Ejemplo n.º 1
0
class Attacker(Service, threading.Thread):
    def __init__(self):
        pass

    def name(self):
        return "attacker"

    def description(self):
        return "Attacker based on multiprocessing."

    def start(self, *args, **kwargs):
        self.log = NLog(self.name)
        self.log.info("Service attacker inited.")
        threading.Thread.start(self, *args, **kwargs)

    def stop(self):
        self.log.info("Service attacker stopped.")

    def setDaemon(self, *args, **kwargs):
        threading.Thread.setDaemon(self, *args, **kwargs)

    def make_parser(self, superparser):
        if not superparser:
            msg = "Need to give super parser"
            self.log.error(msg)
        subp = superparser.add_parser(self.name(), help=self.description())
        subp.add_argument("action", type=str, help="service action")

    def do(self, action):
        pass

    def run(self):
        atk_round = -1
        pass
Ejemplo n.º 2
0
class SubmitterService(Service, threading.Thread):
    def __init__(self):
        threading.Thread.__init__(self, name="Submitter")
        gc = ConfigParser()
        gc.read("/app/config/general.cfg")
        self.token = gc.get("GENERAL", "FLAG_TOKEN")

        self.flagq = Queue.Queue()
        self.isrun = True
        #self.token = token
        self.log = None

    def name(self):
        return "submitter"

    def description(self):
        return "Service used to submit flag and generate log."

    def stop(self):
        self.isrun = False
        self.log.info("Service submitter stopped.")

    def start(self, *args, **kwargs):
        self.log = NLog(self.name())
        self.log.info("Service submitter inited.")
        threading.Thread.start(self, *args, **kwargs)

    def make_completer(self):
        return None

    def make_parser(self, superparser=None):
        if not superparser:
            msg = "Need to give super parser"
        subp = superparser.add_parser(self.name(), help=self.description())
        subp.add_argument("action", type=str, help="service action")

    def setDaemon(self, *args, **kwargs):
        threading.Thread.setDaemon(self, *args, **kwargs)

    def do(self, action):
        if action == "help":
            print self.description()
        else:
            msg = "Unrecognized action for service {}: {}".format(
                self.name(), action)
            self.log.error(msg)

    def run(self):
        self.log.info("Submitter start running.")
        while self.isrun:
            try:
                if not self.flagq.empty():
                    flag = self.flagq.get()
                    self.submit(flag)
            except Exception as e:
                msg = str(e)
                self.log.error(e)
                #print(msg)

    def correct_flag(self, r):
        return {"status": "correct"}

    def submit(self, flag):
        url = "http://127.0.0.1:8099/"
        data = {"flag": flag.flag, "token": self.token}
        r = requests.post(url, data=data)
        self.report(flag, self.correct_flag(r.text))

    def report(self, flag, resp):
        msg = "Attack {ip}:{port} with payload {payload} {status}.".format(
            ip=flag.ip,
            port=flag.port,
            payload=flag.payload,
            status=resp["status"])
        print(msg)
        self.log.info("Report: " + msg)

    def add(self, flag, ip, port, payload):
        f = Flag(flag, ip, port, payload)
        self.flagq.put(f)
Ejemplo n.º 3
0
class GameboxService(Service):
    def __init__(self): 
        gc = ConfigParser()
        gc.read("/app/config/general.cfg")
        confpath = gc.get("GENERAL", "GAMEBOX_CONFIG")
        self.cfg = ConfigParser()
        #confpath="/app/config/gamebox.cfg"
        self.cfg.read(confpath)
        self.gameboxs = []

    def name(self):
        return "gamebox"

    def description(self):
        return "Gamebox service store gamebox information."

    def stop(self):
        self.log.info("Service Gamebox stopped.")
        pass

    def start(self, *args, **kwargs):
        self.log = NLog(self.name())
        msg = ("Service Gamebox inited.")
        self.log.info(msg)
        self.loadGameboxs()

    def setDaemon(self, *args, **kwargs):
        pass

    def make_parser(self, superparser):
        if not superparser:
            msg = "Need to give super parser"
            self.log.error(msg)
        subp = superparser.add_parser(self.name(), help=self.description())
        subp.add_argument("action", type=str, help="service action")

    def do(self, action):
        if action == "show":
            self.printGameboxs()
        elif action == "load" or action == "reload":
            self.loadGameboxs()
        else:
            msg = "Unrecognized action for service {}: {}".format(self.name(), action)
            self.log.error(msg)
            print msg

    def loadGameboxs(self):
        secs = self.cfg.sections()
        self.gameboxs = []
        for sec in secs:
            self.gameboxs.append(
                Gamebox(
                    sec,
                    self.cfg.get(sec, "IP"),
                    self.cfg.get(sec, "PORT"),
                    self.cfg.get(sec, "INNER_IP"),
                    self.cfg.get(sec, "INNER_PORT"),
                    self.cfg.get(sec, "SSH_PORT"),
                    self.cfg.get(sec, "SSH_USER"),
                    self.cfg.get(sec, "SSH_PASS")
                )
            )

    def printGameboxs(self):
        x = lambda x,y: safeGetAttr(x,y)
        pt = PrettyTable(['name', "ip", "port"])
        for gb in self.gameboxs:
            pt.add_row([
                x(gb, "name"),
                x(gb, "ip"),
                x(gb, "port")
            ])
        print(pt)

    def getGameboxs(self):
        return self.gameboxs

    def getGameboxByName(self, name):
        for gb in self.gameboxs:
            if gb.name == name:
                return gb
        return None

    def get_gamebox_names(self):
        return [each.name for each in self.gameboxs]

    def get_gamebox_ips(self):
        ret = []
        for each in self.gameboxs:
            ret.extend(genIPList(each.ip))
        return ret
Ejemplo n.º 4
0
class ExploitService(Service):
    def __init__(self):
        gc = ConfigParser()
        gc.read("/app/config/general.cfg")
        self.exppath = gc.get("GENERAL", "EXP_PATH")
        #self.exppath = "/app/exploits/"
        self.exps = {}
        self.log = None

    def name(self):
        return "exploit"

    def description(self):
        return "Exploit services"

    def stop(self):
        self.log.info("Service Exploit stopped.")
        pass

    def start(self, *args, **kwargs):
        self.log = NLog(self.name())
        self.log.info("Service Exploit inited.")
        self.loadAllExps()

    def setDaemon(self, *args, **kwargs):
        pass

    def make_parser(self, superparser):
        if not superparser:
            msg = "Need to give super parser"
            self.log.error(msg)
            return
        subp = superparser.add_parser(self.name(), help=self.description)
        subp.add_argument("action", type=str, help="service action")

    def do(self, action):
        if action == "show":
            self.printExps()
        elif action == "reload":
            c = WordCompleter(self.getExps)
            p = prompt("Which exp you want to reload:\n>> ", completer=c)
            exps = shlex.split(p)
            msg = "reload: " + str(exps)
            self.log.info(msg)
            self.reload(exps)
        else:
            msg = "Unrecognized action for service {}: {}".format(self.name(), action)
            print(msg)
            self.log.error(msg)

    def getExps(self):
        explist = []
        for f in os.listdir(self.exppath):
            if os.path.isfile(self.exppath + os.sep + f):
                if f[-3:] == ".py":
                    explist.append(f[:-3])
        return explist

    def loadExp(self, exp_name):
        """
        Load an exploit and return an exploit object.

        Args:
            exp_name: Script name of the exploit

        Returns:
            An exploit module if success, otherwise None.
        """
        try:
            exp_path = "{base}{fn}.py".format(base=self.exppath, fn=exp_name)
            mod = imp.load_source(exp_name, exp_path)
            obj = mod.Exploit()
            return mod
            #return obj 
        except Exception as e:
            msg = "Cannot load exploit `{exp_name}`".format(exp_name=exp_name)
            self.log.error(msg)
            print e
            return None

    def loadAllExps(self):
        self.exps = []
        exists_exps = self.getExps()
        ret = {}
        for exp in exists_exps:
            e = self.loadExp(exp)
            if e.Exploit().target in ret:
                ret[e.Exploit().target].append(e)
            else:
                ret[e.Exploit().target] = [e]
        for t in ret:
            ret[t].sort(key=lambda x: x.Exploit().level, reverse=True)
        self.exps = ret

    def printExps(self):
        x = lambda x,y: safeGetAttr(x,y)
        exp_list = []
        for k in self.exps:
            exp_list.extend(self.exps[k])
        pt = prettytable.PrettyTable(["file", "target", "author", "level", "timeout"])
        for exp in exp_list:
            pt.add_row([
                x(exp.Exploit(), "fname"),
                x(exp.Exploit(), "target"),
                x(exp.Exploit(), "author"),
                x(exp.Exploit(), "level"),
                x(exp.Exploit(), "timeout")
            ])
        print(pt)

    def getExpNameByPath(self, s):
        bname = os.path.basename(s)
        if bname.endswith(".py"):
            return bname[:-3]
        if bname.endswith(".pyc"):
            return bname[:-4]

    def reload(self, targets=[]):
        if 'all' in targets:
            self.loadAllExps()
            return

        for e in targets:
            for target in self.exps:
                l = self.exps[target]
                found = 0
                for ee in l:
                    if e == self.getExpNameByPath(ee.Exploit().fname):
                        self.exps[target].remove(ee)
                        self.exps[target].append(
                            self.loadExp(e)
                        )
                        self.exps[target].sort(key=lambda x: x.Exploit().level, reverse=True)
                        found = 1
                        break
                if found == 0:
                    msg = "Unable to find exploit {}".format(e)
                    print msg
                    self.log.error(e)
        return

    def getExpByTarget(self, target):
        return self.exps[target] if target in self.exps else []

    def get_exp_names(self):
        ret = []
        for k in self.exps:
            for exp in self.exps[k]:
                ret.append(exp.name())
        return ret