def run(ip, port, new_key, sleep_time):
# 获取当前使用的rc4加密key
rc4_key = get_rc4_key(new_key)
Log.log_message(
'[*]server cipher key: {}'.format(BOLD(rc4_key)), log_type=Log.SERVER)
# 启动http监听服务
session = Session()
shell = Shell(session)
httpd = Server(ip, port, JSCatServer, session, shell, rc4_key, sleep_time)
httpd.start()
Log.log_message(
'[*]server running in {}:{}...'.format(BOLD('0.0.0.0'), BOLD(port)), log_type=Log.SERVER)
Log.log_message(
'[*]host connect ip is {}:{}...'.format(BOLD(ip), BOLD(port)), log_type=Log.SERVER)
print_online_cmd(ip, port)
# 控制台命令输入
try:
while True:
if not httpd.shell.get_command():
httpd.shutdown()
exit()
except KeyboardInterrupt:
httpd.shutdown()
Log.log_message('server shutdown', log_type=Log.SERVER)
def test_session():
"""
Session class tests
"""
user_id = "test_id"
secret = "test_secret"
session = Session(user_id, secret)
# Session not expired
assert False is session.is_expired()
# Unseal a session
assert True is session.is_sealed()
session.unseal()
assert False is session.is_sealed()
# Time-to-live
assert 3600 == session.ttl()
session.ttl(300)
assert 300 == session.ttl()
# Secret
assert True is session.match_secret(secret)
# Expired session
session.ttl(1)
time.sleep(2)
with pytest.raises(SessionExpiredError):
session.is_expired()
def main():
# assign arugments
args = ArgumentParser()
args.add_argument('username', help='email or username')
args.add_argument('wordlist', help='password list')
args.add_argument('threads', help='password per seconds. Any number <= 16')
args = args.parse_args()
if not exists(args.wordlist):
exit('[!] Unable to locate `{}`'.format(args.wordlist))
if not args.threads.isdigit():
exit('[!] Threads must be a number')
# assign variables
engine = Bruter(args.username.title(), int(args.threads), args.wordlist)
session = Session(args.username.title(), args.wordlist)
if session.exists():
if _input('Do you want to resume the attack? [y/n]: ').split()[0][0] == 'y':
data = session.read()
if data:
engine.attempts = int(data['attempts'])
engine.passlist.queue = eval(data['queue'])
engine.retrieve = True
# start attack
try:
engine.start()
finally:
if not engine.isFound:
engine.display(engine.pwd)
print('\n[!] Exiting ...')
engine.stop()
def main():
username = "******"
wordlist = "password_9.txt"
threads = "999999"
# assign variables
engine = Bruter(username.title(), int(threads), wordlist)
session = Session(username.title(), wordlist)
if session.exists():
if _input('Do you want to resume the attack? [y/n]: ').split()[0][0] == 'y':
data = session.read()
if data:
engine.attempts = int(data['attempts'])
engine.passlist.queue = eval(data['queue'])
engine.retrieve = True
# start attack
try:
engine.start()
except KeyboardInterrupt:
engine.user_abort = True
finally:
if all([engine.spyder.proxy_info, not engine.isFound]):
engine.display(engine.pwd)
if all([not engine.read, engine.user_abort, not engine.isFound]):
print('{}[!] Exiting ...'.format('' if not engine.spyder.proxy_info else '\n'))
if all([engine.read, not engine.isFound]):
print('\n[*] Password not found')
sleep(1.5)
engine.stop()
def get_loris_session_id(self):
"""
Greps the LORIS session.ID corresponding to the BIDS visit. Note,
if no BIDS visit are set, will use the default visit label value set
in the config module
:return: the session's ID in LORIS
:rtype: int
"""
# check if there are any visit label in BIDS structure, if not,
# will use the default visit label set in the config module
visit_label = self.bids_ses_id if self.bids_ses_id else self.default_vl
session = Session(verbose=self.verbose,
cand_id=self.cand_id,
center_id=self.center_id,
visit_label=visit_label)
loris_vl_info = session.get_session_info_from_loris(self.db)
if not loris_vl_info:
message = "ERROR: visit label " + visit_label + "does not exist in " + \
"the session table for candidate " + self.cand_id + \
"\nPlease make sure the visit label is created in the " + \
"database or run bids_import.py with the -s option -s if " + \
"you wish that the insertion pipeline creates the visit " + \
"label in the session table."
print(message)
exit(lib.exitcode.SELECT_FAILURE)
return loris_vl_info['ID']
def initialize(self):
self.db = mongo
self.search_cache = Cache(master=False, db=config.Cache.searchdb)
self.hot_image_cache = Cache(master=False, db=config.Cache.imagedb)
self.queue = Queue()
self.session = Session(self,
MemcacheStore(),
initializer={
'nickname': None,
'uid': None,
'avatar': None,
'email': None,
'super': False,
'channel': None,
'login': False,
'net': None,
'reso': None,
'height': 0,
'width': 0,
'show_msg': None,
'hd': True
})
self.session.processor(self)
self.context = {
'se': self.session,
'static_server': config.Server.static_server,
'cdn': config.CDN.mhost,
}
def __init__(self, username, threads, passlist_path, is_color):
self.bruter = None
self.resume = False
self.is_alive = True
self.threads = threads
self.username = username
self.passlist_path = passlist_path
self.display = Display(is_color=is_color)
self.session = Session(username, passlist_path)
def __init__(self, *args, **kwargs):
super(BaseHandler, self).__init__(*args, **kwargs)
self.session = Session(self)
self.db = self.application.db
if not isinstance(self, WebSocketHandler):
# record last view url
self.set_cookie('last_view', self.request.uri)
# 一天后过期, 防盗链
self.set_cookie('uuid', self.uuid, expires_days=1)
def session(self):
if hasattr(self, '_session'):
return self._session
else:
sessionid = self.get_secure_cookie('sid')
self._session = Session(self.application.session_store, sessionid, expires_days=1)
if not sessionid:
self.set_secure_cookie('sid', self._session.id, expires_days=1)
return self._session
def initialize(self, method=''):
#初始化Sesion
self._session = Session(self, config.setting['session']['time_out'],
config.setting['session']['expires_days'])
self._method = method
self._cur_entity = None
def create(self, user_id, user_secret):
"""
param: user_id - Chat user unique identifier.
param: user_secret - A pseudo-secret word provided by
the user and used as part of the UUID hashing process.
"""
# Don't create a new session if one already exists.
if self.exists(user_id):
raise SessionExistsError
session = Session(user_id, user_secret)
# Store the session.
self.store.put(session)
return session
def initialize(self):
self.db = mongo
self.message = None
self.session = Session(self,
MemcacheStore(),
initializer={
'nickname': None,
'uid': None,
'email': None,
'super': False,
'artist': False,
})
self.session.processor(self)
def __init__(self, ):
self.session = Session()
self.PROMPT_MSG = 'JSCat >'
self.CMD_SESSION = None
self.input = PromptSession()
self.alias = {
'ls': 'dir ',
'kill': 'taskkill /F /PID ',
'ipconfig': 'ipconfig ',
'ifconfig': 'ipconfig ',
'netstat': 'netstat ',
'whoami': 'whoami /user',
'net': 'net ',
'wimc': 'wimc ',
}
def main():
# assign arugments
args = ArgumentParser()
args.add_argument('Username', help='email or username')
args.add_argument('wordlist', help='password list')
args.add_argument('threads', help='password per seconds. Any number <= 16')
args = args.parse_args()
if not exists(args.wordlist):
exit('[!] Unable to locate WordList `{}`'.format(args.wordlist))
if not args.threads.isdigit():
exit('[!] Threads must be a number')
# assign variables
engine = Bruter(args.username.title(), int(args.threads), args.wordlist)
session = Session(args.username.title(), args.wordlist)
if session.exists():
if _input('Do you want to resume the attack? [y/n]: ').split(
)[0][0] == 'y':
data = session.read()
if data:
engine.attempts = int(data['attempts'])
engine.passlist.queue = eval(data['queue'])
engine.retrieve = True
# start attack
try:
engine.start()
except KeyboardInterrupt:
engine.user_abort = True
finally:
if all([engine.spyder.proxy_info, not engine.isFound]):
engine.display(engine.pwd)
if all([not engine.read, engine.user_abort, not engine.isFound]):
print('{}[!] Exiting ...'.format(
'' if not engine.spyder.proxy_info else '\n'))
if all([engine.read, not engine.isFound]):
print('\n[*] Password not found')
sleep(1.5)
engine.stop()
def main():
# assign arugments
args = ArgumentParser()
args.add_argument('kullanýcý adý', help='email VEYA kullanýcý adý')
args.add_argument('wordlist', help='þifre listesi')
args.add_argument('denenenler',
help='saniye baþýna þifre. Herhangi bir numara <= 16')
args = args.parse_args()
if not exists(args.wordlist):
exit('[!] Bulunamadý `{}`'.format(args.wordlist))
if not args.threads.isdigit():
exit('[!]Konular bir sayý olmalýdýr ')
# assign variables
engine = Bruter(args.username.title(), int(args.threads), args.wordlist)
session = Session(args.username.title(), args.wordlist)
if session.exists():
if _input(
'attack ý baþlatmak istermisin? [y/n]: ').split()[0][0] == 'y':
data = session.read()
if data:
engine.attempts = int(data['attempts'])
engine.passlist.queue = eval(data['queue'])
engine.retrieve = True
# start attack
try:
engine.start()
except KeyboardInterrupt:
engine.user_abort = True
finally:
if all([engine.spyder.proxy_info, not engine.isFound]):
engine.display(engine.pwd)
if all([not engine.read, engine.user_abort, not engine.isFound]):
print('{}[!] çýkýlýyor ...'.format(
'' if not engine.spyder.proxy_info else '\n'))
if all([engine.read, not engine.isFound]):
print('\n[*] þifre bulunamadý')
sleep(1.5)
engine.stop()
def hook_get_session(self):
# TODO: session_id 应该基于 ip, uuid.uuid3(uuid.NAMESPACE_DNS, ip)
session_bucket = self.application.server_sess
session = None
session_id = self.get_cookie(".session")
if session_id:
session = session_bucket.get(session_id)
if not session:
session = Session()
session.callback = session_bucket.save
session.destroy = session_bucket.remove
return session
def main():
arugments = args()
mode = arugments.mode
username = arugments.username
wordlist = arugments.wordlist
modes = {0: 128, 1: 64, 2: 32, 3: 16}
if not exists(wordlist):
exit('[!] Invalid path to wordlist')
session = Session(username.title(), wordlist)
engine = Bruter(username.title(), modes[mode], wordlist)
if session.exists:
if _input('Do you want to resume the attack? [y/n]: ').split(
)[0][0] == 'y':
data = session.read()
if data:
engine.attempts = int(data['attempts'])
engine.passlist.queue = eval(data['queue'])
engine.retrieve = True
# start attack
try:
engine.start()
except KeyboardInterrupt:
engine.user_abort = True
engine.stop()
finally:
if all([engine.spyder.proxy_info, not engine.isFound]):
engine.display(engine.pwd)
if all([not engine.read, engine.user_abort, not engine.isFound]):
print('{}[!] Exiting ...'.format(
'' if not engine.spyder.proxy_info else '\n'))
if all([engine.read, not engine.isFound]):
print('\n[*] Password not found')
try:
sleep(1.5)
except:
pass
engine.stop()
def finish_saved_job(self, jobname):
"""Restore client with pickle. Transfer dump."""
restored_client = pickle.load(open(jobname, 'rb'))
cprint("Client restored!", 'green')
cprint("Retrieving RAM dump {}".format(restored_client.output), 'blue')
if not os.path.isdir(restored_client.output_dir):
os.mkdir(restored_client.output_dir)
saved_session = Session(restored_client)
delayed_profiler = Profiler()
LimeDeploy(saved_session, delayed_profiler).transfer_dump()
VolDeploy(saved_session).main(self.volatility_profile_dir)
cprint(
"Job {} pickup has been completed!".format(restored_client.output),
'green')
saved_session.disconnect()
os.remove(jobname)
def count_lines(self):
lines = 0
fingerprint = sha256(
self.username.lower().strip().encode() + self.service.lower().strip().encode()
).hexdigest().encode()
self.display.info('Reading wordlist ...')
with open(self.passlist_path, 'rb') as f:
for data in f:
lines += 1
chunk = sha256(data).hexdigest().encode()
fingerprint = sha256(fingerprint + chunk).hexdigest().encode()
self.fingerprint = fingerprint
self.session = Session(self.fingerprint)
return lines + 1
def grep_or_create_visit_label_db_info(bids_id, cand_id, visit_label, db,
createvisit, verbose, loris_bids_dir,
center_id):
"""
Greps (or creates if candidate does not exist and createcand is true) the
BIDS candidate in the LORIS candidate's table and return a list of
candidates with their related fields from the database.
:parma bids_id : BIDS ID of the candidate
:type bids_id : str
:param cand_id : CandID to use to create the session
:type cand_id : int
:param visit_label : Visit label to use to create the session
:type visit_label : str
:param db : database handler object
:type db : object
:param createvisit : if true, creates the candidate in LORIS
:type createvisit : bool
:param verbose : if true, prints out information while executing
:type verbose : bool
:param loris_bids_dir: LORIS BIDS import root directory to copy data
:type loris_bids_dir: str
:return: session information grepped from LORIS for cand_id and visit_label
:rtype: dict
"""
session = Session(verbose,
cand_id=cand_id,
visit_label=visit_label,
center_id=center_id)
loris_vl_info = session.get_session_info_from_loris(db)
if not loris_vl_info and createvisit:
loris_vl_info = session.create_session(db)
# create the visit directory for in the candidate folder of the LORIS
# BIDS import directory
lib.utilities.create_dir(
loris_bids_dir + "sub-" + bids_id + "/ses-" + visit_label, verbose)
return loris_vl_info
def run(ip, port, new_key, sleep_time):
# 获取当前使用的rc4加密key
rc4_key = get_rc4_key(new_key)
print('[*]server encrypt key is {}'.format(BOLD(rc4_key)))
# 启动http监听服务
session = Session()
shell = Shell(session)
httpd = Server(ip, port, JSCatServer, session, shell, rc4_key, sleep_time)
httpd.start()
print('[*]server running in {}:{}...'.format(BOLD(ip), BOLD(port)))
print_online_cmd(ip, port)
# 控制台命令输入
try:
while True:
if not httpd.shell.get_command():
httpd.shutdown()
exit()
except KeyboardInterrupt:
httpd.shutdown()
print('server shutdown')
def count_lines(self):
lines = 0
buffer = 256 << 23 # 4 bytes
fingerprint = sha256(
self.username.lower().strip().encode()
).hexdigest().encode()
with open(self.passlist_path, 'rb') as f:
data = f.read(buffer)
while data:
lines += data.count(b'\n')
data = f.read(buffer)
chunk = sha256(data).hexdigest().encode()
fingerprint = sha256(fingerprint + chunk).hexdigest().encode()
self.fingerprint = fingerprint
self.session = Session(self.fingerprint)
return lines + 1
def main():
logger.info("Starting robot")
session = Session()
update_delay = 1.0 / general_config.update_rate_hz
try:
session.start()
while True:
session.update()
time.sleep(update_delay)
except (LowBatteryException, ShutdownException) as e:
logger.error(str(e), exc_info=True)
shutdown(session)
except RebootException as e:
logger.error(str(e), exc_info=True)
reboot(session)
except (RelaunchException, DeviceRestartException) as e:
logger.error(str(e), exc_info=True)
relaunch(session)
except BaseException as e:
logger.error(str(e), exc_info=True)
close(session)
def count_lines(self, wordlist) -> int:
'''Count the number of lines in the wordlist.
'''
self.display.clear()
self.check_password_path()
lines = 0
fingerprint = sha256(
self.username.lower().strip().encode()).hexdigest().encode()
self.display.info('Loading password list', '', '...')
time.sleep(3)
with open(wordlist, 'rb') as f:
for data in f:
lines += 1
chunk = sha256(data).hexdigest().encode()
fingerprint = sha256(fingerprint + chunk).hexdigest().encode()
self.session = Session(fingerprint)
return lines
def initialize(self):
self.session = Session(self.application.session_manager, self)
self.init_data()
def __init__(self, *argc, **argkw):
super(WebBaseHandler, self).__init__(*argc, **argkw)
self.session = Session(self.application.session_manager, self)
if not exists(args.wordlist):
exit('[!] Unable to locate `{}`'.format(args.wordlist))
if not args.threads.isdigit():
exit('[!] Threads must be a number')
# assign variables
engine = Bruter(args.username.title(), int(args.threads), args.wordlist)
session = Session(args.username.title(), args.wordlist)
if session.exists():
if _input('Do you want to resume the attack? [y/n]: ').split()[0][0] == 'y':
data = session.read()
if data:
engine.attempts = int(data['attempts'])
engine.passlist.queue = eval(data['queue'])
engine.retrieve = True
def main(self):
"""Start the interactive session for LiMEaide."""
cprint("""\
.---. _______
| |.--. __ __ ___ __.....__ .--.\ ___ `'. __.....__
| ||__|| |/ `.' `. .-'' '. |__| ' |--.\ \ .-'' '.
| |.--.| .-. .-. ' / .-''"'-. `. .--. | | \ ' / .-''"'-. `.
| || || | | | | |/ /________\ \ __ | | | | | '/ /________\ |
| || || | | | | || | .:--.'. | | | | | || |
| || || | | | | |\ .-------------'/ | \ || | | | ' .'\ .-------------'
| || || | | | | | \ '-.____...---.`" __ | || | | |___.' /' \ '-.____...---.
| ||__||__| |__| |__| `. .' .'.''| ||__|/_______.'/ `. .'
'---' `''-...... -' / / | |_ \_______|/ `''-...... -'
\ \._,\ '/
`--' `"
by kd8bny {0}\n""".format(self.__version__),
'green',
attrs=['bold'])
print("LiMEaide is licensed under GPL-3.0\n"
"LiME is licensed under GPL-2.0\n")
date = datetime.strftime(datetime.today(), "%Y_%m_%dT%H_%M_%S_%f")
self.check_directories()
self.check_tools()
logging.basicConfig(level=logging.INFO,
filename='{0}{1}.log'.format(self.log_dir, date))
self.logger = logging.getLogger()
args = self.get_args()
config = configparser.ConfigParser()
config.read('.limeaide')
profiler = Profiler()
profiler.load_profiles()
client = self.get_client(args, config)
if args.pickup:
self.finish_saved_job(args.pickup)
sys.exit()
if args.case is not None:
self.args_case = 'case_%s' % (args.case)
# Start session
session = Session(client, args.verbose)
session.connect()
client.output_dir = "{0}{1}{2}/".format(self.output_dir,
self.args_case, date)
os.mkdir(client.output_dir)
if args.force_clean:
session.disconnect()
sys.exit("Clean attempt complete")
if args.profile is not None:
profile = profiler.select_profile(args.profile[0], args.profile[1],
args.profile[2])
if profile is None:
new_profile = input(
colored(
"No profiles found... Would you like to build a new" +
"profile for the remote client [Y/n] ", 'red'))
if new_profile.lower() == 'n':
sys.exit()
else:
client.profile = profile
cprint("Profile found!", 'green')
elif not args.no_profiler:
use_profile = input(
colored(
"Would you like to select a pre-generated profile " +
"[y/N] ", 'green'))
if use_profile.lower() == 'y':
profile = profiler.interactive_chooser()
if profile is None:
cprint(
"No profiles found... Will build new profile " +
"for remote client", 'red')
else:
client.profile = profile
LimeDeploy(session, profiler).main()
if args.delay_pickup:
self.save_job(client, client.jobname)
cprint("> RAM dump retrieval is postponed", 'green')
cprint(
"> To retrieve, run LiMEaide with" +
'"-P scheduled_jobs/{}.dat"'.format(client.jobname), 'yellow')
else:
# Now that's taken care of, lets do work on Volatility
VolDeploy(session).main(self.volatility_profile_dir)
session.disconnect()
logging.shutdown()
