def ClientServer(): sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) try: sock.bind(('0.0.0.0', 443)) except: print('[{}] Agent server failed to bind: localhost:443'.format( log_time())) exit(1) sock.listen(20) # Continuously accept new connections while True: client_socket, addr = sock.accept() try: # ssl wrap sock ssl_sock = wrap_socket(client_socket, server_side=True, certfile=CERT_FILE, keyfile=KEY_FILE, ssl_version=SSL_VERSION) # Request handler in new thread Thread(target=request_handler, args=( ssl_sock, addr, ), daemon=True).start() except KeyboardInterrupt: exit(0) # Debug except Exception as e: try: sock_close(ssl_sock) except: pass
def update_admin(con, username, password, status): # update user pwd or add new user id = get_adminid(con, username) password = md5(password.encode('utf-8')).hexdigest() if id: db_query( con, """UPDATE ADMIN SET USERNAME='******', PASSWORD='******', LAST_LOGIN='******', STATUS='{}' WHERE ADMIN_ID={};""" .format(username, password, log_time(), status, id)) logger("Admin: {} record updated".format(username)) else: db_query( con, """INSERT INTO ADMIN (USERNAME, PASSWORD, LAST_LOGIN, STATUS) VALUES ('{}','{}','{}','{}');""" .format(username, password, log_time(), status)) logger("Admin: {} user added to database".format(username)) return
def post_command(con, client_id, username, command): # Post a command from the admin http server admin_id = get_adminid(con, username) hostname = get_hostname(con, client_id) db_query( con, """INSERT INTO CMD (CLIENT_ID, ADMIN_ID, TIME, COMMAND, RESULT) VALUES ({},{},'{}','{}','');""" .format(client_id, admin_id, log_time(), command)) logger("CMD: {} executed a command on {} ({})".format( username, hostname, cmd_decode(command).strip()))
def update_client(con, ip, hostname, os, status, pid, client_type, protocol): id = get_clientid(con, hostname, pid) if id: db_query( con, """UPDATE CLIENT SET IP='{}', HOSTNAME='{}', OS='{}', PID='{}', TYPE='{}', PROTOCOL='{}', LAST_CHECKIN='{}', STATUS='{}' WHERE CLIENT_ID={};""" .format(ip, hostname, os, pid, client_type, protocol, log_time(), status, id)) if status == 'Inactive': logger("CLIENT: {} record updated ({}, {}, {})".format( hostname, ip, os, status)) else: db_query( con, """INSERT INTO CLIENT (IP, HOSTNAME, OS, PID, TYPE, PROTOCOL, LAST_CHECKIN, STATUS) VALUES ('{}','{}','{}','{}','{}','{}','{}','{}');""" .format(ip, hostname, os, pid, client_type, protocol, log_time(), status)) logger("CLIENT: New Connection from: {} ({}, {}, {})".format( hostname, ip, os, status)) id = get_clientid(con, hostname, pid) return id
def update_admin(username, password, status): # update user pwd or add new user con = db_connect(DATABASE_FILE) id = get_adminid(con, username) password = md5(password.encode('utf-8')).hexdigest() if id: db_query(con, 'UPDATE ADMIN SET USERNAME="******",PASSWORD="******",LAST_LOGIN="******",STATUS="{}" WHERE ADMIN_ID={};'.format(username,password,log_time(),status,id)) logger("Admin: {} record updated".format(username)) else: db_query(con, 'INSERT INTO ADMIN (USERNAME,PASSWORD,LAST_LOGIN,STATUS) VALUES ("{}","{}","{}","{}");'.format(username,password,log_time(),status)) logger("Admin: {} user added to database".format(username)) con.close() return
def post_command(client_id, username, command): # Post a command from the admin http server con = db_connect(DATABASE_FILE) admin_id = get_adminid(con,username) hostname = get_hostname(con, client_id) db_query(con, """INSERT INTO CMD (CLIENT_ID, ADMIN_ID, TIME, COMMAND, RESULT) VALUES ({},{},'{}','{}','');""".format(client_id, admin_id, log_time(),command)) logger("CMD: {} executed a command on {} ({})".format(username, hostname, b64decode(command).decode('utf-8'))) con.close()
def update_client(ip, hostname, os, status, pid, client_type, protocol): try: con = db_connect(DATABASE_FILE) id = get_clientid(con, hostname, pid) if id: db_query(con, 'UPDATE CLIENT SET IP="{}",HOSTNAME="{}",OS="{}",PID="{}",TYPE="{}",PROTOCOL="{}",LAST_CHECKIN="{}",STATUS="{}" WHERE CLIENT_ID={};'.format(ip,hostname,os,pid,client_type,protocol,log_time(),status,id)) if status == 'Inactive': logger("CLIENT: {} record updated ({}, {}, {})".format(hostname, ip, os, status)) else: db_query(con, 'INSERT INTO CLIENT (IP,HOSTNAME,OS,PID,TYPE,PROTOCOL,LAST_CHECKIN,STATUS) VALUES ("{}","{}","{}","{}","{}","{}","{}","{}");'.format(ip,hostname,os,pid,client_type,protocol,log_time(),status)) logger("CLIENT: New Connection from: {} ({}, {}, {})".format(hostname, ip, os, status)) id = get_clientid(con, hostname, pid) con.close() return id except Exception as e: print(e)