def _login(self, params):
valid = False
if params.get("username") and params.get("hash") and params.get(
"nonce"):
if params.get("nonce") not in DISPOSED_NONCES:
DISPOSED_NONCES.add(params.get("nonce"))
for entry in (config.USERS or []):
entry = re.sub(r"\s", "", entry)
username, stored_hash, uid, netfilter = entry.split(
':')
if username == params.get("username"):
try:
if params.get("hash") == hashlib.sha256(
stored_hash.strip() +
params.get("nonce")).hexdigest():
valid = True
break
except:
if config.SHOW_DEBUG:
traceback.print_exc()
if valid:
session_id = os.urandom(SESSION_ID_LENGTH).encode("hex")
expiration = time.time() + 3600 * SESSION_EXPIRATION_HOURS
self.send_response(httplib.OK)
self.send_header(HTTP_HEADER.CONNECTION, "close")
self.send_header(
HTTP_HEADER.SET_COOKIE,
"%s=%s; expires=%s; path=/; HttpOnly" %
(SESSION_COOKIE_NAME, session_id,
time.strftime(HTTP_TIME_FORMAT, time.gmtime(expiration))))
if netfilter in ("", "0.0.0.0/0"):
netfilters = None
else:
addresses = set()
netmasks = set()
for item in set(re.split(r"[;,]", netfilter)):
item = item.strip()
if '/' in item:
_ = item.split('/')[-1]
if _.isdigit() and int(_) >= 16:
lower = addr_to_int(item.split('/')[0])
mask = make_mask(int(_))
upper = lower | (0xffffffff ^ mask)
while lower <= upper:
addresses.add(int_to_addr(lower))
lower += 1
else:
netmasks.add(item)
elif '-' in item:
_ = item.split('-')
lower, upper = addr_to_int(_[0]), addr_to_int(_[1])
while lower <= upper:
addresses.add(int_to_addr(lower))
lower += 1
elif re.search(r"\d+\.\d+\.\d+\.\d+", item):
addresses.add(item)
netfilters = netmasks
if addresses:
netfilters.add(get_regex(addresses))
SESSIONS[session_id] = AttribDict({
"username":
username,
"uid":
uid,
"netfilters":
netfilters,
"expiration":
expiration,
"client_ip":
self.client_address[0]
})
else:
time.sleep(UNAUTHORIZED_SLEEP_TIME)
self.send_response(httplib.UNAUTHORIZED)
self.send_header(HTTP_HEADER.CONNECTION, "close")
self.send_header(HTTP_HEADER.CONTENT_TYPE, "text/plain")
content = "Login %s" % ("success" if valid else "failed")
if not subprocess.mswindows:
try:
subprocess.check_output(
"logger -p auth.info -t \"%s[%d]\" \"%s password for %s from %s port %s\""
% (NAME.lower(), os.getpid(), "Accepted"
if valid else "Failed", params.get("username"),
self.client_address[0], self.client_address[1]),
stderr=subprocess.STDOUT,
shell=True)
except Exception:
if config.SHOW_DEBUG:
traceback.print_exc()
return content
from core.settings import trails
from core.settings import VERSION
from core.settings import WHITELIST
from core.settings import WHITELIST_LONG_DOMAIN_NAME_KEYWORDS
from core.settings import WHITELIST_HTTP_REQUEST_KEYWORDS
from core.settings import WHITELIST_UA_KEYWORDS
from core.update import update_ipcat
from core.update import update_trails
_buffer = None
_caps = []
_connect_sec = 0
_connect_src_dst = {}
_connect_src_details = {}
_count = 0
_locks = AttribDict()
_multiprocessing = None
_n = None
_result_cache = {}
try:
import pcapy
except ImportError:
if subprocess.mswindows:
exit(
"[!] please install 'WinPcap' (e.g. 'http://www.winpcap.org/install/') and Pcapy (e.g. 'https://breakingcode.wordpress.com/?s=pcapy')"
)
else:
msg, _ = "[!] please install 'Pcapy'", platform.linux_distribution(
)[0].lower()
for distro, install in {
9: 4,
10: 21,
117: 48,
18: 4,
12 if sys.platform.find('openbsd') != -1 else 108: 4,
14 if sys.platform.find('openbsd') != -1 else 12: 0,
113: 16
}
try:
import multiprocessing
CPU_CORES = multiprocessing.cpu_count()
except ImportError:
CPU_CORES = 1
config = AttribDict({"TRAILS_FILE": DEFAULT_TRAILS_FILE})
trails = TrailsDict()
def _get_total_physmem():
retval = None
try:
if IS_WIN:
import ctypes
kernel32 = ctypes.windll.kernel32
c_ulong = ctypes.c_ulong
class MEMORYSTATUS(ctypes.Structure):
_fields_ = [('dwLength', c_ulong), ('dwMemoryLoad', c_ulong),
import os
import re
import socket
import stat
import string
import subprocess
import sys
import urllib
import urllib2
from core.addr import addr_to_int
from core.addr import make_mask
from core.attribdict import AttribDict
from core.trailsdict import TrailsDict
config = AttribDict()
trails = TrailsDict()
NAME = "Maltrail"
VERSION = "0.10.161"
SERVER_HEADER = "%s/%s" % (NAME, VERSION)
DATE_FORMAT = "%Y-%m-%d"
ROTATING_CHARS = ('\\', '|', '|', '/', '-')
TIMEOUT = 30
FRESH_IPCAT_DELTA_DAYS = 10
USERS_DIR = os.path.join(os.path.expanduser("~"), ".%s" % NAME.lower())
TRAILS_FILE = os.path.join(USERS_DIR, "trails.csv")
IPCAT_CSV_FILE = os.path.join(USERS_DIR, "ipcat.csv")
IPCAT_SQLITE_FILE = os.path.join(USERS_DIR, "ipcat.sqlite")
IPCAT_URL = "https://raw.githubusercontent.com/client9/ipcat/master/datacenters.csv"
CHECK_CONNECTION_URL = "https://www.github.com"