def update(self):
data_obj = data.Data()
build_path = data_obj.get_build_path()
docker = Client()
container_name = data_obj.get_path_hash()
container_obj = container.Container(container_name)
print('Installing new build dependencies...')
build_deps = ""
for dep in data_obj.get_build_deps_to_install():
build_deps = build_deps + " " + dep
for line in container_obj.execute("apt-get install -y " + build_deps):
print(line, end="")
print('Removing old build dependencies...')
build_deps = ""
for dep in data_obj.get_build_deps_to_remove():
build_deps = build_deps + " " + dep
for line in container_obj.execute("apt-get purge -y " + build_deps):
print(line, end="")
print('Removing orphaned dependencies...')
for line in container_obj.execute("apt-get autoremove -y"):
print(line, end="")
print("Installing new app dependencies...")
deps = ""
for dep in data_obj.get_deps_to_install():
deps = deps + " " + dep
for line in container_obj.execute('rm -rf /tmp/debs && mkdir /tmp/debs && cd /tmp/debs && apt-get download ' + deps):
print(line, end="")
print('Decompressing new dependencies...')
container_obj.execute('ls -1 /tmp/debs | while read line ; do dpkg-deb -R /tmp/debs/$line /mnt/appimager/build ; done')
print('Removing old dependencies...')
container_obj.execute('ls -1 /tmp/debs | while read line ; do dpkg-deb -R /tmp/debs/$line /mnt/appimager/build ; done')
print('Configuring permissions...')
container_obj.execute('chown -R ' + str(os.getuid()) + ':' + str(os.getgid()) + ' /mnt/appimager/build')
shutil.rmtree('build/DEBIAN')
print('Writing lock file...')
data_obj.write_lock_file()
print("Complete")
def package(self):
data_obj = data.Data()
path = data_obj.get_work_path()
# Also search for dependency binaries and libraries next to myself
dependenciesdir = path + "/usr/"
os.environ['PATH'] = dependenciesdir + "/bin:" + os.getenv('PATH')
# print os.environ['PATH']
lddp = os.getenv('LD_LIBRARY_PATH')
if lddp == None: lddp = ""
os.environ['LD_LIBRARY_PATH'] = dependenciesdir + "/lib:" + lddp
sourcedir = path
destinationfile = data_obj.get_out_path()
should_compress = True
if should_compress == True:
if not os.path.exists(sourcedir):
print("Application work directory not found: %s" % (sourcedir))
exit(1)
if should_compress == True:
H = xdgappdir.AppDirXdgHandler(sourcedir)
iconfile = H.get_icon_path_by_icon_name(H.get_icon_name_from_desktop_file(H.desktopfile))
if iconfile == None:
print("Icon could not be found based on information in desktop file")
#exit(1)
print("Creating %s..." % (destinationfile))
if os.path.exists(destinationfile):
print (_("Destination path already exists, exiting")) # xorriso would append another session to a pre-existing image
exit(1)
# As great as xorriso is, as cryptic its usage is :-(
command = ["xorriso", "-joliet", "on", "-volid", "AppImage", "-dev",
destinationfile, "-padding", "0", "-map",
sourcedir, "/", "--", "-map", iconfile, "/.DirIcon",
"-zisofs", "level=9:block_size=128k:by_magic=off", "-chown_r", "0",
"/", "--", "set_filter_r", "--zisofs", "/" ]
subprocess.Popen(command).communicate()
print("ok")
print("Embedding runtime...")
elf = os.path.realpath(os.path.dirname(__file__)) + "/runtime"
s = open(elf, 'rb')
f = open(destinationfile, 'rb+')
f.write(bytes(s.read()))
f.close()
s.close()
print("ok")
print("Making %s executable..." % (destinationfile))
os.chmod(destinationfile, 0o755)
print("ok")
filesize = int(os.stat(destinationfile).st_size)
print (_("Size: %f MB") % (filesize/1024/1024))
def setup(self):
data_obj = data.Data()
path = data_obj.get_work_path()
docker = Client()
print('Setting up environment, please wait...')
volume = os.getcwd()
container_name = data_obj.get_path_hash()
docker.create_container(
'nimbusoft/appimager',
tty=True,
command="/bin/bash",
name=container_name,
volumes=['/mnt/appimager'],
host_config=docker.create_host_config(binds={
os.getcwd(): {
'bind': '/mnt/appimager',
'mode': 'rw',
}
}))
docker.start(container_name)
print('Setup Complete')
def install(self):
data_obj = data.Data()
yaml = data_obj.get_yml_data()
arch = data_obj.architecture()
if not os.path.exists("build"):
print("Creating build directory")
os.mkdir("build")
print("Downloading app dependencies...")
for package, version in yaml['require'].items():
url = "https://archive.archlinux.org/packages/" + package[
0] + "/" + package + "/" + package + "-" + version + "-" + arch + ".pkg.tar.xz"
def reporthook(blocknum, blocksize, totalsize):
readsofar = blocknum * blocksize
if totalsize > 0:
percent = readsofar * 1e2 / totalsize
s = "\rDownloading " + package + " (" + version + ") %5.1f%% %*d / %dK" % (
percent, len(str(totalsize)), readsofar / 1024,
totalsize / 1024)
sys.stderr.write(s)
if readsofar >= totalsize: # near the end
sys.stderr.write("\n")
else: # total size is unknown
sys.stderr.write("read %d\n" % (readsofar, ))
urlretrieve(url, "build/" + package + ".tar.xz", reporthook)
print("Complete")
def build(self):
data_obj = data.Data()
container_name = data_obj.get_path_hash()
container_obj = container.Container(container_name)
yml_data = data_obj.get_yml_data()
for line in container_obj.execute('cd /mnt/appimager/cwd && ' +
yml_data['build']):
print(line, end="")
if 'integration' in yml_data.keys():
print('Setting up desktop integration...')
for line in container_obj.execute(
'wget -O /mnt/appimager/build/' + yml_data['integration'] +
'.wrapper https://raw.githubusercontent.com/probonopd/AppImageKit/master/desktopintegration'
):
print(line)
for line in container_obj.execute(
'chmod +x /mnt/appimager/build/' +
yml_data['integration'] + '.wrapper'):
print(line)
print('Configuring permissions...')
container_obj.execute('chown -R ' + str(os.getuid()) + ':' +
str(os.getgid()) + ' /mnt/appimager/build')
def __init__(self, args, logger, cfg):
self.pool = ThreadPoolExecutor(cfg['max_threads'])
self.logger = logger
self.data = data.Data(logger=logger,
redis_host=cfg['master_redis_host'],
redis_port=cfg['master_redis_port'],
redis_db=cfg['master_redis_db'])
self.payments = payments.Payments(
logger=logger,
data=self.data,
redis_host=cfg['payments_redis_host'],
redis_port=cfg['payments_redis_port'],
redis_db=cfg['payments_redis_db'])
self.payments.initialize(args.config_path)
handlers = [
# Payments
(r'/api/v1/order/(.*)', api.payments.OrderApiHandler),
]
settings = dict(
cookie_secret=
"%T38*30$25^G2N43@13%6*0-OJtRew@134^7(OjgTR$4yIJv042!-8y74+5+=JI&TGu6t58",
login_url="",
xsrf_cookies=False,
template_path=os.path.join(os.path.dirname(__file__), "templates"),
static_path=os.path.join(os.path.dirname(__file__),
"templates/static"),
autoescape=None,
)
# prepend path to each handler with path to the app
tornado.web.Application.__init__(self, handlers, **settings)
def package(self):
data_obj = data.Data()
container_name = data_obj.get_path_hash()
container_obj = container.Container(container_name)
for line in container_obj.execute(
'AppImageAssistant.AppImage /mnt/appimager/build /mnt/appimager/out/'
+ data_obj.get_name()):
print(line, end="")
def stop(self):
data_obj = data.Data()
container_name = data_obj.get_path_hash()
container_obj = container.Container(container_name)
print('Stopping container...')
container_obj.stop()
print("Container stopped")
def execute(self, command):
data_obj = data.Data()
cmd = self.docker.exec_create(
self.name, '/bin/sh -c "' + data_obj.get_env_vars_string(True) +
' && ' + command + '"')
cmd_id = cmd['Id']
for line in self.docker.exec_start(cmd_id, stream=True):
yield (line.decode('ascii'))
def start(self):
data_obj = data.Data()
container_name = data_obj.get_path_hash()
docker = container.Container(container_name)
print('Starting container...')
docker.start()
print("Container started")
def stop(self):
data_obj = data.Data()
container_name = data_obj.get_path_hash()
docker = Client()
print('Stopping container...')
docker.stop(container_name)
print("Container stopped")
def build(self):
data_obj = data.Data()
container_name = data_obj.get_path_hash()
container_obj = container.Container(container_name)
yml_data = data_obj.get_yml_data()
for line in container_obj.execute('cd /mnt/appimager && ' +
yml_data['build']):
print(line, end="")
print('Configuring permissions...')
container_obj.execute('chown -R ' + str(os.getuid()) + ':' +
str(os.getgid()) + ' /mnt/appimager/build')
def run_poller_worker(*args, **kwargs):
logger = config.get_logger(kwargs['log_path'], kwargs['name'])
try:
db = data.Data(logger, kwargs['redis_host'], kwargs['redis_port'],
kwargs['redis_db'])
p = PollerWorker(logger, kwargs['name'], db, None,
kwargs['config_path'])
logger.info('Starting poller worker: {0}'.format(kwargs['name']))
p.run(args, kwargs)
except Exception as e:
logger.error(
'ERROR: Exception in run_poller_worker: {0}\r\n{1}'.format(
e, traceback.format_exc()))
def destroy(self):
data_obj = data.Data()
container_name = data_obj.get_path_hash()
container_obj = container.Container(container_name)
print('Stopping container...')
container_obj.stop()
print('Destroying container...')
container_obj.destroy()
print("Container destroyed")
def __init__(self, args, logger, cfg):
self.logger = logger
self.data = data.Data(logger=logger, redis_host=cfg['master_redis_host'], redis_port=cfg['master_redis_port'], redis_db=cfg['master_redis_db'])
handlers = [
# Google
(r'/gl/login/?(.*)', google.GoogleLoginHandler),
(r'/gl/logout/?', google.GoogleLogoutHandler),
# Facebook
(r'/fb/login', facebook.AuthLoginHandler),
(r'/fbp/login', facebook.AuthLoginHandler, dict(m='p')),
(r'/fbg/login', facebook.AuthLoginHandler, dict(m='g')),
(r'/fba/login', facebook.AuthLoginHandler, dict(m='pg')),
(r'/fb/logout', facebook.AuthLogoutHandler),
# Twitter
(r'/tw/login', twitter.AuthLoginHandler),
(r'/tw/logout', twitter.AuthLogoutHandler),
# Tumblr
(r'/tl/login', tumblr.AuthLoginHandler),
(r'/tl/logout', tumblr.AuthLogoutHandler),
# Flickr
(r'/fr/login', flickr.AuthLoginHandler),
(r'/fr/logout', flickr.AuthLogoutHandler),
# 500px
(r'/5p/login', px500.AuthLoginHandler),
(r'/5p/logout', px500.AuthLogoutHandler),
# LinkedIn
(r'/in/login', linkedin.AuthLoginHandler),
(r'/in/logout', linkedin.AuthLogoutHandler),
# RSS
(r'/feed/??', feed.FeedHandler),
# API
(r'/api/v1/view/(.*)', api.view.ViewApiHandler),
(r'/api/v1/user/?(.*)', api.user.UserApiHandler),
(r'/api/v1/account/(.*)', api.account.AccountApiHandler),
(r'/api/v1/source/(.*)', api.source.SourceApiHandler),
(r'/api/v1/service/?(.*)', api.service.ServiceApiHandler),
]
settings = dict(
cookie_secret="%T38*30$25^G2N43@13%6*0-OJtRew@134^7(OjgTR$4yIJv042!-8y74+5+=JI&TGu6t58",
login_url="",
xsrf_cookies=False,
template_path=os.path.join(os.path.dirname(__file__), "templates"),
static_path=os.path.join(os.path.dirname(__file__), "templates/static"),
autoescape=None,
api_path=cfg['api_path'],
payments_node=cfg['payments_node']
)
# prepend path to each handler with path to the app
tornado.web.Application.__init__(self, handlers, **settings)
def install(self):
data_obj = data.Data()
build_path = data_obj.get_build_path()
docker = Client()
if not os.path.exists(build_path):
print("Creating build directory")
os.mkdir(build_path)
container_name = data_obj.get_path_hash()
container_obj = container.Container(container_name)
print("Downloading app dependencies...")
deps = ""
for dep in data_obj.get_deps():
deps = deps + " " + dep
for line in container_obj.execute('rm -rf /tmp/debs && mkdir /tmp/debs && cd /tmp/debs && apt-get download ' + deps):
print(line, end="")
print('Decompressing dependencies...')
for line in container_obj.execute('ls -1 /tmp/debs | while read line ; do dpkg-deb -R /tmp/debs/$line /mnt/appimager/build ; done'):
print(line)
print('Configuring permissions...')
container_obj.execute('chown -R ' + str(os.getuid()) + ':' + str(os.getgid()) + ' /mnt/appimager/build')
shutil.rmtree('build/DEBIAN')
print('Writing lock file...')
data_obj.write_lock_file()
print("Complete")
def main():
if not len(sys.argv):
print("[!] Not Enough Arguments!")
# TODO: Add usage
sys.exit(0)
parser = argparse.ArgumentParser()
parser.add_argument("url", help="URL to test for LFI")
parser.add_argument("-d", "--data", help="Use data:// technique", action="store_true")
parser.add_argument("-i", "--input", help="Use input:// technique", action="store_true")
parser.add_argument("-e", "--expect", help="Use expect:// technique", action="store_true")
parser.add_argument("-f", "--filter", help="Use filter:// technique", action="store_true")
parser.add_argument("-p", "--proc", help="Use /proc/self/environ technique", action="store_true")
parser.add_argument("-a", "--access", help="Apache access logs technique", action="store_true")
parser.add_argument("-ns", "--nostager", help="execute payload directly, do not use stager", action="store_true")
parser.add_argument("-r", "--relative", help="use path traversal sequences for attack", action="store_true")
parser.add_argument("--ssh", help="SSH auth log poisoning", action="store_true")
parser.add_argument("-l", "--location", help="path to target file (access log, auth log, etc.)")
parser.add_argument("--cookies", help="session cookies for authentication")
args = parser.parse_args()
url = args.url
nostager = args.nostager
relative = args.relative
cookies = args.cookies
parsed = urllib.parse.urlsplit(url)
print(colors("[~] Checking Target: {0}".format(parsed.netloc), 93))
# if ping(parsed.netloc):
# print(colors("[+] Target looks alive ", 92))
# else:
# print(colors("[!] Target irresponsive ", 91))
# sys.exit(1)
if not parsed.query:
print(colors("[!] No GET parameter Provided ", 91))
# TODO: Find a better way to do these checks
if args.data:
print(colors("[~] Testing with data:// ", 93))
d = data.Data(url, nostager, cookies)
d.execute_data()
elif args.input:
print(colors("[~] Testing with input:// ", 93))
i = Input.Input(url, nostager, cookies)
i.execute_input()
elif args.expect:
print(colors("[~] Testing with expect:// ", 93))
e = Expect.Expect(url, nostager, cookies)
e.execute_expect()
elif args.proc:
print(colors("[~] /proc/self/environ Technique Selected!", 93))
i = proc.Environ(url, nostager, relative, cookies)
i.execute_environ()
elif args.access:
print(colors("[~] Testing for Apache access.log poisoning", 93))
if not args.location:
print(colors("[~] Log Location Not Provided! Using Default", 93))
l = '/var/log/apache2/access.log'
else:
l = args.location
a = accesslog(url, l, nostager, relative, cookies)
a.execute_logs()
elif args.ssh:
print(colors("[~] Testing for SSH log poisoning ", 93))
if not args.location:
print(colors("[~] Log Location Not Provided! Using Default", 93))
l = '/var/log/auth.log'
else:
l = args.location
a = sshlog.SSHLogs(url, l, relative, cookies)
a.execute_ssh()
elif args.filter:
print(colors("[~] Testing with expect://", 93))
f = Filter.Filter(url, cookies)
f.execute_filter()
else:
print(colors("[!] Please select atleast one technique to test", 91))
sys.exit(0)
parser.add_argument('--redis_port', default=6379, type=int)
parser.add_argument('--redis_host', default='127.0.0.1')
parser.add_argument('--redis_db', default=0, type=int)
parser.add_argument('--log_path', required=True)
parser.add_argument('--gid_set', required=True)
parser.add_argument('--period', default=60, type=int)
args = parser.parse_args()
logging.basicConfig(format='%(asctime)s %(message)s',
datefmt='%m/%d/%Y %H:%M:%S')
logger = logging.getLogger(__name__)
logger.addHandler(
config.getLogHandler(os.path.join(args.log_path, 'poller_test.log')))
logger.level = logging.DEBUG
data = data.Data(logger, args.redis_host, args.redis_port, args.redis_db)
while True:
logger.warning(
'Invoking poll for all, next poll in {0} seconds'.format(
args.period))
with open(args.gid_set) as f_set:
gid_set = [gid.strip() for gid in f_set.readlines()]
logger.info('Read [{0}] gids'.format(len(gid_set)))
for n in range(0, len(gid_set)):
gid = gid_set[randint(0, len(gid_set) - 1)]
logger.info('Invoking rebalance for [{0}]'.format(gid))
data.rc.sadd(S1.register_set(), gid)
data.register_gid(gid)
t = randint(5, 20)
def setup(self):
data_obj = data.Data()
yml = data_obj.get_yml_data()
docker = Client()
print('Setting up environment, please wait...')
volume = os.getcwd()
base_os_version = yml['base']
container_name = data_obj.get_path_hash()
container_obj = container.Container(container_name)
print('Pulling Ubuntu ' + str(base_os_version) + '...')
docker.pull('ubuntu', str(base_os_version))
data_obj = data.Data()
print('Creating container...')
docker.create_container('ubuntu:' + str(base_os_version), tty=True, command="/bin/bash", name=container_name, volumes=['/mnt/appimager'],
host_config=docker.create_host_config(privileged=True, cap_add=['SYS_ADMIN'], binds={
os.getcwd(): {
'bind': '/mnt/appimager/cwd',
'mode': 'ro',
},
data_obj.get_work_path(): {
'bind': '/mnt/appimager/work',
'mode': 'rw',
},
data_obj.get_build_path(): {
'bind': '/mnt/appimager/build',
'mode': 'rw',
},
data_obj.get_out_path(): {
'bind': '/mnt/appimager/out',
'mode': 'rw',
}
}))
print('Starting container...')
container_obj.start()
print('Updating APT repositories...')
for line in container_obj.execute("apt-get update"):
print(line, end="")
print('Installing common dependencies...')
for line in container_obj.execute('apt-get -y install software-properties-common python-software-properties wget fuse'):
print(line, end="")
print('Downloading AppImageAssistant...')
for line in container_obj.execute('wget -O /usr/bin/AppImageAssistant.AppImage https://github.com/probonopd/AppImageKit/releases/download/6/AppImageAssistant_6-' + data_obj.architecture() + '.AppImage && chmod +x /usr/bin/AppImageAssistant.AppImage'):
print(line, end="")
print('Adding additional APT repositories...')
for repo in data_obj.get_repositories():
for line in container_obj.execute('add-apt-repository -y ' + repo):
print(line, end="")
print('Updating APT repositories...')
for line in container_obj.execute("apt-get update"):
print(line, end="")
print('Installing build dependencies...')
build_deps = ""
for dep in data_obj.get_build_deps():
build_deps = build_deps + " " + dep
for line in container_obj.execute("apt-get install -y " + build_deps):
print(line, end="")
print('Writing lock file...')
data_obj.write_lock_file()
print('Setup Complete')
def get_data(logger, redis_host, redis_port, redis_db):
return data.Data(logger, redis_host, redis_port, redis_db)
def setup(self):
data_obj = data.Data()
yml = data_obj.get_yml_data()
docker = Client()
print('Setting up environment, please wait...')
volume = os.getcwd()
base_os_version = yml['base']
container_name = data_obj.get_path_hash()
container_obj = container.Container(container_name)
print('Pulling Ubuntu ' + str(base_os_version) + '...')
docker.pull('ubuntu', str(base_os_version))
print('Creating container...')
docker.create_container('ubuntu:' + str(base_os_version),
tty=True,
command="/bin/bash",
name=container_name,
volumes=['/mnt/appimager'],
host_config=docker.create_host_config(
privileged=True,
cap_add=['SYS_ADMIN'],
binds={
os.getcwd(): {
'bind': '/mnt/appimager',
'mode': 'rw',
}
}))
print('Starting container...')
container_obj.start()
print('Updating APT repositories...')
for line in container_obj.execute("apt-get update"):
print(line, end="")
print('Installing common dependencies...')
for line in container_obj.execute(
'apt-get -y install software-properties-common python-software-properties'
):
print(line, end="")
print('Adding additional APT repositories...')
for repo in data_obj.get_repositories():
for line in container_obj.execute('add-apt-repository -y ' + repo):
print(line, end="")
print('Updating APT repositories...')
for line in container_obj.execute("apt-get update"):
print(line, end="")
print('Installing build dependencies...')
build_deps = ""
for dep in data_obj.get_build_deps():
build_deps = build_deps + " " + dep
for line in container_obj.execute("apt-get install -y " + build_deps):
print(line, end="")
print('Writing lock file...')
data_obj.write_lock_file()
print('Setup Complete')
