Beeram12 Date: Tue, 11 Mar 2025 18:20:53 +0530 Subject: [PATCH 2/2] Formatted the code and improved error conditionality --- protocols/protocols.go | 9 ++++++++- protocols/tcp/http.go | 20 +++++++++++++++----- 2 files changed, 23 insertions(+), 6 deletions(-) diff --git a/protocols/protocols.go b/protocols/protocols.go index bad52e5..bd18fb0 100644 --- a/protocols/protocols.go +++ b/protocols/protocols.go @@ -75,7 +75,14 @@ func MapTCPProtocolHandlers(log interfaces.Logger, h interfaces.Honeypot) map[st return nil } // poor mans check for HTTP request - httpMap := map[string]bool{"GET ": true, "POST": true, "HEAD": true, "OPTI": true, "CONN": true,"PRI": true} + httpMap := map[string]bool{ + "GET ": true, + "POST": true, + "HEAD": true, + "OPTI": true, + "CONN": true, + "PRI ": true, + } if _, ok := httpMap[strings.ToUpper(string(snip))]; ok { return tcp.HandleHTTP(ctx, bufConn, md, log, h) } diff --git a/protocols/tcp/http.go b/protocols/tcp/http.go index b18ef8c..6b74fd9 100644 --- a/protocols/tcp/http.go +++ b/protocols/tcp/http.go @@ -7,6 +7,7 @@ import ( "encoding/hex" "encoding/json" "fmt" + "io" "log/slog" "net" "net/http" @@ -123,15 +124,24 @@ func HandleHTTP(ctx context.Context, conn net.Conn, md connection.Metadata, logg logger.Error("Failed to close the HTTP connection", producer.ErrAttr(err)) } }() - + reader := bufio.NewReader(conn) - preface,err := reader.Peek(24) - if err==nil && bytes.Equal(preface, []byte("PRI * HTTP/2.0\r\n\r\nSM\r\n\r\n")){ + preface, err := reader.Peek(24) + if err != nil { + if err == io.EOF { + logger.Debug("Client disconneted early") + return nil + } + return fmt.Errorf("failed to peek HTTP/2 preface: %w", err) + } + if bytes.Equal(preface, []byte("PRI * HTTP/2.0\r\n\r\nSM\r\n\r\n")) { settingsFrame := []byte("\x00\x00\x00\x04\x00\x00\x00\x00\x00") - _,_ = conn.Write(settingsFrame) + if _, err := conn.Write(settingsFrame); err != nil { + logger.Error("Failed to write HTTP/2 response", slog.String("error", err.Error())) + } return conn.Close() } - + req, err := http.ReadRequest(bufio.NewReader(conn)) if err != nil { return fmt.Errorf("failed to read the HTTP request: %w", err)