def decrypt(file, key, extension=EXTENSION, exception=False):
if (os.path.isfile(file)):
if (file.endswith('.{}'.format(extension)) == True):
with open(file, 'rb') as obj:
try:
file_decrypt = simplycrypt.decrypt(key, obj.read(), False)
except:
if (exception == True):
raise
else:
raise decryptionError('¡Error desencriptando los datos!')
with open(file, 'wb') as obj:
obj.write(file_decrypt)
os.rename(file, os.path.splitext(file)[0])
return(os.path.splitext(file)[0])
else:
raise FileNotFoundError('¡El archivo "{}" no existe!'.format(file))
def sendDirector(self, data, command):
self.directors = uniqdata.uniqdata(self.directors)
raw_data = {}
for _ in self.directors:
(url, user, passwd, db_passwd
) = _['url'], _['username'], _['passphrase'], _['db_passwd']
_data = {
'chars': self.chars,
'iterations': self.iterations,
'security_number': self.security_number,
'decrement_number': self.decrement_number,
'passphrase': self.passphrase,
'id': self.bot_id,
'data': data,
'command': (user, passwd, command)
}
try:
_response = requests.post(
url,
data=simplycrypt.encrypt(passwd, _data),
verify=False,
timeout=global_conf.connector['timeout']).content
except Exception as Except:
_response = str(Except)
else:
if not (_response == b'') and not (_response == ''):
_response = simplycrypt.decrypt(db_passwd, _response)
raw_data[url] = _response
time.sleep(self.sleep)
return (raw_data)
def read(key, password, path):
__create(path)
try:
with shelve.open(path, flag='r') as obj:
_data = obj[sha512(key.encode()).hexdigest()]
except:
#DEBUG
#raise
return (False)
else:
return (simplycrypt.decrypt(password, _data))
verbose('Enviando a: "{}"'.format(url))
response = requests.post(url,
data=simplycrypt.encrypt(
token, {
'token': token,
'command': ('sendSOS', slack)
}),
headers=headers)
status_code = response.status_code
if (status_code == 200):
response_decrypted = simplycrypt.decrypt(token, response.content)
if (response_decrypted == True):
verbose('¡Enviado!')
else:
verbose('¡Error enviando el mensaje!')
elif (status_code == 411):
verbose(
'Evie, no permitio qué accedas, debido a un error por tú parte')
elif (status_code == 403):
pass
try:
chmod('{}.db'.format(db), 0o644)
except:
pass
return (db)
_encrypt = lambda data: simplycrypt.encrypt(_new_passwd, data)
_decrypt = lambda data: simplycrypt.decrypt(_new_passwd, data)
def getDB(agent=USE_DEFEND, personal=None):
db = __agentDetect(agent, None, False, True, personal)
return (db)
def raw(agent=USE_BOT, username=None, separate=False, personal=None):
db = __agentDetect(agent, username, separate, personal=personal)
try:
def connect(url,
token,
command,
data,
log,
return_exception=True,
headers=None):
if not (isinstance(url, str)):
log.logger('El tipo de dato de la URL no es correcto', debug.WAR)
return (False)
if not (isinstance(url, str)):
log.logger('El tipo de dato del token de acceso no es correcto',
debug.WAR)
return (False)
share = {}
share['token'] = token
log.logger('Usando el acceso público de "%s"' % (url), debug.INF)
try:
try:
pubKey = wrap.getall(wrap.USE_TMP)[sha1(
url.encode()).hexdigest()]['pub_key']
except KeyError:
log.logger(
'No se encontro la clave pública en el almacén ... Descargandola de: "%s"'
% (url), debug.PER)
share['command'] = ('getPubKey', None)
pubKey = simplycrypt.decrypt(
token,
requests.post(
url=url,
data=simplycrypt.encrypt(token, share),
headers=headers,
verify=False,
timeout=global_conf.connector['timeout']).content)
if (pubKey == False):
log.logger(
'Hubo un error extrayendo la clave pública de: "%s"' %
(url), debug.COM)
return (False)
log.logger('Almacenando la clave pública en el almacén ...',
debug.INF)
if (wrap.add(sha1(url.encode()).hexdigest(), {'pub_key': pubKey},
agent=wrap.USE_TMP) == True):
log.logger('La clave pública se guardó en el almacén',
debug.INF)
else:
log.logger(
'Error guardando la clave pública en el almacén ...',
debug.WAR)
return (False)
log.logger('Enviando "%s" a "%s" ...' % (command, url), debug.PER)
share['command'] = (command, data)
content = simplycrypt.decrypt(
token,
requests.post(url=url,
data=simplycrypt.encrypt(token, share),
headers=headers,
verify=False,
timeout=global_conf.connector['timeout']).content)
log.logger('Contenido enviado con éxito a: "%s"' % (url), debug.PER)
return (content)
except Exception as Except:
log.logger(
'Ocurrio un error conectando a un acceso público. Excepción: "%s"'
% (Except), debug.WAR)
if (return_exception == True):
return (str(Except))
else:
return (False)
if (check_url.check(args.url, None, False) == True):
verbose('La dirección URL no es válida ...')
sys.exit(1)
else:
verbose('¡La dirección URL es válida!')
_verify = requests.post(url,
data=simplycrypt.encrypt(password, 'get_hash'),
verify=False,
timeout=global_conf.connector['timeout'],
headers=headers)
_detect_status_code(_verify.status_code)
_hash_to_cmp = simplycrypt.decrypt(database_password, _verify.content)
verbose('Identificador del director: "%s"' % (_hash_to_cmp))
verbose('Comparando con: "%s"' % (hash_))
if (_hash_to_cmp == hash_):
verbose('[OK]: (%s == %s)' % (_hash_to_cmp, hash_))
else:
verbose('[ERROR]: NOT (%s == %s)' % (_hash_to_cmp, hash_))
verbose('El identificador no es correcto ...')
sys.exit(1)
verbose('El identificador es correcto. Continuando ...')
def do_POST(self):
global request_count_safe
share = False
request_count_safe['POST'] += 1
if (self.eject() == True): return
content_length = self.headers['Content-Length']
if (content_length == None):
self.do_AUTHHEAD()
return
content_length = int(content_length)
if (content_length <= 0):
self.do_AUTHHEAD()
return
post_data = self.rfile.read(content_length)
if (len(post_data) <= 0):
self.do_AUTHHEAD()
return
try:
_extract_post_data = extract_http_post_data.extract(post_data)
except Exception as Except:
_extract_post_data = False
else:
rusername = _extract_post_data.get('username')
rpassword = _extract_post_data.get('passphrase')
data_ = _extract_post_data.get('data')
runiqkey = _extract_post_data.get('uniqkey')
security_chars = _extract_post_data.get('chars')
security_number = _extract_post_data.get('security_number')
security_decrement_number = _extract_post_data.get(
'decrement_number')
security_iterations = _extract_post_data.get('iterations')
reply = _extract_post_data.get('reply')
if (None in [
rusername, rpassword, data_, runiqkey, security_chars,
security_number, security_decrement_number,
security_iterations
]):
_extract_post_data = False
evalue_exp = None
else:
_decipher = lambda dat: hibrid.decrypt(dat, private_key)
try:
rusername = _decipher(rusername)
rpassword = _decipher(rpassword)
data_ = _decipher(data_)
runiqkey = _decipher(runiqkey)
security_chars = _decipher(security_chars)
security_number = _decipher(security_number)
security_decrement_number = _decipher(
security_decrement_number)
security_iterations = _decipher(security_iterations)
reply = _decipher(reply)
except:
self.imprint(
'No se pudo desencriptar los datos por parámetros ...',
WAR)
_extract_post_data = False
else:
evalue_exp = [
True, True, True, True, False, True, True, True, True
]
if (_extract_post_data == False):
try:
data = hibrid.decrypt(post_data, private_key)
except Exception as Except:
self.imprint(
'Error desencriptando datos. Intentando con el cifrado simetrico ...',
WAR)
try:
data = simplycrypt.decrypt(token, post_data)
if (data == None):
raise
except Exception as Except:
self.imprint(
'No se desencriptaron los datos ni con el cifrado simetrico ...',
COM)
self.do_AUTHHEAD()
return
else:
self.imprint(
'Los datos fueron desencriptados, por lo tanto, se usarán en el acceso público ...',
INF)
share = True
evalue_exp = None
else:
# Credentials
rusername = data.get('username')
rpassword = data.get('passphrase')
data_ = data.get('data')
bot_id = data.get('id')
runiqkey = data.get('uniqkey')
security_chars = data.get('chars')
security_number = data.get('security_number')
security_decrement_number = data.get('decrement_number')
security_iterations = data.get('iterations')
reply = data.get('reply')
# Evaluamos
evalue_exp = list(
map(evalue, [
rusername, rpassword, runiqkey, data_, bot_id,
security_chars, security_number,
security_decrement_number, security_iterations
]))
if not (urlparse(self.path).path == '/' + RPATH):
if (evalue_exp == [
False, True, False, True, True, True, True, True, True
]):
if (check_credentials.check(
rpassword,
bot_id,
logger,
self.client_address,
max_retry,
retry_seconds,
denied_method,
resolve_dns,
iterations=security_iterations,
chars=security_chars,
decrement_number=security_decrement_number,
security_number=security_number)):
self.found200()
bot_information = wrap.read(bot_id, separate=True)
_username = bot_information['username']
command = hibrid.encrypt(
execute_command.execute(
data_,
bot_id,
log=debug.log(self.client_address,
'%s:(%s)' % (_username, bot_id),
logger, resolve_dns, resolve_port)),
bot_information['keys'][0])
self.wfile.write(command)
else:
self.error403()
self.imprint('Quiere acceder como un bot!', COM)
else:
self.do_AUTHHEAD()
else:
if (evalue_exp == [
True, True, True, True, False, True, True, True, True
]):
self.imprint(
'Verificando si las credenciales de "%s" son correctas ...'
% (rusername), WAR)
if (check_administrators.check(
username=rusername,
passphrase=rpassword,
uniqkey=runiqkey,
recover=recover,
log=debug.log(self.client_address, rusername, logger,
resolve_dns),
address=self.client_address,
max_retry=max_retry,
retry_seconds=retry_seconds,
denied_method=denied_method,
iterations=security_iterations,
chars=security_chars,
decrement_number=security_decrement_number,
security_number=security_number)):
self.found200()
admin_information = wrap.read(rusername,
agent=wrap.USE_ADMIN,
separate=True)
self.imprint(
'(%s): Actualizada la clave única de "%s" ...' %
(rusername, runiqkey), PER)
uniqkey_updated = generate_uniqkey.generate()
if not (wrap.write(rusername,
'uniqkey',
uniqkey_updated,
agent=wrap.USE_ADMIN,
separate=True) == True):
self.error500()
log.logger('¡No se pudo actualizar la clave única!',
debug.COM)
return
self.imprint(
'(%s): ... A: "%s"' % (rusername, uniqkey_updated),
PER)
command = execute_command_to_admin.execute(
data_, rusername,
debug.log(self.client_address, rusername, logger,
resolve_dns), evalue(reply))
if (command == False):
self.imprint('Ejecuto un comando erroneo', COM)
command = hibrid.encrypt(
(False, None, uniqkey_updated),
admin_information['keys'][0])
self.wfile.write(command)
return
command = hibrid.encrypt((True, command, uniqkey_updated),
admin_information['keys'][0])
self.wfile.write(command)
else:
self.error403()
self.imprint('Ingreso credenciales incorrectas!', WAR)
elif (share == True):
self.found200()
command = execute_public_command.execute(
data,
debug.log(self.client_address, 'Public', logger,
resolve_dns))
if (command == False):
self.imprint(
'Ejecuto un comando erroneo o hubo un error en la entrada de datos ...',
COM)
self.wfile.write(simplycrypt.encrypt(token, command))
else:
self.error511()
def do_POST(self):
content_length = self.headers['Content-Length']
content_length = int(content_length) if not (content_length
== None) else 0
if (content_length == 0):
self._error400()
return
content = self.rfile.read(content_length)
if (len(content) == 0):
self._error400()
return
try:
_request = simplycrypt.decrypt(self._passphrase, content)
except:
self._error400()
return
else:
if (_request == None):
self._error400()
return
if (isinstance(_request, str) == True):
_request = _request.lower()
if (_request == 'get_hash'):
try:
with shelve.open(self.db_path, flag='r') as _obj:
_hash = _obj[sha512('hash'.encode()).hexdigest()]
except:
self._error500()
else:
self._found200()
self.wfile.write(_hash)
else:
self._error400()
return
elif (isinstance(_request, dict) == True):
if (len(_request) == 8):
for _ in [('command', list), ('chars', str),
('iterations', int), ('security_number', int),
('decrement_number', int), ('passphrase', str),
('id', str)]:
_cmp_result = key_check_in_dict.check(_request, _[0])
if (_cmp_result == False):
self._error400()
return
else:
if not (isinstance(_request.get(_[0]), _[1]) == True):
self._error400()
return
if (len(_request['command']) != 3):
self._error400()
return
else:
(username, passphrase, command) = _request['command']
if not (isinstance(username, str) == True) or not (
isinstance(passphrase, str)
== True) or not (isinstance(command, str) == True):
self._error400()
return
if (key_check_in_dict.check(_request, 'data') == False):
self._error400()
return
else:
self._error400()
return
command = str(command).lower()
_chars = str(_request['chars'])
_iterations = _request['iterations']
_security_number = _request['security_number']
_decrement_number = _request['decrement_number']
_passphrase = _request['passphrase']
_bot_id = _request['id']
_data = _request['data']
_key = str(_bot_id) + str(_passphrase) + str(_chars) + str(
_iterations) + str(_security_number) + str(_decrement_number)
if (str(username) == self._username) and (str(passphrase)
== self._passphrase):
if (command == 'save'):
self._write_db(
_key, {
'id': _bot_id,
'passphrase': _passphrase,
'chars': _chars,
'iterations': _iterations,
'security_number': _security_number,
'decrement_number': _decrement_number,
'data': _data,
'address': self.client_address
})
elif (command == 'recover'):
self._read_db(_key)
elif (command == 'result'):
self._write_db('result_%s' % (_key), _data)
elif (command == 'recover_result'):
self._read_db('result_%s' % (_key))
elif (command == 'add_secundary_server'):
if (isinstance(_data, list) == True):
if (len(_data) == 2):
if (is_public_key.check(_data[1]) == True):
if (self._object.addserver(_data) == True):
self._found200()
else:
self._error500()
else:
self._error400()
else:
self._error400()
else:
self._error400()
elif (command == 'addqueue'):
self._write_db('queue_%s' % (_key), str(_data))
elif (command == 'getqueue'):
self._read_db('queue_%s' % (_key))
else:
self._error404()
else:
self._error403()
def execute(data, log):
if not (isinstance(data, dict)):
log.logger('¡El tipo de dato de los datos no es correcto!', debug.WAR)
return (False)
if (len(data) != 2):
log.logger('¡La longitud de los datos no es correcta!', debug.WAR)
return (False)
if (data.get('token') == None) or (data.get('command') == None):
log.logger('¡Hace falta el token o el comando!', debug.WAR)
return (False)
_keys = wrap.read('keys', agent=wrap.USE_SERVER)
if (_keys == False):
log.logger('No se pudo leer el par de claves de Evie...', debug.COM)
return (False)
(pub_key, priv_key) = (_keys['public_key'], _keys['private_key'])
real_token = wrap.read('token', 'token', agent=wrap.USE_TOKEN)
real_secret_key = wrap.read('secret_key',
'secret_key',
agent=wrap.USE_SECRET_KEY)
if (real_token == False):
log.logger('No se pudo leer el token de acceso...', debug.COM)
return (False)
token = data['token']
if not (isinstance(token, str)):
log.logger('El tipo de dato del token de acceso no es correcto...',
debug.WAR)
return (False)
if (token == real_token):
log.logger('Correcto, el token de acceso es correcto ...', debug.INF)
else:
log.logger('Incorrecto, el token de acceso es incorrecto ...',
debug.COM)
return (False)
(key, value) = data['command']
if not (isinstance(key, str)):
log.logger('¡El tipo de dato del comando o el valor no es correcto!',
debug.WAR)
return (False)
if not (public_service == False):
if not (key in public_service):
log.logger(
'%s, No está habilitado en estos momentos o no existe ...' %
(key), debug.WAR)
return (False)
if (key == 'getPubKey'):
log.logger('Desea obtener la clave pública del servidor ...',
debug.WAR)
return (pub_key)
elif (key == 'saveData'):
log.logger('Construyendo perfil de un rook ...', debug.INF)
if not (isinstance(value, list)):
log.logger('¡El tipo de dato no es correcto!', debug.WAR)
return (False)
if (len(value) != 2):
log.logger('La longitud de los datos no es correcta', debug.WAR)
return (False)
if not (isinstance(value[0], dict)) or not (isinstance(value[1],
dict)):
log.logger(
'El tipo de dato de la información del rook o los archivos de él, no es correcto',
debug.WAR)
return (False)
(bot_id, bot_data) = tuple(value[0].items())[0]
if not (isinstance(bot_data, dict)):
log.logger(
'El tipo de dato de la información del rook no es correcto',
debug.WAR)
return (False)
for _ in global_conf.keys_bot:
if (key_check_in_dict.check(bot_data, _) == False):
log.logger(
'No está definido la clave "{}" en la información del rook'
.format(_), debug.WAR)
return (False)
profile_dir = '{}/{}/{}/{}'.format(getcwd(),
global_conf.databases['database'],
global_conf.databases['profiles'],
bot_id)
if not isdir(profile_dir):
makedirs(profile_dir)
log.logger('Creado, el directorio de perfil: "%s"' % (profile_dir),
debug.PER)
bot_data['profile'] = profile_dir
bot_data['admins'] = real_extract_root_administrators.extract()
if (bot_id in show_user_rooks.show()):
log.logger(
'No se puede almacenar los datos de "%s" en el almacén, porque ya existe'
% (bot_id), debug.WAR)
return (False)
log.logger('Almacenando datos de "%s" en el almacén ...' % (bot_id),
debug.PER)
if (wrap.add(bot_id, bot_data, username=bot_id,
separate=True) == True):
log.logger(
'Se almacenaron los datos de "%s" con éxito.' % (bot_id),
debug.PER)
if not (value[1] == {}):
log.logger('Almacenando archivos ...', debug.INF)
for filename, content_file in value[1].items():
filename = '%s/%s' % (profile_dir, basename(filename))
_bak_filename = rename_order.rename(filename)
if not (_bak_filename == False):
filename = _bak_filename
log.logger('Escribiendo: "%s" ...' % (filename), debug.PER)
try:
with open(filename, 'wb') as _obj:
_obj.write(bytes_convert.convert(content_file))
except Exception as Except:
log.logger(
'Error escribiendo: {}. Excepción: {}'.format(
filename, Except), debug.COM)
else:
log.logger('Escrito: "%s"' % (filename), debug.PER)
return (True)
else:
log.logger('No se guardaron los datos en el almacén ... ')
return (False)
elif (key == 'resend'):
if (len(value) != 2):
log.logger(
'¡La longitud de los datos de los nodos no es correcta!',
debug.WAR)
return (False)
(nodes, reply) = value
if not (isinstance(reply, dict)):
log.logger(
'¡El tipo de dato de la réplica de los datos no es correcto!',
debug.WAR)
return (False)
if (len(reply) != 9):
log.logger(
'¡La longitud de la réplica de los datos no es correcta!',
debug.WAR)
return (False)
for _ in [
'username', 'passphrase', 'uniqkey', 'iterations',
'security_number', 'decrement_number', 'chars', 'data', 'reply'
]:
if (key_check_in_dict.check(reply, _) == False):
log.logger('¡{}, No está incluida en la réplica!'.format(_),
debug.WAR)
return (False)
if not (isinstance(nodes, dict)):
log.logger(
'¡El tipo de dato de los nodos intermedios no es correcto!',
debug.WAR)
return (False)
if not (len(nodes) >= 2):
log.logger('¡La longitud de los nodos no es correcta!', debug.WAR)
return (False)
check_nodes = [nodes[x] for x in nodes]
if not ([] == [None for x in check_nodes if (len(x) != 3)]):
log.logger('¡La longitud de un intermedio no es correcta!',
debug.WAR)
return (False)
if (check_nodes[0][0] != 0):
log.logger('¡No se puede enviar datos al nodo inicial!', debug.WAR)
return (False)
nodes_list = list(nodes)
for _key, _value in nodes.items():
(_init, _token, url_sum) = _value
if not (isinstance(_init, int)):
log.logger('¡El tipo de dato del indicador no es correcto!',
debug.WAR)
return (False)
if (_init > 1) or (_init < 0):
log.logger('¡El indicador no es correcto!', debug.WAR)
return (False)
if (_init == 1):
nodes[_key][0] = 0
break
try:
_key = simplycrypt.decrypt(real_secret_key, _key)
except:
log.logger(
'¡Error desencriptando la dirección URL del siguiente nodo!',
debug.COM)
return (False)
if (len(url_sum) != 40):
log.logger(
'¡La longitud de la suma de verificación de la URL no es correcta!',
debug.WAR)
return (False)
end_point = nodes[nodes_list[-1]][-1]
if not (url_sum == end_point):
try:
_token = simplycrypt.decrypt(real_secret_key, _token)
except:
log.logger(
'¡Error desencriptando el token de acceso de "{}"!'.format(
_key), debug.WAR)
return (False)
log.logger('Enviando datos al siguiente nodo -> %s' % (_key),
debug.PER)
_data = connector.connect(_key,
_token,
'resend', (nodes, reply),
log,
headers={'User-Agent': user_agent})
log.logger('Re-enviado ...', debug.INF)
else:
log.logger('Re-enviando datos al nodo final -> "%s"' % (_key),
debug.PER)
try:
_data = requests.post(_key,
data=reply,
timeout=global_conf.connector['timeout'],
verify=False,
headers={
'User-Agent': user_agent
}).content
except Exception as Except:
_data = str(Except)
log.logger('Ocurrio una excepción: "%s"' % (Except), debug.WAR)
else:
log.logger('Los datos se re-enviaron satisfactoriamente ...',
debug.INF)
return (_data)
elif (key == 'sendSOS'):
log.logger('Envió un mensaje ...', debug.INF)
log.logger('Gurdando ...', debug.INF)
if not (isinstance(value, dict)):
log.logger(
'¡No está siguiendo la especificación para almacenar mensajes!',
debug.WAR)
return (False)
for _ in ['nickname', 'subject', 'message', 'files']:
if (value.get(_) == None):
log.logger('Falta definir: "%s"' % (_), debug.WAR)
return (False)
nickname = str(value['nickname'])
subject = str(value['subject'][:98])
message = str(value['message'])
for _ in [nickname, subject, message]:
if (_.strip() == ''):
log.logger('¡Hay campos vacios!', debug.WAR)
return (False)
time_ = time()
_files = value['files']
_folder = None
if not (isinstance(_files, list)):
log.logger('¡El tipo de dato de los archivos no es correcto!',
debug.WAR)
return (False)
_message_id = generate_uniqkey.generate()
log.logger('ID: %s' % (_message_id), debug.PER)
if not (_files == []):
_folder = '%s/%s' % (public_files, _message_id)
create_folder.create(_folder)
for _ in _files:
if (len(_) != 2):
log.logger('¡La longitud de la tupla no es correcta!',
debug.WAR)
return (False)
(_filename, _content) = _
_filename = basename(str(_filename))
log.logger('Envió un archivo: {}'.format(_filename), debug.PER)
log.logger('Escribiendo ...', debug.INF)
_save = '%s/%s' % (_folder, _filename)
try:
with open(_save, 'wb') as _file_object:
_file_object.write(bytes_convert.convert(_content))
except Exception as Except:
log.logger(
'Ocurrio una excepción al guardar a "{}". Excepción: {}'
.format(_filename, Except))
else:
log.logger('Escrito: %s' % (_save), debug.PER)
if (wrap.add(_message_id, {
'nickname': nickname,
'subject': subject,
'message': message,
'time': time_,
'profile': _folder
},
agent=wrap.USE_MESSAGE) == True):
log.logger('Guardado: %s' % (_message_id), debug.PER)
return (True)
else:
log.logger('No se pudo guardar el mensaje: %s' % (_message_id),
debug.WAR)
return (False)
else:
return (False)