def task_target(*arguments):
result = None
if self.tasks_type == MultiTask.MULTI_PROCESSING:
curr_task = multiprocessing.process.current_process()
Log.info(self.tag + 'started (PID=' + str(curr_task.pid) + ')')
else:
curr_task = threading.current_thread()
Log.info(self.tag + 'started')
if target is not None:
result = target(*arguments)
if result is not None:
Log.success("Result: " + str(result))
# Scrivo il risultato nel file
Log.info('Writing result in ' + str(self.resfile))
storage.overwrite_file(str(result), self.resfile)
# Termino tutti gli altri threads/processi
if self.tasks_type == MultiTask.MULTI_PROCESSING:
Log.info('Killing other processes')
running_pids = storage.read_file(self.pidfile).split(', ')
for pid in running_pids:
pid = int(pid)
if pid == curr_task.pid:
continue
try:
os.kill(pid, signal.SIGKILL)
Log.info('Process ' + str(pid) + ' killed!')
except Exception as e:
Log.error(str(e))
Log.info(self.tag + 'end')
else:
Log.info('Ignoring other threads')
# Killa se stesso
pid = multiprocessing.process.current_process().pid
Log.info(self.tag + 'end')
os.kill(pid, signal.SIGKILL)
def server_to_defend(ip):
if APP_DEBUG:
Log.info('CALLED: Add.server_to_defend(' + str(ip) + ')')
if not validators.is_ip(ip):
Log.error(str(ip) + ' is not a valid ip address')
return False
return Add.__add__(keys.SERVER_TO_DEFEND, ip)
def submit_url(url):
if APP_DEBUG:
Log.info('CALLED: Set.submit_url(' + str(url) + ')')
if not validators.is_url(url):
Log.error(str(url) + ' is not a valid url')
return False
return Set.__set__(keys.SUBMIT_URL, url)
def game_server(ip):
if APP_DEBUG:
Log.info('CALLED: Set.game_server(' + str(ip) + ')')
if not validators.is_ip(ip):
Log.error(str(ip) + ' is not a valid ip address')
return False
return Set.__set__(keys.GAME_SERVER, ip)
def team_player(ip='*'):
if APP_DEBUG:
Log.info('CALLED: Remove.team_player(' + str(ip) + ')')
if ip != '*' and not validators.is_ip(ip):
Log.error(str(ip) + ' is not a valid ip address')
return False
return Remove.__remove__(keys.TEAM_PLAYER, ip)
def my_ip(ip):
if APP_DEBUG:
Log.info('CALLED: Set.my_ip(' + str(ip) + ')')
if not validators.is_ip(ip):
Log.error(str(ip) + ' is not a valid ip address')
return False
return Set.__set__(keys.MY_IP, ip)
def team_player(ip):
if APP_DEBUG:
Log.info('CALLED: Add.team_player(' + str(ip) + ')')
if not validators.is_ip(ip):
Log.error(str(ip) + ' is not a valid ip address')
return False
return Add.__add__(keys.TEAM_PLAYER, ip)
def server_to_defend(ip='*'):
if APP_DEBUG:
Log.info('CALLED: Remove.server_to_defend(' + str(ip) + ')')
if ip != '*' and not validators.is_ip(ip):
Log.error(str(ip) + ' is not a valid ip address')
return False
return Remove.__remove__(keys.SERVER_TO_DEFEND, ip)
def find_forms(parsed, url=None):
forms = []
if parsed is None:
return forms
if type(parsed) == dict:
if 'form' == parsed.get('tag'):
attrs = parsed.get('attrs')
action = attrs.get('action')
method = attrs.get('method')
if action is None:
action = url
if method is None:
method = RequestType.POST
form = {
'method': method,
'action': action,
'inputs': find_inputs(parsed.get('children'))
}
forms.append(form)
forms += find_forms(parsed.get('children'), url)
elif type(parsed) == list:
for value in parsed:
forms += find_forms(value, url)
else:
Log.error(str(parsed) + ' is not a valid parsed content!')
return forms
def try_inject(forms, cookies=''):
"""
Try injection in all provided forms
:param forms: dict A dictionary of { "<url>": [ <parsed_form_1>, <parsed_form_2>, ... ], ... }
:param cookies: str the request cookies
"""
if SqlmapClient._client is None:
SqlmapClient._client = SqlmapClient()
pprint(forms)
Log.info('Trying injection with cookies: ' + str(cookies))
Log.error("try_inject: Not Implemented")
def request(url, request_type=Type.GET, data=None, headers=None):
if headers is None:
headers = {}
req_headers = {'User-Agent': str(APP_NAME) + ' ' + str(APP_VERSION)}
req_headers.update(headers)
if data is None:
data = {}
request_type = request_type.lower()
if not is_url(url):
Log.error(str(url) + ' is not a valid url!')
return None
try:
if request_type == Type.GET:
r = requests.get(url, data, headers=req_headers)
elif request_type == Type.POST:
r = requests.post(url, data, headers=req_headers)
elif request_type == Type.PUT:
r = requests.put(url, data, headers=req_headers)
elif request_type == Type.PATCH:
r = requests.patch(url, data, headers=req_headers)
elif request_type == Type.DELETE:
r = requests.delete(url, headers=req_headers)
else:
Log.error(str(request_type) + ' is not a valid request type!')
return None
if APP_DEBUG:
print_request(r)
return r
except requests.exceptions.ConnectionError or requests.exceptions.TooManyRedirects as e:
Log.error('Unable to connect to ' + str(url))
Log.error('Exception: ' + str(e))
return None
def __init__(self, tasks_type):
if tasks_type not in MultiTask.tasks_types:
tasks_type = MultiTask.MULTI_PROCESSING
Log.error(str(tasks_type) + ' is not a valid tasks type!')
self.tasks_type = tasks_type
if self.tasks_type == MultiTask.MULTI_PROCESSING:
self.Multitask = multiprocessing.Process
self.tag = 'Process '
else:
self.Multitask = threading.Thread
self.tag = 'Thread '
self.tasks = []
pid = str(multiprocessing.process.current_process().pid)
# File con pids (se multiprocessing)
self.pidfile = APP_TMP + '/multitask.' + pid + '.pids'
# File con result
self.resfile = APP_TMP + '/multitask.' + pid + '.res'
def decrypt(string):
for api in Md5.Api.all():
r = request(api['url'] + string, RequestType.GET)
if r is None:
continue
try:
r_json = r.json()
except json.decoder.JSONDecodeError:
continue
# Chiamo la funzione per prelevare dati dalla risposta
result = api['get_result'](r_json)
if result is not None:
return result
Log.error('md5: unable to decrypt: ' + str(string))
return None
def find_inputs(parsed):
inputs = {}
if parsed is None:
return inputs
if type(parsed) == dict:
tag = parsed.get('tag')
if tag in ('input', 'textarea'):
attrs = parsed.get('attrs')
form_input = {'tag': tag}
for key, value in attrs.items():
form_input[key] = value
inputs[attrs.get('name')] = form_input
inputs.update(find_inputs(parsed.get('children')))
elif type(parsed) == list:
for value in parsed:
inputs.update(find_inputs(value))
else:
Log.error(str(parsed) + ' is not a valid parsed content!')
return inputs
def find_links(parsed):
links = set()
if parsed is None:
return links
if type(parsed) == dict:
attrs = parsed.get('attrs')
if attrs is not None:
url = None
if 'form' == parsed.get('tag'):
url = attrs.get('action')
elif 'a' == parsed.get('tag'):
url = attrs.get('href')
if url is not None:
links.add(url)
links = links.union(find_links(parsed.get('children')))
elif type(parsed) == list:
for value in parsed:
links = links.union(find_links(value))
else:
Log.error(str(parsed) + ' is not a valid parsed content!')
return links
def print_parsed(parsed, depth=0):
space = ' ' * depth
if type(parsed) == dict:
print(space + '{')
for key, value in parsed.items():
if key == 'children':
print_parsed(value, depth + 1)
elif is_listable(value):
print((space + ' ') + str(key) + ':')
print_parsed(value, depth + 2)
# print((space+' ') + str(key) + ':')
# subspace = ' ' * (depth+1)
# for el in dict:
# if (is_listable(el)):
else:
print((space + ' ') + str(key) + ': ' + str(value))
print(space + '}')
elif type(parsed) == list:
for value in parsed:
print_parsed(value, depth + 1)
else:
Log.error(str(parsed) + ' is not a valid parsed content!')