def ClientServer():
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
try:
sock.bind(('0.0.0.0', 443))
except:
print('[{}] Agent server failed to bind: localhost:443'.format(
log_time()))
exit(1)
sock.listen(20)
# Continuously accept new connections
while True:
client_socket, addr = sock.accept()
try:
# ssl wrap sock
ssl_sock = wrap_socket(client_socket,
server_side=True,
certfile=CERT_FILE,
keyfile=KEY_FILE,
ssl_version=SSL_VERSION)
# Request handler in new thread
Thread(target=request_handler,
args=(
ssl_sock,
addr,
),
daemon=True).start()
except KeyboardInterrupt:
exit(0) # Debug
except Exception as e:
try:
sock_close(ssl_sock)
except:
pass
def update_admin(con, username, password, status):
# update user pwd or add new user
id = get_adminid(con, username)
password = md5(password.encode('utf-8')).hexdigest()
if id:
db_query(
con,
"""UPDATE ADMIN SET USERNAME='******', PASSWORD='******', LAST_LOGIN='******', STATUS='{}' WHERE ADMIN_ID={};"""
.format(username, password, log_time(), status, id))
logger("Admin: {} record updated".format(username))
else:
db_query(
con,
"""INSERT INTO ADMIN (USERNAME, PASSWORD, LAST_LOGIN, STATUS) VALUES ('{}','{}','{}','{}');"""
.format(username, password, log_time(), status))
logger("Admin: {} user added to database".format(username))
return
def post_command(con, client_id, username, command):
# Post a command from the admin http server
admin_id = get_adminid(con, username)
hostname = get_hostname(con, client_id)
db_query(
con,
"""INSERT INTO CMD (CLIENT_ID, ADMIN_ID, TIME, COMMAND, RESULT) VALUES ({},{},'{}','{}','');"""
.format(client_id, admin_id, log_time(), command))
logger("CMD: {} executed a command on {} ({})".format(
username, hostname,
cmd_decode(command).strip()))
def update_client(con, ip, hostname, os, status, pid, client_type, protocol):
id = get_clientid(con, hostname, pid)
if id:
db_query(
con,
"""UPDATE CLIENT SET IP='{}', HOSTNAME='{}', OS='{}', PID='{}', TYPE='{}', PROTOCOL='{}', LAST_CHECKIN='{}', STATUS='{}' WHERE CLIENT_ID={};"""
.format(ip, hostname, os, pid, client_type, protocol, log_time(),
status, id))
if status == 'Inactive':
logger("CLIENT: {} record updated ({}, {}, {})".format(
hostname, ip, os, status))
else:
db_query(
con,
"""INSERT INTO CLIENT (IP, HOSTNAME, OS, PID, TYPE, PROTOCOL, LAST_CHECKIN, STATUS) VALUES ('{}','{}','{}','{}','{}','{}','{}','{}');"""
.format(ip, hostname, os, pid, client_type, protocol, log_time(),
status))
logger("CLIENT: New Connection from: {} ({}, {}, {})".format(
hostname, ip, os, status))
id = get_clientid(con, hostname, pid)
return id
def update_admin(username, password, status):
# update user pwd or add new user
con = db_connect(DATABASE_FILE)
id = get_adminid(con, username)
password = md5(password.encode('utf-8')).hexdigest()
if id:
db_query(con, 'UPDATE ADMIN SET USERNAME="******",PASSWORD="******",LAST_LOGIN="******",STATUS="{}" WHERE ADMIN_ID={};'.format(username,password,log_time(),status,id))
logger("Admin: {} record updated".format(username))
else:
db_query(con, 'INSERT INTO ADMIN (USERNAME,PASSWORD,LAST_LOGIN,STATUS) VALUES ("{}","{}","{}","{}");'.format(username,password,log_time(),status))
logger("Admin: {} user added to database".format(username))
con.close()
return
def post_command(client_id, username, command):
# Post a command from the admin http server
con = db_connect(DATABASE_FILE)
admin_id = get_adminid(con,username)
hostname = get_hostname(con, client_id)
db_query(con, """INSERT INTO CMD (CLIENT_ID, ADMIN_ID, TIME, COMMAND, RESULT) VALUES ({},{},'{}','{}','');""".format(client_id, admin_id, log_time(),command))
logger("CMD: {} executed a command on {} ({})".format(username, hostname, b64decode(command).decode('utf-8')))
con.close()
def update_client(ip, hostname, os, status, pid, client_type, protocol):
try:
con = db_connect(DATABASE_FILE)
id = get_clientid(con, hostname, pid)
if id:
db_query(con, 'UPDATE CLIENT SET IP="{}",HOSTNAME="{}",OS="{}",PID="{}",TYPE="{}",PROTOCOL="{}",LAST_CHECKIN="{}",STATUS="{}" WHERE CLIENT_ID={};'.format(ip,hostname,os,pid,client_type,protocol,log_time(),status,id))
if status == 'Inactive':
logger("CLIENT: {} record updated ({}, {}, {})".format(hostname, ip, os, status))
else:
db_query(con, 'INSERT INTO CLIENT (IP,HOSTNAME,OS,PID,TYPE,PROTOCOL,LAST_CHECKIN,STATUS) VALUES ("{}","{}","{}","{}","{}","{}","{}","{}");'.format(ip,hostname,os,pid,client_type,protocol,log_time(),status))
logger("CLIENT: New Connection from: {} ({}, {}, {})".format(hostname, ip, os, status))
id = get_clientid(con, hostname, pid)
con.close()
return id
except Exception as e:
print(e)