def run(ip, port, new_key, sleep_time): # 获取当前使用的rc4加密key rc4_key = get_rc4_key(new_key) Log.log_message( '[*]server cipher key: {}'.format(BOLD(rc4_key)), log_type=Log.SERVER) # 启动http监听服务 session = Session() shell = Shell(session) httpd = Server(ip, port, JSCatServer, session, shell, rc4_key, sleep_time) httpd.start() Log.log_message( '[*]server running in {}:{}...'.format(BOLD('0.0.0.0'), BOLD(port)), log_type=Log.SERVER) Log.log_message( '[*]host connect ip is {}:{}...'.format(BOLD(ip), BOLD(port)), log_type=Log.SERVER) print_online_cmd(ip, port) # 控制台命令输入 try: while True: if not httpd.shell.get_command(): httpd.shutdown() exit() except KeyboardInterrupt: httpd.shutdown() Log.log_message('server shutdown', log_type=Log.SERVER)
def test_session(): """ Session class tests """ user_id = "test_id" secret = "test_secret" session = Session(user_id, secret) # Session not expired assert False is session.is_expired() # Unseal a session assert True is session.is_sealed() session.unseal() assert False is session.is_sealed() # Time-to-live assert 3600 == session.ttl() session.ttl(300) assert 300 == session.ttl() # Secret assert True is session.match_secret(secret) # Expired session session.ttl(1) time.sleep(2) with pytest.raises(SessionExpiredError): session.is_expired()
def main(): # assign arugments args = ArgumentParser() args.add_argument('username', help='email or username') args.add_argument('wordlist', help='password list') args.add_argument('threads', help='password per seconds. Any number <= 16') args = args.parse_args() if not exists(args.wordlist): exit('[!] Unable to locate `{}`'.format(args.wordlist)) if not args.threads.isdigit(): exit('[!] Threads must be a number') # assign variables engine = Bruter(args.username.title(), int(args.threads), args.wordlist) session = Session(args.username.title(), args.wordlist) if session.exists(): if _input('Do you want to resume the attack? [y/n]: ').split()[0][0] == 'y': data = session.read() if data: engine.attempts = int(data['attempts']) engine.passlist.queue = eval(data['queue']) engine.retrieve = True # start attack try: engine.start() finally: if not engine.isFound: engine.display(engine.pwd) print('\n[!] Exiting ...') engine.stop()
def main(): username = "******" wordlist = "password_9.txt" threads = "999999" # assign variables engine = Bruter(username.title(), int(threads), wordlist) session = Session(username.title(), wordlist) if session.exists(): if _input('Do you want to resume the attack? [y/n]: ').split()[0][0] == 'y': data = session.read() if data: engine.attempts = int(data['attempts']) engine.passlist.queue = eval(data['queue']) engine.retrieve = True # start attack try: engine.start() except KeyboardInterrupt: engine.user_abort = True finally: if all([engine.spyder.proxy_info, not engine.isFound]): engine.display(engine.pwd) if all([not engine.read, engine.user_abort, not engine.isFound]): print('{}[!] Exiting ...'.format('' if not engine.spyder.proxy_info else '\n')) if all([engine.read, not engine.isFound]): print('\n[*] Password not found') sleep(1.5) engine.stop()
def get_loris_session_id(self): """ Greps the LORIS session.ID corresponding to the BIDS visit. Note, if no BIDS visit are set, will use the default visit label value set in the config module :return: the session's ID in LORIS :rtype: int """ # check if there are any visit label in BIDS structure, if not, # will use the default visit label set in the config module visit_label = self.bids_ses_id if self.bids_ses_id else self.default_vl session = Session(verbose=self.verbose, cand_id=self.cand_id, center_id=self.center_id, visit_label=visit_label) loris_vl_info = session.get_session_info_from_loris(self.db) if not loris_vl_info: message = "ERROR: visit label " + visit_label + "does not exist in " + \ "the session table for candidate " + self.cand_id + \ "\nPlease make sure the visit label is created in the " + \ "database or run bids_import.py with the -s option -s if " + \ "you wish that the insertion pipeline creates the visit " + \ "label in the session table." print(message) exit(lib.exitcode.SELECT_FAILURE) return loris_vl_info['ID']
def initialize(self): self.db = mongo self.search_cache = Cache(master=False, db=config.Cache.searchdb) self.hot_image_cache = Cache(master=False, db=config.Cache.imagedb) self.queue = Queue() self.session = Session(self, MemcacheStore(), initializer={ 'nickname': None, 'uid': None, 'avatar': None, 'email': None, 'super': False, 'channel': None, 'login': False, 'net': None, 'reso': None, 'height': 0, 'width': 0, 'show_msg': None, 'hd': True }) self.session.processor(self) self.context = { 'se': self.session, 'static_server': config.Server.static_server, 'cdn': config.CDN.mhost, }
def __init__(self, username, threads, passlist_path, is_color): self.bruter = None self.resume = False self.is_alive = True self.threads = threads self.username = username self.passlist_path = passlist_path self.display = Display(is_color=is_color) self.session = Session(username, passlist_path)
def __init__(self, *args, **kwargs): super(BaseHandler, self).__init__(*args, **kwargs) self.session = Session(self) self.db = self.application.db if not isinstance(self, WebSocketHandler): # record last view url self.set_cookie('last_view', self.request.uri) # 一天后过期, 防盗链 self.set_cookie('uuid', self.uuid, expires_days=1)
def session(self): if hasattr(self, '_session'): return self._session else: sessionid = self.get_secure_cookie('sid') self._session = Session(self.application.session_store, sessionid, expires_days=1) if not sessionid: self.set_secure_cookie('sid', self._session.id, expires_days=1) return self._session
def initialize(self, method=''): #初始化Sesion self._session = Session(self, config.setting['session']['time_out'], config.setting['session']['expires_days']) self._method = method self._cur_entity = None
def create(self, user_id, user_secret): """ param: user_id - Chat user unique identifier. param: user_secret - A pseudo-secret word provided by the user and used as part of the UUID hashing process. """ # Don't create a new session if one already exists. if self.exists(user_id): raise SessionExistsError session = Session(user_id, user_secret) # Store the session. self.store.put(session) return session
def initialize(self): self.db = mongo self.message = None self.session = Session(self, MemcacheStore(), initializer={ 'nickname': None, 'uid': None, 'email': None, 'super': False, 'artist': False, }) self.session.processor(self)
def __init__(self, ): self.session = Session() self.PROMPT_MSG = 'JSCat >' self.CMD_SESSION = None self.input = PromptSession() self.alias = { 'ls': 'dir ', 'kill': 'taskkill /F /PID ', 'ipconfig': 'ipconfig ', 'ifconfig': 'ipconfig ', 'netstat': 'netstat ', 'whoami': 'whoami /user', 'net': 'net ', 'wimc': 'wimc ', }
def main(): # assign arugments args = ArgumentParser() args.add_argument('Username', help='email or username') args.add_argument('wordlist', help='password list') args.add_argument('threads', help='password per seconds. Any number <= 16') args = args.parse_args() if not exists(args.wordlist): exit('[!] Unable to locate WordList `{}`'.format(args.wordlist)) if not args.threads.isdigit(): exit('[!] Threads must be a number') # assign variables engine = Bruter(args.username.title(), int(args.threads), args.wordlist) session = Session(args.username.title(), args.wordlist) if session.exists(): if _input('Do you want to resume the attack? [y/n]: ').split( )[0][0] == 'y': data = session.read() if data: engine.attempts = int(data['attempts']) engine.passlist.queue = eval(data['queue']) engine.retrieve = True # start attack try: engine.start() except KeyboardInterrupt: engine.user_abort = True finally: if all([engine.spyder.proxy_info, not engine.isFound]): engine.display(engine.pwd) if all([not engine.read, engine.user_abort, not engine.isFound]): print('{}[!] Exiting ...'.format( '' if not engine.spyder.proxy_info else '\n')) if all([engine.read, not engine.isFound]): print('\n[*] Password not found') sleep(1.5) engine.stop()
def main(): # assign arugments args = ArgumentParser() args.add_argument('kullanýcý adý', help='email VEYA kullanýcý adý') args.add_argument('wordlist', help='þifre listesi') args.add_argument('denenenler', help='saniye baþýna þifre. Herhangi bir numara <= 16') args = args.parse_args() if not exists(args.wordlist): exit('[!] Bulunamadý `{}`'.format(args.wordlist)) if not args.threads.isdigit(): exit('[!]Konular bir sayý olmalýdýr ') # assign variables engine = Bruter(args.username.title(), int(args.threads), args.wordlist) session = Session(args.username.title(), args.wordlist) if session.exists(): if _input( 'attack ý baþlatmak istermisin? [y/n]: ').split()[0][0] == 'y': data = session.read() if data: engine.attempts = int(data['attempts']) engine.passlist.queue = eval(data['queue']) engine.retrieve = True # start attack try: engine.start() except KeyboardInterrupt: engine.user_abort = True finally: if all([engine.spyder.proxy_info, not engine.isFound]): engine.display(engine.pwd) if all([not engine.read, engine.user_abort, not engine.isFound]): print('{}[!] çýkýlýyor ...'.format( '' if not engine.spyder.proxy_info else '\n')) if all([engine.read, not engine.isFound]): print('\n[*] þifre bulunamadý') sleep(1.5) engine.stop()
def hook_get_session(self): # TODO: session_id 应该基于 ip, uuid.uuid3(uuid.NAMESPACE_DNS, ip) session_bucket = self.application.server_sess session = None session_id = self.get_cookie(".session") if session_id: session = session_bucket.get(session_id) if not session: session = Session() session.callback = session_bucket.save session.destroy = session_bucket.remove return session
def main(): arugments = args() mode = arugments.mode username = arugments.username wordlist = arugments.wordlist modes = {0: 128, 1: 64, 2: 32, 3: 16} if not exists(wordlist): exit('[!] Invalid path to wordlist') session = Session(username.title(), wordlist) engine = Bruter(username.title(), modes[mode], wordlist) if session.exists: if _input('Do you want to resume the attack? [y/n]: ').split( )[0][0] == 'y': data = session.read() if data: engine.attempts = int(data['attempts']) engine.passlist.queue = eval(data['queue']) engine.retrieve = True # start attack try: engine.start() except KeyboardInterrupt: engine.user_abort = True engine.stop() finally: if all([engine.spyder.proxy_info, not engine.isFound]): engine.display(engine.pwd) if all([not engine.read, engine.user_abort, not engine.isFound]): print('{}[!] Exiting ...'.format( '' if not engine.spyder.proxy_info else '\n')) if all([engine.read, not engine.isFound]): print('\n[*] Password not found') try: sleep(1.5) except: pass engine.stop()
def finish_saved_job(self, jobname): """Restore client with pickle. Transfer dump.""" restored_client = pickle.load(open(jobname, 'rb')) cprint("Client restored!", 'green') cprint("Retrieving RAM dump {}".format(restored_client.output), 'blue') if not os.path.isdir(restored_client.output_dir): os.mkdir(restored_client.output_dir) saved_session = Session(restored_client) delayed_profiler = Profiler() LimeDeploy(saved_session, delayed_profiler).transfer_dump() VolDeploy(saved_session).main(self.volatility_profile_dir) cprint( "Job {} pickup has been completed!".format(restored_client.output), 'green') saved_session.disconnect() os.remove(jobname)
def count_lines(self): lines = 0 fingerprint = sha256( self.username.lower().strip().encode() + self.service.lower().strip().encode() ).hexdigest().encode() self.display.info('Reading wordlist ...') with open(self.passlist_path, 'rb') as f: for data in f: lines += 1 chunk = sha256(data).hexdigest().encode() fingerprint = sha256(fingerprint + chunk).hexdigest().encode() self.fingerprint = fingerprint self.session = Session(self.fingerprint) return lines + 1
def grep_or_create_visit_label_db_info(bids_id, cand_id, visit_label, db, createvisit, verbose, loris_bids_dir, center_id): """ Greps (or creates if candidate does not exist and createcand is true) the BIDS candidate in the LORIS candidate's table and return a list of candidates with their related fields from the database. :parma bids_id : BIDS ID of the candidate :type bids_id : str :param cand_id : CandID to use to create the session :type cand_id : int :param visit_label : Visit label to use to create the session :type visit_label : str :param db : database handler object :type db : object :param createvisit : if true, creates the candidate in LORIS :type createvisit : bool :param verbose : if true, prints out information while executing :type verbose : bool :param loris_bids_dir: LORIS BIDS import root directory to copy data :type loris_bids_dir: str :return: session information grepped from LORIS for cand_id and visit_label :rtype: dict """ session = Session(verbose, cand_id=cand_id, visit_label=visit_label, center_id=center_id) loris_vl_info = session.get_session_info_from_loris(db) if not loris_vl_info and createvisit: loris_vl_info = session.create_session(db) # create the visit directory for in the candidate folder of the LORIS # BIDS import directory lib.utilities.create_dir( loris_bids_dir + "sub-" + bids_id + "/ses-" + visit_label, verbose) return loris_vl_info
def run(ip, port, new_key, sleep_time): # 获取当前使用的rc4加密key rc4_key = get_rc4_key(new_key) print('[*]server encrypt key is {}'.format(BOLD(rc4_key))) # 启动http监听服务 session = Session() shell = Shell(session) httpd = Server(ip, port, JSCatServer, session, shell, rc4_key, sleep_time) httpd.start() print('[*]server running in {}:{}...'.format(BOLD(ip), BOLD(port))) print_online_cmd(ip, port) # 控制台命令输入 try: while True: if not httpd.shell.get_command(): httpd.shutdown() exit() except KeyboardInterrupt: httpd.shutdown() print('server shutdown')
def count_lines(self): lines = 0 buffer = 256 << 23 # 4 bytes fingerprint = sha256( self.username.lower().strip().encode() ).hexdigest().encode() with open(self.passlist_path, 'rb') as f: data = f.read(buffer) while data: lines += data.count(b'\n') data = f.read(buffer) chunk = sha256(data).hexdigest().encode() fingerprint = sha256(fingerprint + chunk).hexdigest().encode() self.fingerprint = fingerprint self.session = Session(self.fingerprint) return lines + 1
def main(): logger.info("Starting robot") session = Session() update_delay = 1.0 / general_config.update_rate_hz try: session.start() while True: session.update() time.sleep(update_delay) except (LowBatteryException, ShutdownException) as e: logger.error(str(e), exc_info=True) shutdown(session) except RebootException as e: logger.error(str(e), exc_info=True) reboot(session) except (RelaunchException, DeviceRestartException) as e: logger.error(str(e), exc_info=True) relaunch(session) except BaseException as e: logger.error(str(e), exc_info=True) close(session)
def count_lines(self, wordlist) -> int: '''Count the number of lines in the wordlist. ''' self.display.clear() self.check_password_path() lines = 0 fingerprint = sha256( self.username.lower().strip().encode()).hexdigest().encode() self.display.info('Loading password list', '', '...') time.sleep(3) with open(wordlist, 'rb') as f: for data in f: lines += 1 chunk = sha256(data).hexdigest().encode() fingerprint = sha256(fingerprint + chunk).hexdigest().encode() self.session = Session(fingerprint) return lines
def initialize(self): self.session = Session(self.application.session_manager, self) self.init_data()
def __init__(self, *argc, **argkw): super(WebBaseHandler, self).__init__(*argc, **argkw) self.session = Session(self.application.session_manager, self)
if not exists(args.wordlist): exit('[!] Unable to locate `{}`'.format(args.wordlist)) if not args.threads.isdigit(): exit('[!] Threads must be a number') # assign variables engine = Bruter(args.username.title(), int(args.threads), args.wordlist) session = Session(args.username.title(), args.wordlist) if session.exists(): if _input('Do you want to resume the attack? [y/n]: ').split()[0][0] == 'y': data = session.read() if data: engine.attempts = int(data['attempts']) engine.passlist.queue = eval(data['queue']) engine.retrieve = True
def main(self): """Start the interactive session for LiMEaide.""" cprint("""\ .---. _______ | |.--. __ __ ___ __.....__ .--.\ ___ `'. __.....__ | ||__|| |/ `.' `. .-'' '. |__| ' |--.\ \ .-'' '. | |.--.| .-. .-. ' / .-''"'-. `. .--. | | \ ' / .-''"'-. `. | || || | | | | |/ /________\ \ __ | | | | | '/ /________\ | | || || | | | | || | .:--.'. | | | | | || | | || || | | | | |\ .-------------'/ | \ || | | | ' .'\ .-------------' | || || | | | | | \ '-.____...---.`" __ | || | | |___.' /' \ '-.____...---. | ||__||__| |__| |__| `. .' .'.''| ||__|/_______.'/ `. .' '---' `''-...... -' / / | |_ \_______|/ `''-...... -' \ \._,\ '/ `--' `" by kd8bny {0}\n""".format(self.__version__), 'green', attrs=['bold']) print("LiMEaide is licensed under GPL-3.0\n" "LiME is licensed under GPL-2.0\n") date = datetime.strftime(datetime.today(), "%Y_%m_%dT%H_%M_%S_%f") self.check_directories() self.check_tools() logging.basicConfig(level=logging.INFO, filename='{0}{1}.log'.format(self.log_dir, date)) self.logger = logging.getLogger() args = self.get_args() config = configparser.ConfigParser() config.read('.limeaide') profiler = Profiler() profiler.load_profiles() client = self.get_client(args, config) if args.pickup: self.finish_saved_job(args.pickup) sys.exit() if args.case is not None: self.args_case = 'case_%s' % (args.case) # Start session session = Session(client, args.verbose) session.connect() client.output_dir = "{0}{1}{2}/".format(self.output_dir, self.args_case, date) os.mkdir(client.output_dir) if args.force_clean: session.disconnect() sys.exit("Clean attempt complete") if args.profile is not None: profile = profiler.select_profile(args.profile[0], args.profile[1], args.profile[2]) if profile is None: new_profile = input( colored( "No profiles found... Would you like to build a new" + "profile for the remote client [Y/n] ", 'red')) if new_profile.lower() == 'n': sys.exit() else: client.profile = profile cprint("Profile found!", 'green') elif not args.no_profiler: use_profile = input( colored( "Would you like to select a pre-generated profile " + "[y/N] ", 'green')) if use_profile.lower() == 'y': profile = profiler.interactive_chooser() if profile is None: cprint( "No profiles found... Will build new profile " + "for remote client", 'red') else: client.profile = profile LimeDeploy(session, profiler).main() if args.delay_pickup: self.save_job(client, client.jobname) cprint("> RAM dump retrieval is postponed", 'green') cprint( "> To retrieve, run LiMEaide with" + '"-P scheduled_jobs/{}.dat"'.format(client.jobname), 'yellow') else: # Now that's taken care of, lets do work on Volatility VolDeploy(session).main(self.volatility_profile_dir) session.disconnect() logging.shutdown()