def save(self, args):
if os.path.isfile('templates/post/' + args[0] + '.json'):
print_error('File with given name already exists, pick another')
return
print_status("Saving template as json...")
with open("templates/post/" + args[0] + '.json', 'w') as outfile:
json.dump(self.module_attributes, outfile)
def command_use(self, module_path, *args, **kwargs):
module_path = pythonize_path(module_path)
module_path = ".".join(("core", "modules", module_path))
try:
self.current_module = import_template(module_path)()
except CurlFrameworkException as err:
print_error(str(err))
def _wrapper(self, *args, **kwargs):
try:
if args[1].count(" ") == space_number:
return []
except Exception as err:
print_error(err)
return wrapped_function(self, *args, **kwargs)
def command_show(self, *args, **kwargs):
sub_command = args[0]
try:
getattr(self, "_show_{}".format(sub_command))(*args, **kwargs)
except AttributeError:
print_error("Unknown 'show' subcommand '{}'. "
"Possible choices: {}".format(sub_command,
self.show_sub_commands))
def command_unsetg(self, *args, **kwargs):
key, _, value = args[0].partition(' ')
try:
del GLOBAL_OPTS[key]
except KeyError:
print_error("Cannot unset global option '{}'.\n"
"Available global options: {}".format(
key, list(GLOBAL_OPTS.keys())))
else:
print_success({key: value})
def command_delete(self, *args, **kwargs):
key, _, value = args[0].partition(" ")
if key in self.current_module.options:
templist = getattr(self.current_module, key)
if not isinstance(templist, dict):
print_error(
"Cannot delete attribute {}, only dictionary entries can be deleted, overwrite it instead"
.format(key))
return
del templist[value]
setattr(self.current_module, key, templist)
del self.current_module.module_attributes[key][0][value]
print_error("{} => {}".format(key, value))
def load(self, args):
if not os.path.isfile('templates/post/' + args[0] + '.json'):
print_error("File with given name does not exist")
return
print_status("Loading template {}".format(args[0]))
with open("templates/post/" + args[0] + '.json') as json_file:
data = json.load(json_file)
for key in self.module_attributes:
for p in data:
if key == p:
setattr(self, key, data[p][0])
self.module_attributes[key][0] = data[p][0]
continue
print_status("Template {} loaded successfully".format(args[0]))
def get(self):
try:
self._assert_valid()
print_info("Aiming for: " + self.scheme + "://" + self.host +
self.path)
self.path = self._forge_path_params()
r = requests.get(self.scheme + "://" + self.host + self.path,
headers=self.headers)
for key in r.headers:
print_info(key, r.headers[key])
print("Body:" + r.text)
except Exception as ex:
print_error(str(ex))
def start(self):
print_info(self.banner)
printer_queue.join()
while True:
try:
command, args, kwargs = self.parse_line(input(self.prompt))
if not command:
continue
command_handler = self.get_command_handler(command)
command_handler(args, **kwargs)
except CurlFrameworkException as err:
print_error(err)
except (EOFError, KeyboardInterrupt, SystemExit):
print_info()
print_error("Curly stopped")
break
finally:
printer_queue.join()
def command_set(self, *args, **kwargs):
key, _, value = args[0].partition(" ")
if key in self.current_module.options:
if isinstance(self.current_module.module_attributes[key][0], dict):
print_error(
"Cannot set value for field {}, use add command instead".
format(key))
return
setattr(self.current_module, key, value)
self.current_module.module_attributes[key][0] = value
if kwargs.get("glob", False):
GLOBAL_OPTS[key] = value
print_success("{} => {}".format(key, value))
else:
print_error("You can't set option: '{}'.\n"
"Available options: {}".format(
key, self.current_module.options))
def nonInteractive(self, argv):
module = ""
set_opts = []
try:
opts, args = getopt.getopt(argv[1:], "hm:s",
["help=", "module=", "set="])
except getopt.GetoptError:
print_info("{} -m <module> -s \"<option> <value>\"".format(
argv[0]))
printer_queue.join()
return
for opt, arg in opts:
if opt in ("-h", "--help"):
print_info("{} -m <module> -s \"<option> <value>\"".format(
argv[0]))
printer_queue.join()
return
elif opt in ("-m", "--module"):
module = arg
elif opt in ("-s", "--set"):
set_opts.append(arg)
if not len(module):
print_error('A module is required when running non-interactively')
printer_queue.join()
return
self.command_use(module)
for opt in set_opts:
self.command_set(opt)
self.command_run()
printer_queue.join()
return
def command_run(self, *args, **kwargs):
print_status("Running module {}...".format(self.current_module))
sub_command = args[0]
try:
getattr(self.current_module, sub_command)()
except KeyboardInterrupt:
print_info()
print_error("Operation cancelled by user")
except AttributeError:
if sub_command is '':
print_error("Usage: run <request method: {}>".format(
"get, post, put, delete"))
else:
print_error("Unknown command [{}]".format(sub_command))
except Exception as ex:
print_error(str(ex))
def command_search(self, *args, **kwargs):
mod_type = ''
mod_detail = ''
mod_vendor = ''
existing_modules = [
name for _, name, _ in pkgutil.iter_modules([MODULES_DIR])
]
# TODO: Probably gonna need refactoring
devices = [
name for _, name, _ in pkgutil.iter_modules(
[os.path.join(MODULES_DIR, 'modules')])
]
payloads = [
name for _, name, _ in pkgutil.iter_modules(
[os.path.join(MODULES_DIR, 'payloads')])
]
try:
keyword = args[0].strip("'\"").lower()
except IndexError:
keyword = ''
if not (len(keyword) or len(kwargs.keys())):
print_error("Please specify at least one search keyword")
print_error(
"You can specify options, eg 'search type=modules etc'")
for (key, value) in kwargs.items():
if key == 'type':
if value not in existing_modules:
print_error("Unknown module type")
return
mod_type = "{}.".format(value)
elif key in ['device', 'language', 'payload']:
if key == 'device' and (value not in devices):
print_error("Unknown module type")
return
elif key == 'payload' and (value not in payloads):
print_error("Unknown payload type")
return
mod_detail = ".{}.".format(value)
elif key == 'vendor':
mod_vendor = ".{}.".format(value)
for module in self.modules:
if mod_type not in str(module):
continue
if mod_detail not in str(module):
continue
if mod_vendor not in str(module):
continue
if not all(word in str(module) for word in keyword.split()):
continue
found = humanize_path(module)
if len(keyword):
for word in keyword.split():
found = found.replace(word,
"\033[31m{}\033[0m".format(word))
print_info(found)
def command_load(self, *args, **kwargs):
if args[0] is not None and args[0] is not '':
self.current_module.load(args=args)
else:
print_error("Template name must be specified")
def wrapper(self, *args, **kwargs):
if not self.current_module:
print_error("You have to activater any module with 'use' command.")
return
return fn(self, *args, **kwargs)