def x11_cmd(*args): global forwarded_port if forwarded_port: print('x11 already bound to "localhost:%d"'%forwarded_port) term.pause() return t = Channel.get_instance().get_transport() # Find usable port for x_port in xrange(10, 30): try: t.request_port_forward('localhost', 6000+x_port, x11_handler) Channel.get_instance().get_interactive_chan().send( 'export DISPLAY=localhost:%d\n'%x_port) forwarded_port = x_port try: # setup xauth cookie # Some server may use the shared cookie authentication method. # Though we aren't using unix sockets, xlib apps # translate localhost to hostname/unix when it comes to # checking XAuthority files. cookie = commands.getoutput('xauth list %s' \ % os.environ.get('DISPLAY')) h, p, c = [x for x in cookie.splitlines()[0].split(' ') if x] Channel.get_instance().get_interactive_chan().send( 'xauth add `hostname`/unix:%d %s %s\n' \ %(x_port, p, c)) except:pass return except: continue print('Could not successfully forward any x11 port.') term.pause()
def sftp_cmd(*args): sftp = Channel.get_instance().get_transport().open_sftp_client() old_completer = readline.get_completer() readline.set_completer(sftp_completer(sftp)) old_delim = readline.get_completer_delims() readline.set_completer_delims(' /') global rcwd try: try: cmd = raw_input('SFTP> ') except EOFError: return except KeyboardInterrupt: return while not cmd or not 'quit'.startswith(cmd): args = [x for x in cmd.split(' ') if x] if args and args[0] in all_cmd: all_cmd[args[0]](sftp, args) else: print('invalid command') try: cmd = raw_input('SFTP> ') except EOFError: return except KeyboardInterrupt: return finally: readline.set_completer(old_completer) readline.set_completer_delims(old_delim)
def main(): completors = completor.init_completors(Settings.load()) partial_host_chain = opts.get_initial_host_chain() current_visibility = discover_visibility() chain = create_chain(completors, partial_host_chain, current_visibility) chan = Channel.get_instance() chan.chain_connect(chain) chan.get_interactive_chan() term.set_raw() try: while chan.run(): # run Forrest run pass finally: term.restore_tty()
def handle(self): from reach.channel import Channel chan = Channel.get_instance().get_chan(dict( hostname=self.__dst, port=self.__dport)) while True: readable = select.select([self.request, chan], [], [], 10)[0] if chan in readable: r_data = chan.recv(1024) self.request.send(r_data) if not r_data: return elif self.request in readable: r_data = self.request.recv(1024) chan.send(r_data) if not r_data: return
def handle(self): from reach.channel import Channel s_ver = ord(self.request.recv(1)) chan = None if s_ver == 0x04: # v4 connect s_cmd = ord(self.request.recv(1)) if s_cmd != 0x01: # TODO support bind command # return V4 error self.request.send(self.socks4response.pack(0, 0x5b, 0, 'oops')) return data = self.request.recv(self.socks4header.size) s_port, s_ip = self.socks4header.unpack(data) # convert to string ip dst_ip = '.'.join([str(ord(x)) for x in s_ip]) # receive null terminated user id user_id = '' c = self.request.recv(1) while c != '\x00': user_id += c c = self.request.recv(1) del c if s_ip.startswith('\x00\x00\x00') and s_ip[3] != '\x00': # v4a extension dst_ip = '' c = self.request.recv(1) while c != '\x00': dst_ip += c c = self.request.recv(1) del c chan = Channel.get_instance().get_chan(dict( hostname=dst_ip, port=s_port)) self.request.send(self.socks4response.pack(0, 0x5a, 0, 'moo!')) elif s_ver == 0x05: # socks v5 nb_auth = self.request.recv(1) auths = [] for i in xrange(ord(nb_auth)): auths.append(ord(self.request.recv(1))) if 0x00 in auths: # supports no-auth connections # return choice of no-auth self.request.send('\x05\x00') else: self.request.send('\x05\xFF') return # get request s_ver = self.request.recv(1) if s_ver != '\x05': print 'expected v5, got '+repr(s_ver) s_cmd = self.request.recv(1) if s_cmd != '\x01': pass # TODO bind s_nul = self.request.recv(1) s_add = self.request.recv(1) s_ip = '' dst_ip = '' if s_add == '\x01': # ipv4 s_ip = self.request.recv(4) # convert to string ip dst_ip = '.'.join([str(ord(x)) for x in s_ip]) elif s_add == '\x03': # domain name l = ord(self.request.recv(1)) dst_ip = self.request.recv(l) s_ip = struct.pack('!H', l)+dst_ip del l elif s_add == '\x04': # ipv6 s_ip = self.request.recv(16) # convert to string ip dst_ip = '.'.join([str(ord(x)) for x in s_ip]) else: return # malformed s_prt = struct.unpack('!H', self.request.recv(2))[0] chan = Channel.get_instance().get_chan(dict( hostname=dst_ip, port=s_prt)) # request granted self.request.send( self.socks5response.pack(0x05, 0x00, 0x00, ord(s_add))) self.request.send(s_ip) self.request.send(struct.pack('!H', s_prt)) else: # V4 error self.request.send(self.socks4response.pack(0, 0x5b, 0, 'oops')) return # TODO relay data while True: readable = select.select([self.request, chan], [], [], 10)[0] if chan in readable: r_data = chan.recv(1024) self.request.send(r_data) if not r_data: self.request.close() return elif self.request in readable: r_data = self.request.recv(1024) chan.send(r_data) if not r_data: chan.close() return