def loginHandler(loginid, password, queryResult):
if not queryResult:
# attempt to exploit API// Url only to be used for existing user
exploitLog(sys._getframe(), moduleCode)
return exploitRedirect(), 418
userAgent = getUserAgent()
return oldUserLogin(loginid, password, queryResult, userAgent)
def fetchSection(loginid, password, queryResult, userAgent, fetchFunction):
cookieTime, dbPassword, cookies = queryResult.time, queryResult.passwrd, eval(queryResult.cookies)
session, isExploit = setSession(loginid, password, dbPassword, cookies, userAgent)
if isExploit:
exploitLog(sys._getframe())
return exploitRedirect(), 418
reLogin = True
updateCookie = False
Time = math.trunc(time.time())
if Time - cookieTime < 900:
data = fetchFunction(session, loginid)
reLogin = not data
if reLogin:
session.cookies.clear()
error, session = fetchLogin(session, loginid, password)
if error: return session
data = fetchFunction(session, loginid)
updateCookie = True
if fetchFunction.__name__ == 'Marks':
avg = AvgMarks(data['marksdata'])
data['marksdata']['AvgData'] = avg
if updateCookie:
queryResult.cookies = str(getCookies(session))
queryResult.time = Time
db.session.commit()
return data
def verifyLogin(cred):
try:
username = cred['username'].upper()
password = cred['password']
userDatabaseDetails = SQLclasses.users.query.filter_by(
regno=username).first()
return username, password, userDatabaseDetails
except:
exploitLog(sys._getframe())
modifyExp(exploitRedirect(), 418)
raise Exception('Error in getting username/password')
def oldUserLogin(loginid, password, queryResult, userAgent):
cookieTime, dbPassword, cookies, marksTime = queryResult.time, queryResult.passwrd, eval(queryResult.cookies), queryResult.marksTime
hashpassword = utils.data2hash(loginid, password)
if hashpassword != dbPassword:
exploitLog(sys._getframe())
return exploitRedirect(), 418
session = requests.session()
session.trust_env = False
for cookie in cookies:
session.cookies.set(cookie[0],cookie[1])
session.headers.update({'User-Agent':userAgent})
cookieUpdate = False
Time = math.trunc(time.time())
# test login by fetching attendance, relogin
reLogin = True
if Time - queryResult.time < 900:
attendance_data = fetchAPI.Attendance(session, loginid)
# fetching attendance failed. User might logged in from another device.
reLogin = not attendance_data
if reLogin:
session.cookies.clear()
error, session = fetchLogin(session, loginid, password)
if error: return loginError
attendance_data = fetchAPI.Attendance(session, loginid)
cookieUpdate = True
# fetch marks data
marks = fetchAPI.Marks(session, loginid)
if not marks:
modifyExp()
raise Exception('Attendance fetched but not marks')
avg = AvgMarks(marks['marksdata'])
marks['marksdata']['AvgData'] = avg
if cookieUpdate:
cookieList = getCookies(session)
queryResult.cookies = str(cookieList)
queryResult.time = Time
db.session.commit()
if Time - marksTime > 86400:
threading.Thread(target = marksUpdate, args= (loginid, marks['marksdata'],)).start()
return {'attendance':attendance_data,'marks':marks, 'response':'OK'}
def otherHandler(datarequest,loginid, password, queryResult):
if not queryResult:
# attempt to exploit API// Url only to be used for existing user
exploitLog(sys._getframe())
return exploitRedirect(), 418
userAgent = getUserAgent()
if datarequest == 'timetable':
return fetchTimeTable(loginid, password, queryResult, userAgent)
if datarequest == 'gradelist':
return fetchGradeList(loginid, password, queryResult, userAgent)
if datarequest == 'gradecalc':
return fetchGradeCalc(loginid, password, queryResult, userAgent)
if datarequest == 'attendance':
return fetchAttendance(loginid, password, queryResult, userAgent)
if datarequest == 'marks':
return fetchMarks(loginid, password, queryResult, userAgent)
def oldUserLogin(loginid, password, queryResult, userAgent):
cookieTime, dbPassword, cookies, profileID = queryResult.time, queryResult.passwrd, eval(queryResult.cookies), queryResult.moodleID
hashpassword = utils.data2hash(loginid, password)
if hashpassword != dbPassword:
exploitLog(sys._getframe(), moduleCode)
return exploitRedirect(), 418
session = requests.session()
session.trust_env = False
for cookie in cookies:
session.cookies.set(cookie[0], cookie[1], domain = urlList['DOMAIN'])
session.headers.update({'User-Agent':userAgent})
cookieUpdate = False
Time = math.trunc(time.time())
reLogin = True
if Time - queryResult.time < config['MOODLE_TIMEOUT']:
dashboard_data = fetchDashboard(session, 600)
reLogin = not dashboard_data
if reLogin:
session.cookies.clear()
error, session = fetchLogin(session, loginid, password)
if error : return session
dashboard_data = fetchDashboard(session, 600)
cookieUpdate = True
session, dashboard_html = dashboard_data
sessionKey = re.findall('\"sesskey\":\"(.*?)\"', dashboard_html[800:1000])[0]
if cookieUpdate:
cookieList = getCookies(session)
queryResult.cookies = str(cookieList)
queryResult.time = math.trunc(time.time())
db.session.commit()
return getMoodleBulkData(session, sessionKey)