def get_api_rpc_cmd(cmd_id: str, auth_token: str): '''Caller gets result of previous OS command on agent. Calls web api. TODO: Add authorization check on whether caller has permissions. Params cmd_id: Integer of os cmd record. ''' import requests session = HTMLSession() CMD_ID = cmd_id AUTH_TOKEN = auth_token BASE_URL = 'http://127.0.0.1:8000/' timestamp = datetime.datetime.now(timezone('UTC')).isoformat() req = requests.Request( 'GET', f'{BASE_URL}rpc/{CMD_ID}/', { 'Authorization': f'Token {AUTH_TOKEN}', }, ) prep_req = session.prepare_request(req) res = session.send(prep_req) return res
def run_api_rpc(rpc: str, rpc_params: str, rsa_key_path: str, auth_token: str): '''Caller specifies the RPC and to run on agent. Calls web api. Params rpc: Remote procedure call (Python function) rpc_params: Parameters to pass to the rpc. Must be base64 encoded json string. ''' session = HTMLSession() RPC = rpc # Verify rpc params is valid json. RPC_PARAMS = rpc_params if RPC_PARAMS: params_jstr = base64.b64decode(RPC_PARAMS) try: json.loads(params_jstr) except ValueError: raise Exception(f'Decoding JSON has failed') AUTH_TOKEN = auth_token BASE_URL = 'http://127.0.0.1:8000/' RSA_KEY_PATH = rsa_key_path timestamp = datetime.datetime.now(timezone('UTC')).isoformat() # Sign rpc call, params, and timestamp rsa_key = get_crypto_key(RSA_KEY_PATH) signaure_json_str = json.dumps({ 'rpc': RPC, 'rpc_params': RPC_PARAMS, 'timestamp': timestamp, }) signature = get_cmd_sign(rsa_key, signaure_json_str) b64_signature = base64.b64encode(signature).decode('utf-8') print(f'{repr(signaure_json_str)}') req = requests.Request('POST', f'{BASE_URL}rpc/', { 'Authorization': f'Token {AUTH_TOKEN}', }, json={ 'rpc': RPC, 'signature': b64_signature, 'params': RPC_PARAMS, 'timestamp': timestamp, }) prep_req = session.prepare_request(req) res = session.send(prep_req) return res
def run_api_os_cmd(os_cmd: str, rsa_key_path: str, auth_token: str): '''Caller executes an OS command on agent. Calls web api. Params os_cmd: Plaintext operating system os command. Command parameters must be appended with a commas. e.g. 'ls,-la' ''' import requests session = HTMLSession() CMD = os_cmd AUTH_TOKEN = auth_token BASE_URL = 'http://127.0.0.1:8000/' RSA_KEY_PATH = rsa_key_path timestamp = datetime.datetime.now(timezone('UTC')).isoformat() # Sign os command rsa_key = get_crypto_key(RSA_KEY_PATH) signaure_json_str = json.dumps({ 'cmd_list': CMD, 'timestamp': timestamp, }) signature = get_cmd_sign(rsa_key, signaure_json_str) b64_signature = base64.b64encode(signature).decode('utf-8') req = requests.Request('POST', f'{BASE_URL}jobs/', { 'Authorization': f'Token {AUTH_TOKEN}', }, json={ 'cmd_list': CMD, 'signature': b64_signature, 'timestamp': timestamp, }) prep_req = session.prepare_request(req) res = session.send(prep_req) return res
class TwitterScrap: def __init__(self): self.session = HTMLSession() self.x_guest_token = None self.headers = {"User-Agent": USER_AGENT} def get_profile(self, username): profile = Profile() profile.profile_url = f"https://twitter.com/{username}/" self.__get_token(profile.profile_url) self.headers["x-guest-token"] = self.x_guest_token self.headers[ "Authorization"] = "Bearer AAAAAAAAAAAAAAAAAAAAANRILgAAAAAAnNwIzUejRCOuH5E6I8xnZz4puTs=1Zv7ttfk8LF81IUq16cHjhLTvJu4FA33AGWWjCpTnA" self.headers["Referer"] = profile.profile_url params = { 'variables': json.dumps({ 'screen_name': username, 'withHighlightedLabel': True }, separators=(',', ':')) } prepared_request = self.session.prepare_request( requests.Request( "GET", "https://api.twitter.com/graphql/-xfUfZsnR_zqjFd-IfrN5A/UserByScreenName", headers=self.headers, params=urllib.parse.urlencode(params, quote_via=urllib.parse.quote))) res = self.session.send(prepared_request, allow_redirects=True, timeout=15) profile.parse_profile(res.json()) return profile def get_tweets(self, profile: Profile, include_replies=False, include_rt=False, count=40): prepared_request = self.session.prepare_request( requests.Request( "GET", f"https://twitter.com/i/api/2/timeline/profile/{profile.id}.json", headers=self.headers, params=urllib.parse.urlencode(get_params( profile.id, include_replies, count), quote_via=urllib.parse.quote))) res = self.session.send(prepared_request, allow_redirects=True, timeout=10) if res.status_code != 200: raise Exception( f"Could not get tweets, status_code {res.status_code}") data = res.json() tweets = parse_tweets(data, include_rt, profile.id) return tweets def __get_token(self, url): if self.x_guest_token == None: request = self.session.prepare_request( requests.Request("GET", url, headers=self.headers)) res = self.session.send(request, allow_redirects=True, timeout=20) possible_token = re.search( r'decodeURIComponent\("gt=(\d+); Max-Age=10800;', res.text) if possible_token: self.x_guest_token = possible_token.group(1) self.session.cookies.set("gt", self.x_guest_token, domain='.twitter.com', path='/', secure=True, expires=time.time() + 10800) else: raise Exception( f"Could not retrieve guest token, status_code {res.status_code}" ) else: return