Exemple #1
0
def on_session_after_flush(session, flush_context):
	for signal, session_attribute in _flush_signal_map:
		objs = collections.defaultdict(list)
		for obj in getattr(session, session_attribute):
			objs[obj.__tablename__].append(obj)
		for table, targets in objs.items():
			signals.safe_send(signal, logger, table, targets=tuple(targets), session=session)
Exemple #2
0
 def send_response(self, code, message=None):
     super(KingPhisherRequestHandler, self).send_response(code, message)
     signals.safe_send('response-sent',
                       self.logger,
                       self,
                       code=code,
                       message=message)
Exemple #3
0
 def _handle_page_visit_creds(self, session, visit_id):
     username, password = self.get_query_creds()
     if username is None:
         return
     cred_count = 0
     query = session.query(db_models.Credential)
     query = query.filter_by(message_id=self.message_id,
                             username=username,
                             password=password)
     if query.count() == 0:
         cred = db_models.Credential(campaign_id=self.campaign_id,
                                     message_id=self.message_id,
                                     visit_id=visit_id)
         cred.username = username
         cred.password = password
         session.add(cred)
         campaign = db_manager.get_row_by_id(session, db_models.Campaign,
                                             self.campaign_id)
         cred_count = len(campaign.credentials)
     if cred_count > 0 and ((cred_count in [1, 5, 10]) or
                            ((cred_count % 25) == 0)):
         alert_text = "{0} credentials submitted for campaign: {{campaign_name}}".format(
             cred_count)
         self.server.job_manager.job_run(self.issue_alert,
                                         (alert_text, self.campaign_id))
     signals.safe_send('credentials-received',
                       self.logger,
                       self,
                       username=username,
                       password=password)
Exemple #4
0
    def handle_email_opened(self, query):
        # image size: 43 Bytes
        img_data = '47494638396101000100800100000000ffffff21f90401000001002c00000000'
        img_data += '010001000002024c01003b'
        img_data = binascii.a2b_hex(img_data)
        self.send_response(200)
        self.send_header('Content-Type', 'image/gif')
        self.send_header('Content-Length', str(len(img_data)))
        self.end_headers()
        self.wfile.write(img_data)

        msg_id = self.get_query('id')
        if not msg_id:
            return
        session = db_manager.Session()
        query = session.query(db_models.Message)
        query = query.filter_by(id=msg_id, opened=None)
        message = query.first()
        if message and not message.campaign.has_expired:
            message.opened = db_models.current_timestamp()
            message.opener_ip = self.get_client_ip()
            message.opener_user_agent = self.headers.get('user-agent', None)
            session.commit()
        session.close()
        signals.safe_send('email-opened', self.logger, self)
Exemple #5
0
	def handle_email_opened(self, query):
		# image size: 43 Bytes
		img_data = '47494638396101000100800100000000ffffff21f90401000001002c00000000'
		img_data += '010001000002024c01003b'
		img_data = binascii.a2b_hex(img_data)
		self.send_response(200)
		self.send_header('Content-Type', 'image/gif')
		self.send_header('Content-Length', str(len(img_data)))
		self.end_headers()
		self.wfile.write(img_data)

		msg_id = self.get_query('id')
		if not msg_id:
			return
		session = db_manager.Session()
		query = session.query(db_models.Message)
		query = query.filter_by(id=msg_id, opened=None)
		message = query.first()
		if message and not message.campaign.has_expired:
			message.opened = db_models.current_timestamp()
			message.opener_ip = self.get_client_ip()
			message.opener_user_agent = self.headers.get('user-agent', None)
			session.commit()
		session.close()
		signals.safe_send('email-opened', self.logger, self)
Exemple #6
0
def on_session_after_flush(session, flush_context):
	for signal, session_attribute in _flush_signal_map:
		objs = collections.defaultdict(list)
		for obj in getattr(session, session_attribute):
			objs[obj.__tablename__].append(obj)
		for table, targets in objs.items():
			signals.safe_send(signal, logger, table, targets=tuple(targets), session=session)
Exemple #7
0
def forward_signal_update(mapper, connection, target):
    signals.safe_send('db-table-update',
                      logger,
                      target.__tablename__,
                      mapper=mapper,
                      connection=connection,
                      target=target)
Exemple #8
0
def forward_signal_insert(mapper, connection, target):
    signals.safe_send('db-table-insert',
                      logger,
                      target.__tablename__,
                      mapper=mapper,
                      connection=connection,
                      target=target)
Exemple #9
0
	def on_init(self):
		self.config = self.server.config
		regex_prefix = '^'
		if self.config.get('server.vhost_directories'):
			regex_prefix += r'[\w\.\-]+\/'
			for path, handler in self.handler_map.items():
				if path.startswith(rest_api.REST_API_BASE):
					del self.handler_map[path]
					self.handler_map[regex_prefix + path] = handler
		self.handler_map[regex_prefix + 'kpdd$'] = self.handle_deaddrop_visit
		self.handler_map[regex_prefix + 'kp\\.js$'] = self.handle_javascript_hook

		tracking_image = self.config.get('server.tracking_image')
		tracking_image = tracking_image.replace('.', '\\.')
		self.handler_map[regex_prefix + tracking_image + '$'] = self.handle_email_opened
		signals.safe_send('request-received', self.logger, self)
Exemple #10
0
	def on_init(self):
		self.config = self.server.config
		regex_prefix = '^'
		if self.config.get('server.vhost_directories'):
			regex_prefix += r'[\w\.\-]+\/'
			for path, handler in self.handler_map.items():
				if path.startswith(rest_api.REST_API_BASE):
					del self.handler_map[path]
					self.handler_map[regex_prefix + path] = handler
		self.handler_map[regex_prefix + 'kpdd$'] = self.handle_deaddrop_visit
		self.handler_map[regex_prefix + 'kp\\.js$'] = self.handle_javascript_hook

		tracking_image = self.config.get('server.tracking_image')
		tracking_image = tracking_image.replace('.', '\\.')
		self.handler_map[regex_prefix + tracking_image + '$'] = self.handle_email_opened
		signals.safe_send('request-received', self.logger, self)
Exemple #11
0
	def _handle_page_visit_creds(self, session, visit_id):
		username, password = self.get_query_creds()
		if username is None:
			return
		cred_count = 0
		query = session.query(db_models.Credential)
		query = query.filter_by(message_id=self.message_id, username=username, password=password)
		if query.count() == 0:
			cred = db_models.Credential(campaign_id=self.campaign_id, message_id=self.message_id, visit_id=visit_id)
			cred.username = username
			cred.password = password
			session.add(cred)
			campaign = db_manager.get_row_by_id(session, db_models.Campaign, self.campaign_id)
			cred_count = len(campaign.credentials)
		if cred_count > 0 and ((cred_count in [1, 5, 10]) or ((cred_count % 25) == 0)):
			alert_text = "{0} credentials submitted for campaign: {{campaign_name}}".format(cred_count)
			self.server.job_manager.job_run(self.issue_alert, (alert_text, self.campaign_id))
		signals.safe_send('credentials-received', self.logger, self, username=username, password=password)
Exemple #12
0
def forward_signal_update(mapper, connection, target):
	signals.safe_send('db-table-update', logger, target.__tablename__, mapper=mapper, connection=connection, target=target)
Exemple #13
0
def forward_signal_insert(mapper, connection, target):
	signals.safe_send('db-table-insert', logger, target.__tablename__, mapper=mapper, connection=connection, target=target)
Exemple #14
0
    def handle_page_visit(self):
        if not self.message_id:
            return
        if self.message_id == self.config.get('server.secret_id'):
            return
        if not self.campaign_id:
            return
        client_ip = self.get_client_ip()

        session = db_manager.Session()
        campaign = db_manager.get_row_by_id(session, db_models.Campaign,
                                            self.campaign_id)
        if campaign.has_expired:
            self.logger.info(
                "ignoring page visit for expired campaign id: {0} from IP address: {1}"
                .format(self.campaign_id, client_ip))
            session.close()
            return
        self.logger.info(
            "handling a page visit for campaign id: {0} from IP address: {1}".
            format(self.campaign_id, client_ip))
        message = db_manager.get_row_by_id(session, db_models.Message,
                                           self.message_id)

        if message.opened is None and self.config.get_if_exists(
                'server.set_message_opened_on_visit', True):
            message.opened = db_models.current_timestamp()
            message.opener_ip = self.get_client_ip()
            message.opener_user_agent = self.headers.get('user-agent', None)

        set_new_visit = True
        visit_id = None
        if self.visit_id:
            visit_id = self.visit_id
            set_new_visit = False
            query = session.query(db_models.LandingPage)
            query = query.filter_by(campaign_id=self.campaign_id,
                                    hostname=self.vhost,
                                    page=self.request_path[1:])
            if query.count():
                visit = db_manager.get_row_by_id(session, db_models.Visit,
                                                 self.visit_id)
                if visit.message_id == self.message_id:
                    visit.visit_count += 1
                    visit.last_visit = db_models.current_timestamp()
                else:
                    set_new_visit = True
                    visit_id = None

        if visit_id is None:
            visit_id = make_uid()

        if set_new_visit:
            kp_cookie_name = self.config.get('server.cookie_name')
            cookie = "{0}={1}; Path=/; HttpOnly".format(
                kp_cookie_name, visit_id)
            self.send_header('Set-Cookie', cookie)
            visit = db_models.Visit(id=visit_id,
                                    campaign_id=self.campaign_id,
                                    message_id=self.message_id)
            visit.visitor_ip = client_ip
            visit.visitor_details = self.headers.get('user-agent', '')
            session.add(visit)
            visit_count = len(campaign.visits)
            if visit_count > 0 and ((visit_count in (1, 10, 25)) or
                                    ((visit_count % 50) == 0)):
                alert_text = "{0} visits reached for campaign: {{campaign_name}}".format(
                    visit_count)
                self.server.job_manager.job_run(self.issue_alert,
                                                (alert_text, self.campaign_id))
            signals.safe_send('visit-received', self.logger, self)

        if visit_id is None:
            self.logger.error('the visit id has not been set')
            raise RuntimeError('the visit id has not been set')
        self._handle_page_visit_creds(session, visit_id)
        trained = self.get_query('trained')
        if isinstance(trained,
                      str) and trained.lower() in ['1', 'true', 'yes']:
            message.trained = True
        session.commit()
        session.close()
Exemple #15
0
	def handle_page_visit(self):
		if not self.message_id:
			return
		if self.message_id == self.config.get('server.secret_id'):
			return
		if not self.campaign_id:
			return
		client_ip = self.get_client_ip()

		session = db_manager.Session()
		campaign = db_manager.get_row_by_id(session, db_models.Campaign, self.campaign_id)
		if campaign.has_expired:
			self.logger.info("ignoring page visit for expired campaign id: {0} from IP address: {1}".format(self.campaign_id, client_ip))
			session.close()
			return
		self.logger.info("handling a page visit for campaign id: {0} from IP address: {1}".format(self.campaign_id, client_ip))
		message = db_manager.get_row_by_id(session, db_models.Message, self.message_id)

		if message.opened is None and self.config.get_if_exists('server.set_message_opened_on_visit', True):
			message.opened = db_models.current_timestamp()
			message.opener_ip = self.get_client_ip()
			message.opener_user_agent = self.headers.get('user-agent', None)

		set_new_visit = True
		visit_id = None
		if self.visit_id:
			visit_id = self.visit_id
			set_new_visit = False
			query = session.query(db_models.LandingPage)
			query = query.filter_by(campaign_id=self.campaign_id, hostname=self.vhost, page=self.request_path[1:])
			if query.count():
				visit = db_manager.get_row_by_id(session, db_models.Visit, self.visit_id)
				if visit.message_id == self.message_id:
					visit.visit_count += 1
					visit.last_visit = db_models.current_timestamp()
				else:
					set_new_visit = True
					visit_id = None

		if visit_id is None:
			visit_id = make_uid()

		if set_new_visit:
			kp_cookie_name = self.config.get('server.cookie_name')
			cookie = "{0}={1}; Path=/; HttpOnly".format(kp_cookie_name, visit_id)
			self.send_header('Set-Cookie', cookie)
			visit = db_models.Visit(id=visit_id, campaign_id=self.campaign_id, message_id=self.message_id)
			visit.visitor_ip = client_ip
			visit.visitor_details = self.headers.get('user-agent', '')
			session.add(visit)
			visit_count = len(campaign.visits)
			if visit_count > 0 and ((visit_count in (1, 10, 25)) or ((visit_count % 50) == 0)):
				alert_text = "{0} visits reached for campaign: {{campaign_name}}".format(visit_count)
				self.server.job_manager.job_run(self.issue_alert, (alert_text, self.campaign_id))
			signals.safe_send('visit-received', self.logger, self)

		if visit_id is None:
			self.logger.error('the visit id has not been set')
			raise RuntimeError('the visit id has not been set')
		self._handle_page_visit_creds(session, visit_id)
		trained = self.get_query('trained')
		if isinstance(trained, str) and trained.lower() in ['1', 'true', 'yes']:
			message.trained = True
		session.commit()
		session.close()
Exemple #16
0
	def send_response(self, code, message=None):
		super(KingPhisherRequestHandler, self).send_response(code, message)
		signals.safe_send('response-sent', self.logger, self, code=code, message=message)