def __init__(self, proxylist, proxy_allow_addrs=None, admin_allow_addrs=None, proxy_credentials=None, admin_credentials=None, session_cls='proxytools.requests.ProxyListSession', **session_kwargs): if isinstance(session_cls, str): session_cls = import_string(session_cls) self.session = session_cls(proxylist, forgetful_cookies=True, enforce_content_length=True, **session_kwargs) self.proxylist = proxylist self.started_at = datetime.utcnow() self.proxy_allow_addrs = proxy_allow_addrs and netaddr.IPGlob( proxy_allow_addrs) self.admin_allow_addrs = admin_allow_addrs and netaddr.IPGlob( admin_allow_addrs) self.proxy_credentials = proxy_credentials self.admin_credentials = admin_credentials assert __file__.endswith('.py') self.frontend_html = open(__file__[:-3] + '.html').read() self.redirects = { '/': '/superproxy/', '/superproxy': '/superproxy/', } self.routes = { '/superproxy/': self.frontend, '/superproxy/requests': self.frontend, '/superproxy/countries': self.frontend, '/status': self.status, '/countries': self.countries, '/mem_top': self.mem_top, '/proxies': self.proxies, '/waiting': self.waiting, '/history': self.history, '/action': self.action, } self.actions_proxy = { attr[13:]: getattr(self, attr) for attr in dir(self) if attr.startswith('action_proxy_') } self.actions = { attr[7:]: getattr(self, attr) for attr in dir(self) if attr.startswith('action_') and not attr.startswith('action_proxy_') }
def ip_range(ip): try: r = [] for i in list(netaddr.IPGlob(ip)): r.append(i) return r except netaddr.core.AddrFormatError: invalid_ips.append(ip)
def load_proxy(): # Return if proxies specified in Px config # Check if need to refresh if (State.proxy_mode == MODE_CONFIG or (State.proxy_refresh is not None and time.time() - State.proxy_refresh < State.config.getint("settings", "proxyreload"))): dprint("Skip proxy refresh") return # Reset proxy server list State.proxy_mode = MODE_NONE State.proxy_server = [] # Get proxy info from Internet Options ie_proxy_config = WINHTTP_CURRENT_USER_IE_PROXY_CONFIG() ok = ctypes.windll.winhttp.WinHttpGetIEProxyConfigForCurrentUser(ctypes.byref(ie_proxy_config)) if not ok: dprint(ctypes.GetLastError()) else: if ie_proxy_config.fAutoDetect: State.proxy_mode = MODE_AUTO elif ie_proxy_config.lpszAutoConfigUrl: State.pac = ie_proxy_config.lpszAutoConfigUrl State.proxy_mode = MODE_PAC dprint("AutoConfigURL = " + State.pac) else: # Manual proxy proxies = [] proxies_str = ie_proxy_config.lpszProxy or "" for proxy_str in proxies_str.lower().replace(' ', ';').split(';'): if '=' in proxy_str: scheme, proxy = proxy_str.split('=', 1) if scheme.strip() != "ftp": proxies.append(proxy) elif proxy_str: proxies.append(proxy_str) if proxies: parse_proxy(",".join(proxies)) State.proxy_mode = MODE_MANUAL # Proxy exceptions into noproxy bypass_str = ie_proxy_config.lpszProxyBypass or "" # FIXME: Handle "<local>" bypasses = [h.strip() for h in bypass_str.lower().replace(' ', ';').split(';')] for bypass in bypasses: try: ipns = netaddr.IPGlob(bypass) State.noproxy.add(ipns) dprint("Noproxy += " + bypass) except: State.noproxy_hosts.append(bypass) dprint("Noproxy hostname += " + bypass) dprint("Proxy mode = " + str(State.proxy_mode)) State.proxy_refresh = time.time()
def __init__(self, proxylist, proxy_allow_addrs=None, admin_allow_addrs=None, proxy_credentials=None, admin_credentials=None, **session_kwargs): from .requests import ProxyListSession self.session = ProxyListSession(proxylist, forgetful_cookies=True, enforce_content_length=True, **session_kwargs) self.proxylist = proxylist self.started_at = datetime.utcnow() self.proxy_allow_addrs = proxy_allow_addrs and netaddr.IPGlob( proxy_allow_addrs) self.admin_allow_addrs = admin_allow_addrs and netaddr.IPGlob( admin_allow_addrs) self.proxy_credentials = proxy_credentials self.admin_credentials = admin_credentials assert __file__.endswith('.py') self.frontend_html = open(__file__[:-3] + '.html').read() self.redirects = { '/': '/superproxy/', '/superproxy': '/superproxy/', } self.routes = { '/superproxy/': self.frontend, '/superproxy/requests': self.frontend, '/superproxy/countries': self.frontend, '/status': self.status, '/countries': self.countries, '/mem_top': self.mem_top, '/proxies': self.proxies, '/waiting': self.waiting, '/history': self.history, '/action': self.action, }
def enable(self, enable_list=None): '''Set active set of connections via list of fnmatch/IP patterns to limit run_command; pass in None to reset to enable all connections''' self.disabled = set() if enable_list is None: self.console.q.put( (('ENABLED', True), 'All %d hosts currently enabled' % len(self.connections))) return if isinstance(enable_list, basestring): # Handle single value being passed instead of list enable_list = [enable_list] # Assemble an enabled list, then complement it at the end enabled = set() for pattern in enable_list: direct_match = self.locate(pattern) if direct_match: enabled.add(direct_match) continue # Try using pattern as IP network or glob first # if it doesn't look like either, then treat it as a name wildcard pattern_match = set() try: ip_match = netaddr.IPNetwork(pattern) except Exception as e: try: ip_match = netaddr.IPSet(netaddr.IPGlob(pattern)) except Exception as e: ip_match = None for host, t in self.connections.items(): if ip_match: try: if netaddr.IPAddress(t.getpeername()[0]) in ip_match: pattern_match.add(host) except Exception as e: pass else: if fnmatch.fnmatch(str(host), pattern): pattern_match.add(host) if len(pattern_match) > 1: self.console.q.put((('ENABLED', True), 'Pattern wildcard "%s" matched %d hosts' % (pattern, len(pattern_match)))) enabled.update(pattern_match) # Take complement of enabled set for host in self.connections: if host not in enabled: self.disabled.add(host) self.console.q.put( (('ENABLED', True), '%d hosts currently enabled' % len(enabled)))
def parseIP(ip): target_ips = [] if "/" in ip: for addr in netaddr.IPNetwork(ip.decode('utf-8')): target_ips.append(str(addr)) elif "-" in ip or "*" in ip: for addr in netaddr.IPGlob(ip.decode('utf-8')): target_ips.append(str(addr)) else: target_ips.append(str(netaddr.IPAddress(ip))) return target_ips
def generate_hosts(addr): """ 生成主机列表 :param addr: 地址 :type addr: str :return: 主机列表 :rtype: netaddr.ip.glob.IPGlob """ if "/" in addr: hosts = netaddr.IPNetwork(addr) else: hosts = netaddr.IPGlob(addr) return hosts
class State(object): allow = netaddr.IPGlob("*.*.*.*") config = None exit = False hostonly = False logger = None noproxy = netaddr.IPSet([]) pac = None proxy_mode = MODE_NONE proxy_refresh = None proxy_server = [] stdout = None useragent = "" ini = "px.ini" max_disconnect = 3 max_line = 65536 + 1
def parsenoproxy(noproxy): global NOPROXY nops = [i.strip() for i in noproxy.split(",")] for nop in nops: if not nop: continue try: if "-" in nop: spl = nop.split("-", 1) ipns = netaddr.IPRange(spl[0], spl[1]) elif "*" in nop: ipns = netaddr.IPGlob(nop) else: ipns = netaddr.IPNetwork(nop) NOPROXY.add(ipns) except: print("Bad noproxy IP definition") sys.exit()
def parseipranges(iprangesconfig): ipranges = netaddr.IPSet([]) iprangessplit = [i.strip() for i in iprangesconfig.split(",")] for iprange in iprangessplit: if not iprange: continue try: if "-" in iprange: spl = iprange.split("-", 1) ipns = netaddr.IPRange(spl[0], spl[1]) elif "*" in iprange: ipns = netaddr.IPGlob(iprange) else: ipns = netaddr.IPNetwork(iprange) ipranges.add(ipns) except: print("Bad IP definition: %s" % iprangesconfig) sys.exit() return ipranges
def lookup(name): '''Handle IPNetwork and IPGlob (and IPAddress) notation''' try: ip = netaddr.IPAddress(name) return __generator([ip]) except Exception: pass try: subnet = netaddr.IPNetwork(name) return __generator(subnet) except Exception: pass try: glob = netaddr.IPGlob(name) return __generator(glob) except Exception: pass return None
def run(self, argv, context): contexts = [] ipv4_addresses_gen = None try: # 192.168.1.0-255 try: ipv4_addresses_gen = netaddr.IPGlob(argv[0]) except netaddr.core.AddrFormatError as e: self.logger.debug('Caught exception %s' % str(e)) try: # 192.168.1.0/24 ipv4_addresses_gen = netaddr.IPNetwork(argv[0]) except netaddr.core.AddrFormatError as e: self.logger.debug('Caught exception %s' % str(e)) pass for ipv4_addr in ipv4_addresses_gen: contexts.append(hackersh.objects.RemoteSessionContext(IPV4_ADDRESS=str(ipv4_addr))) except TypeError as e: pass return contexts
def parsecli(): global DEBUG global LISTEN global LOGGER global MAX_IDLE global MAX_WORKERS global PORT global ALLOWLOCAL global ALLOW global GATEWAY_IPADDRESSES if "--debug" in sys.argv: LOGGER = Log("debug-%s.log" % multiprocessing.current_process().name, "w") DEBUG = True if getattr(sys, "frozen", False): attachConsole() if os.path.exists(INI): config = configparser.ConfigParser() config.read(INI) if "proxy" in config.sections(): if "server" in config.options("proxy"): server = config.get("proxy", "server").strip() if server: parseproxy(server) if "port" in config.options("proxy"): port = config.get("proxy", "port").strip() try: PORT = int(port) except ValueError: pass if "listen" in config.options("proxy"): listen = config.get("proxy", "listen").strip() if listen: LISTEN = listen if "allow" in config.options("proxy"): parseallow(config.get("proxy", "allow")) if "allowlocal" in config.options("proxy"): if config.get("proxy", "allowlocal") == "1": ALLOWLOCAL = True if "gateway" in config.options("proxy"): if config.get("proxy", "gateway") == "1": LISTEN = '' if "noproxy" in config.options("proxy"): parsenoproxy(config.get("proxy", "noproxy")) if "settings" in config.sections(): if "workers" in config.options("settings"): workers = config.get("settings", "workers").strip() try: MAX_WORKERS = int(workers) except ValueError: pass if "threads" in config.options("settings"): threads = config.get("settings", "threads").strip() try: MAX_THREADS = int(threads) except ValueError: pass if "idle" in config.options("settings"): idle = config.get("settings", "idle").strip() try: MAX_IDLE = int(idle) except ValueError: pass if "log" in config.options("settings"): if config.get("settings", "log") == "1": LOGGER = Log( "debug-%s.log" % multiprocessing.current_process().name, "w") DEBUG = True for i in range(len(sys.argv)): if "--proxy=" in sys.argv[i]: parseproxy(sys.argv[i].split("=")[1]) elif "--noproxy=" in sys.argv[i]: parsenoproxy(sys.argv[i].split("=")[1]) elif "--allow=" in sys.argv[i]: parseallow(sys.argv[i].split("=")[1]) elif "--allowlocal" in sys.argv[i]: ALLOWLOCAL = True if "--gateway" in sys.argv: LISTEN = '' if "--install" in sys.argv: install() elif "--uninstall" in sys.argv: uninstall() elif "--quit" in sys.argv: quit() if NTLM_PROXY is None: print("No proxy defined") sys.exit() if ALLOW is None: if ALLOWLOCAL: ALLOW = netaddr.IPSet() else: ALLOW = netaddr.IPGlob("*.*.*.*") GATEWAY_IPADDRESSES = ALLOW # Default. Will be overriden in verify_request() if allowlocal is used print("Serving at %s:%d proc %s" % (LISTEN, PORT, multiprocessing.current_process().name)) if getattr(sys, "frozen", False): detachConsole()
def try_auth(self, T, candidates, as_password=False, auth_user=None, allow_prompt=True): if not auth_user: auth_user = self.default_user for filter, value in candidates: if not T.is_active(): self.logger.error('Remote dropped connection') return None if filter and filter != '*': remote_ip = netaddr.IPAddress(T.getpeername()[0]) try: subnet = netaddr.IPGlob(filter) if remote_ip not in subnet: continue except netaddr.AddrFormatError: try: subnet = netaddr.IPNetwork(filter) if remote_ip not in subnet: continue except netaddr.AddrFormatError: # Not a subnet or IPGlob - try name based matching (fnmatch style, not regex) if not fnmatch.fnmatch(T.name, filter): continue try: if as_password: try: key = str(value) except Exception as e: self.logger.debug('Unusable password value (%s): [%s]', str(e), repr(value)) continue self.logger.debug('Trying password (%s) for %s', '*' * len(key), T.getpeername()[0]) # Quirky Force10 servers seem to request further password attempt # for a second stage - retry password as long as it is listed as an option while True: if 'password' not in T.auth_password( auth_user, str(key)): break else: # Actual keys may not be loaded yet. Only loaded when actively used, so # we don't prompt for passphrases unless we absolutely have to. # Python3: paramiko.AgentKey is not hashable, but also not eligible for # deferred loading, so don't try to lookup in dict as its not hashable, and # can't be used as a dict key. self.logger.debug('Trying private key (%s) for %s', repr(value), T.getpeername()[0]) if isinstance(value, paramiko.AgentKey ) or value not in self.deferred_keys: # Not deferred - the value IS the key key = value elif not self.deferred_keys[value]: # Deferred, and not yet loaded - try _importKey() to load it # limit to single thread for the _importKey() call with self.import_lock: if not self.deferred_keys[value]: self.deferred_keys[value] = _importKey( value, allow_prompt=allow_prompt, logger=self.logger) key = self.deferred_keys[value] else: # Deferred and already loaded key = self.deferred_keys[value] try: if isinstance(key, paramiko.PKey): T.auth_publickey(auth_user, key) else: self.logger.error('Skipping SSH key %s (%s)', value, str(key)) except paramiko.BadAuthenticationType as e: # Server configured to reject keys, don't bother trying any others return None if T.is_authenticated(): return key except paramiko.AuthenticationException as e: pass return None
def get_glob(range_str): wildcard = netaddr.IPGlob(range_str) return list(wildcard)