def _upload_file(self, filename): "Take an arbitrary file and sends it to the server" csrf = self.grab_csrf() cmd = "curl -b /tmp/cookies.txt -F 'docfile=@%s' "\ "-F 'csrfmiddlewaretoken=%s' %s/arp_upload/ 2>/dev/null" % (filename, csrf, self.options.server_url) output = run_or_die(cmd) if output == "cool.": return OK return output
def grab_csrf(self): """ We have to pull the CSRF from the website in order to keep the server happy. """ cmd = "curl -c /tmp/cookies.txt %s/arp_upload/ 2>/dev/null" % self.options.server_url output = run_or_die(cmd) matches = re.compile("name='csrfmiddlewaretoken' value='(\S+)'" ).findall(output) if not matches: self.log("Could not detect csrf from server") raise UploadException(self.options.server_url, output) return matches[0]
def upload_arp_table(self): "Responsible for sending everything of value to the server" arp_data = run_or_die('arp -an') fd, file_name = tempfile.mkstemp(prefix="arp_") open(file_name, 'w').write(arp_data) output = self._upload_file(file_name) if output == OK: gso('rm -f %s' % file_name) os.close(fd) return OK os.close(fd) self.log("Error uploading") raise UploadException(self.options.server_url, output)
def _json_request(self, path): """Obtain JSON data from our server""" cmd = "curl %s/%s/ 2>/dev/null" % (self.options.server_url, path) curl_output = run_or_die(cmd) configs = {} for line in curl_output.split('\n'): if line.endswith('&&'): line = line[:-2] configs.update(json.loads(line)) if not configs.get('success', False): self.log("Error loading configs") if self.options.verbose: print "Output from the server:" pprint(curl_output) raise DownloadException(self.options.server_url, curl_output) return configs