#!/usr/bin/env python3
"""
Harmloser C2-Server für Security Training
Empfängt simulierten Malware-Traffic für PCAP-Analyse
"""

from http.server import BaseHTTPRequestHandler, HTTPServer
import urllib.parse
from datetime import datetime

PORT = 8088

class C2Handler(BaseHTTPRequestHandler):
    def log_message(self, format, *args):
        timestamp = datetime.now().strftime("%H:%M:%S")
        print(f"[{timestamp}] {args[0]}")

    def do_GET(self):
        if "/checkin" in self.path:
            parsed = urllib.parse.urlparse(self.path)
            params = urllib.parse.parse_qs(parsed.query)
            beacon_id = params.get('id', ['unknown'])[0]

            print(f"[BEACON] ID: {beacon_id}, Client: {self.client_address[0]}")

            self.send_response(200)
            self.send_header("Content-Type", "text/plain")
            self.end_headers()
            self.wfile.write(b"OK")
        else:
            self.send_response(404)
            self.end_headers()

    def do_POST(self):
        if "/exfil" in self.path:
            content_length = int(self.headers.get('Content-Length', 0))
            post_data = self.rfile.read(content_length).decode('utf-8')

            print(f"[EXFIL] Size: {content_length} bytes, Client: {self.client_address[0]}")

            self.send_response(200)
            self.send_header("Content-Type", "text/plain")
            self.end_headers()
            self.wfile.write(b"RECEIVED")
        else:
            self.send_response(404)
            self.end_headers()

def main():
    print("=" * 50)
    print("Harmless C2 Server Simulation")
    print("=" * 50)
    print(f"Listening on port {PORT}")
    print("Press Ctrl+C to stop")
    print("=" * 50 + "\n")

    server = HTTPServer(("0.0.0.0", PORT), C2Handler)
    server.serve_forever()

if __name__ == "__main__":
    try:
        main()
    except KeyboardInterrupt:
        print("\n[EXIT] Server stopped")