def testAcc(UN, PW):
user = User(UN, PW)
# user.register(user.username, user.password)
# user.loggedIn(user.username, user.password)
# user.addText(user.username, "yeah boiiiiii")
# user.deleteUser(user.username)
user.showText(UN)
def getUserDetails(name='unknown', details='all'):
usersCollection = db['users']
userDetails = usersCollection.find_one({"name":name})
if details == 'all':
print userDetails
else:
print userDetails[details]
user = User()
user.getDetails(name)
user.display()
def user(command):
print "WIP"
result = ""
if request.query.get('name'):
name = request.query.get('name')
print "name: "+name
user = User()
try:
user.getDetails(name)
except Exception, e:
print "failed to find user "+name
print "traceback: "+str(e)
def login(ctoken):
global LOGIN, USER
try:
token = decrypt(ctoken)
USER = User.deserialize(token)
LOGIN = True
except Exception as e:
if e.__class__.__name__ == 'UnicodeDecodeError':
print('Unicode Decode Error')
else:
print(e)
USER = None
LOGIN = False
def readFromList(self):
openfile = open('../users.csv')
csv_f = csv.reader(openfile)
for row in csv_f:
username = row[0].strip()
newUser = User(username)
try:
newUser.setFaceit(row[1].strip())
newUser.setdiscordID(row[2].strip())
if (len(row[1].strip()) > 0) & (len(row[2].strip() > 0)):
print("set faceit user" + username + newUser.getFaceit() +
newUser.getdiscordID())
except:
pass
self.addPlayer(newUser)
openfile.close()
def readFromList(self):
openfile = open('../users.csv')
csv_f = csv.reader(openfile)
for row in csv_f:
username = row[0].strip()
newUser = User(username)
try:
faceitNames = list((row[1].strip()).split())
for i in faceitNames:
newUser.setFaceit(i)
newUser.setdiscordID(row[2].strip())
print("set faceit user" + username + newUser.getFaceit() +
newUser.getdiscordID())
except:
pass
self.addPlayer(newUser)
openfile.close()
def save_to_db(
self,save_self=True,is_top=None,like_cot=None,comment_cot=None,
via_cot=None,content=None,weibo_id=None,
user_id=None,submit_time=None,
source=None,is_via=None,via_weibo_id=None
):
if save_self:
user_id = self.author_account_id
weibo_id = self.weibo_id
if self.get_db_id(weibo_id):
print('Weibo save error: Has been saved previously')
return False
author_db_id = self.get_author_db_id(user_account_id=user_id)
if not author_db_id:
user = User(
user_account_id = user_id,
conn = self.conn,
#ready_browser = self.driver
)
user.show_in_cmd()
user.save_to_db()
#author_db_id = self.get_author_db_id(user_account_id=user_id)
author_db_id = user.db_id
user.destory()
else:
print('Author has been saved previously')
if save_self:
method_tuple = (self.is_top,self.like_cot,self.comment_cot,self.via_cot,self.content,self.weibo_id,self.submit_time,self.source,self.is_via,self.via_weibo_id,time.localtime(),author_db_id)
else:
method_tuple = (is_top,like_cot,comment_cot,via_cot,content,weibo_id,submit_time,source,is_via,via_weibo_id,time.localtime(),author_db_id)
try:
self.conn.cursor().execute(
'insert into weibo(is_top,like_cot,comment_cot,via_cot,content,weibo_id,submit_time,source,is_via,via_weibo_id,create_time,user)'
'values(%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s)',
method_tuple
)
self.conn.commit()
print ('Weibo save success!')
return True
except Exception as e:
print ('Weibo save error:'+str(e))
return False
def user_loader(userid):
tempUser = None
try:
connection = psycopg2.connect(user="******",
password="******",
host="127.0.0.1",
port="5432",
database="postgres")
cursor = connection.cursor()
user_query = """SELECT * FROM users WHERE userid=%s"""
cursor.execute(user_query, (userid, ))
temp = cursor.fetchone()
tempUser = User(temp[0], temp[1], temp[2], temp[3], temp[4], temp[5],
temp[6], temp[7], temp[8])
connection.commit()
except (Exception, psycopg2.Error) as error:
print("Error while connecting to PostgreSQL", error)
finally:
if (connection):
cursor.close()
connection.close()
print("PostgreSQL connection is closed")
return tempUser
def checkLANMembers():
"""
Description:
This function checks who is on LAN
"""
logger.info("Checking localnet for online devices")
# set up configuration and temporary files
# config file for daemon specific configs
configFile = (os.path.join(os.path.join(os.getcwd(),os.path.dirname(__file__)),'../conf/alfr3ddaemon.conf'))
# temporary file for storing results of network scan
netclientsfile = os.path.join(os.path.join(os.getcwd(),os.path.dirname(__file__)),'../log/netclients.tmp')
# temporary file for secondary network scan
nethostsfile = os.path.join(os.path.join(os.getcwd(),os.path.dirname(__file__)),'../log/nethosts.tmp')
# depending on where the daemon is running....
# find out who is online
if socket.gethostname() == 'psamathe':
#os.system("sudo arp-scan --interface=p1p1 --localnet > "+ netclientsfile) #PSAMATHE
os.system("sudo arp-scan --localnet > "+ netclientsfile) #PSAMATHE
else:
os.system("sudo arp-scan --localnet > "+ netclientsfile)
netClients = open(netclientsfile, 'r')
netClientsMACs = []
netClientsIPs = []
netClientsHosts = []
# Parse MAC and IP addresses (depending on host)
if socket.gethostname() == 'psamathe':
for line in netClients:
ret = line.split('\t')
ret2 = ret[0].split('.')
if ret2[0] == ('192') and ret2[1] == ('168'):
print ret[0]
# parse MAC addresses from arp-scan run
netClientsMACs.append(ret[1])
# parse IP addresses from arp-scan run
netClientsIPs.append(ret[0])
else:
for line in netClients:
ret = line.split('\t')
ret2 = ret[0].split('.')
if ret2[0] == ('10') and ret2[1] == ('0'):
# parse MAC addresses from arp-scan run
netClientsMACs.append(ret[1])
# parse IP addresses from arp-scan run
netClientsIPs.append(ret[0])
elif ret2[0] == ('192') and ret2[1] == ('168'):
# parse MAC addresses from arp-scan run
netClientsMACs.append(ret[1])
# parse IP addresses from arp-scan run
netClientsIPs.append(ret[0])
# clean up and parse MAC&IP info
netClients2 = {}
for i in range(len(netClientsMACs)):
netClients2[netClientsMACs[i]] = netClientsIPs[i]
# find who is online and
# update DB status and last_online time
for member in netClientsMACs:
device = Device()
exists = device.getDetails(member)
#if device exists in the DB update it
if exists:
logger.info("Updating device with MAC: "+member)
device.IP = netClients2[member]
time_away = device.last_online - time()
device.update()
# if user is gone for more than 5 minutes...
# if time_away > (5*60):
# speakWelcome(device.user, time_away)
#otherwise, create and add it.
else:
logger.info("Creating a new DB entry for device with MAC: "+member)
device.IP = netClients2[member]
device.MAC = member
device.newDevice(member)
logger.info("Updating users")
user = User()
user.refreshAll()
logger.info("Updating devices")
device = Device()
device.refreshAll()
logger.info("Cleaning up temporary files")
os.system('rm -rf '+netclientsfile)
os.system('rm -rf '+nethostsfile)
import pymysql
import hashlib
import time
from userClass import User
from extensions import mysql
from flask import jsonify, Flask, flash, request, Blueprint, render_template, redirect, url_for, session
from werkzeug.security import generate_password_hash, check_password_hash
# Werkzeug library used to verify user password matches with the DB password
# Flask-Login extension manages login state and user sessions
# Blueprint object for login
login_api = Blueprint('login_api', __name__)
# New user object
new_user = User()
@login_api.route('/')
def index():
return('Welcome to login!')
@login_api.route('/login_page', methods=['GET', 'POST'])
def login():
msg = 'Oops, cannot login'
# Check if 'username' and 'password' POST request exist in the client-side form
# https://dev.mysql.com/doc/refman/8.0/en/encryption-functions.html#function_aes-encrypthttps://dev.mysql.com/doc/refman/8.0/en/encryption-functions.html#function_aes-encryptsts
if request.method == 'POST' and 'username' in request.form and 'password' in request.form:
new_user.id = request.form['id']
new_user.username = request.form['username']
new_user.password = request.form['password']
from userClass import User
flag = 'flag{paddin6_or4c1e_2_un1c0de_length_inc0ns1stency_2_cut_and_p4ste_2_fl4g}'
key = b'Avery_secure_key'
iv = b'your_everyday_iv'
user = User.construct('a lonely cat who wants a friend', 0, 0,
'hi i am cat M30W~ME0W~MEOW~M3OW')
if request.query.get('user'):
updateList['user'] = request.query.get('user')
if request.query.get('deviceType'):
updateList['deviceType'] = request.query.get('deviceType')
# set device details
try:
device.setDetails(updateList)
except Exception, e:
print "failed to update device wiht MAC "+mac
print "traceback: "+str(e)
return template('<b>failed to update device wiht MAC '+mac+'</b>!')
# update last_online time for the corresponding user
try:
user = User()
user.getDetails(device.user)
user.setDetails({'last_online':updateList['last_online']})
except Exception, e:
print "failed to update last seen time for user "+device.user
print "traceback: "+str(e)
return template('<b>failed to update last seen time for user '+device.user+'</b>!')
redirect('/device/get?MAC='+mac)
@route ('/instance/<command>')
def instance(command):
print "TODO"
def txt2HTML(txt):
result = "<HTML><HEAD><TITLE>Alfr3d:Results</TITLE></HEAD><BODY>\n"
# Use for testing functions because sometimes,
# you can't be too sure of the documentation you read
import hashlib
from werkzeug.security import generate_password_hash, check_password_hash
from userClass import User
# Testing password hashing and check password hash using werkzeug.security
hash = generate_password_hash('foobar')
if check_password_hash(hash, 'boob'):
print('Password matches', hash)
else:
print('Password does not match')
dummy = User()
dummy.id = 5
dummy.username = "******"
dummy.password = "******"
hashD = generate_password_hash(dummy.password)
# encode() converts string into bytes to be acceptable by hash function
# hexdigest() returns encoded data into hexadecimal format
# does match with database aes_encrypt 256
password = "******"
result = hashlib.sha256(password.encode())
print("sha256: ", result.hexdigest())
print(dummy.id, dummy.username, dummy.password, hashD)
def checkLANMembers():
"""
Description:
This function checks who is on LAN
"""
logger.info("Checking localnet for online devices")
# set up configuration and temporary files
# config file for daemon specific configs
configFile = (os.path.join(os.path.join(os.getcwd(),os.path.dirname(__file__)),'../conf/alfr3ddaemon.conf'))
# temporary file for storing results of network scan
netclientsfile = os.path.join(os.path.join(os.getcwd(),os.path.dirname(__file__)),'../log/netclients.tmp')
# temporary file for secondary network scan
nethostsfile = os.path.join(os.path.join(os.getcwd(),os.path.dirname(__file__)),'../log/nethosts.tmp')
# depending on where the daemon is running....
# find out who is online
if socket.gethostname() == 'psamathe':
#os.system("sudo arp-scan --interface=p1p1 --localnet > "+ netclientsfile) #PSAMATHE
os.system("sudo arp-scan --localnet > "+ netclientsfile) #PSAMATHE
else:
os.system("sudo arp-scan --localnet > "+ netclientsfile)
netClients = open(netclientsfile, 'r')
netClientsMACs = []
netClientsIPs = []
netClientsHosts = []
# Parse MAC and IP addresses (depending on host)
if socket.gethostname() == 'psamathe':
for line in netClients:
ret = line.split('\t')
ret2 = ret[0].split('.')
if ret2[0] == ('192') and ret2[1] == ('168'):
print ret[0]
# parse MAC addresses from arp-scan run
netClientsMACs.append(ret[1])
# parse IP addresses from arp-scan run
netClientsIPs.append(ret[0])
else:
for line in netClients:
ret = line.split('\t')
ret2 = ret[0].split('.')
if ret2[0] == ('10') and ret2[1] == ('0'):
# parse MAC addresses from arp-scan run
netClientsMACs.append(ret[1])
# parse IP addresses from arp-scan run
netClientsIPs.append(ret[0])
elif ret2[0] == ('192') and ret2[1] == ('168'):
# parse MAC addresses from arp-scan run
netClientsMACs.append(ret[1])
# parse IP addresses from arp-scan run
netClientsIPs.append(ret[0])
# clean up and parse MAC&IP info
netClients2 = {}
for i in range(len(netClientsMACs)):
netClients2[netClientsMACs[i]] = netClientsIPs[i]
# find who is online and
# update DB status and last_online time
for member in netClientsMACs:
device = Device()
exists = device.getDetails(member)
#if device exists in the DB update it
if exists:
logger.info("Updating device with MAC: "+member)
device.IP = netClients2[member]
time_away = device.last_online - time()
device.update()
# if user is gone for more than 5 minutes...
if time_away > (5*60):
speakWelcome(device.user, time_away)
#otherwise, create and add it.
else:
logger.info("Creating a new DB entry for device with MAC: "+member)
device.IP = netClients2[member]
device.MAC = member
device.newDevice(member)
logger.info("Updating users")
user = User()
user.refreshAll()
logger.info("Updating devices")
device = Device()
device.refreshAll()
logger.info("Cleaning up temporary files")
os.system('rm -rf '+netclientsfile)
os.system('rm -rf '+nethostsfile)
source_files.append(file)
print('{0:>1}: {1:>40}'.format(len(source_files), file))
csvpath = ''
while not ((csvpath in source_files) or
(csvpath.isdigit() and 0 < int(csvpath) <= len(source_files))):
csvpath = input(
"\nenter filename 'filename.csv' for source file or its number from list above\n"
)
if csvpath.isdigit():
csvpath = source_files[int(csvpath) - 1]
raw_data = tools.csv_parser(csvpath)
table = tools.packer(raw_data)
users = [
User(handler, num + 1, tools.get_user(num, table))
for num in range(len(table['staffid']))
]
if not tools.approving(handler, csvpath, users):
sys.exit(0)
auth = tools.authentication()
session, login = auth['session'], auth['login']
print('')
if handler == 'upload':
for u in users:
u.check(session)
if u.get_verify_status():