def __init__(self, conf, init=False, auto_restart=True):
Process.__init__(self)
self.conf = conf
self.comm = None
self.init = init
self.logger = conf.buildLogger("AttackBot")
self.attack_manager = AttackManager(conf, self.logger, init,
auto_restart)
self.auto_restart = auto_restart
self.attack_conf = self.conf.getSection("ATTACK_BOT")
self.round_time = self.attack_conf.roundInterval()
def __init__(self,conf,init=False,auto_restart=True):
Process.__init__(self)
self.conf = conf
self.comm = None
self.init = init
self.logger = conf.buildLogger("AttackBot")
self.attack_manager = AttackManager(conf,self.logger,init,auto_restart)
self.auto_restart = auto_restart
self.attack_conf = self.conf.getSection("ATTACK_BOT")
self.round_time = self.attack_conf.roundInterval()
def testUpdateExploits(self):
manager = AttackManager(self.conf,None,True,False)
manager.start()
manager.cmd(AttackManager.UPDATE_EXPLOITS)
exploit_set = manager.test(AttackManager.TEST_GET_EXPLOITS)
self.assertTrue("Succesful.py" in exploit_set)
self.assertTrue("Forever.py" in exploit_set)
self.assertTrue("Timeout.py" in exploit_set)
def testLaunchExploit(self): manager = AttackManager(self.conf,None,True,False) manager.start() manager.cmd(AttackManager.UPDATE_EXPLOITS) manager.cmd(AttackManager.LAUNCH_EXPLOIT,"Succesful.py") time.sleep(1) manager.cmd(AttackManager.PROCESS_OUTPUT) time.sleep(1) manager.cmd(AttackManager.GATHER_FLAGS) time.sleep(1) results = manager.getFlags() self.assertEquals(len(results),2) r1 = results[0] r2 = results[1] self.assertEquals(r1[0],0) self.assertEquals(r2[0],1) self.assertEquals(r1[2],['foobarbaz']) self.assertEquals(r2[2],['foobarbaz'])
class AttackBot(Process):
def __init__(self,conf,init=False,auto_restart=True):
Process.__init__(self)
self.conf = conf
self.comm = None
self.init = init
self.logger = conf.buildLogger("AttackBot")
self.attack_manager = AttackManager(conf,self.logger,init,auto_restart)
self.auto_restart = auto_restart
self.attack_conf = self.conf.getSection("ATTACK_BOT")
self.round_time = self.attack_conf.roundInterval()
def run(self):
self.attack_manager.start()
server_info = self.conf.getGameStateServerInfo()
self.comm = BotCommClient(
server_info.host,
server_info.port,
server_info.key,
server_info.iv,
"ATTACK_BOT")
self.comm.start()
if(self.auto_restart == True):
self.logger.info("Starting (AUTO Logic)")
self.__mainLoopAuto()
else:
self.logger.info("Starting (WAIT Logic)")
self.__mainLoopWait()
def __mainLoopWait(self):
while(True):
msg = self.comm.receive()
self.logger.debug("Wait logic processing msg: %s (%s)" % (msg.type,str(msg.data)))
if(msg.type == "EXECUTE_EXPLOITS"):
exploits = msg.data
for exploit in exploits:
self.attack_manager.cmd(AttackManager.LAUNCH_EXPLOIT,exploit)
elif(msg.type == "UPDATE_EXPLOITS"):
self.attack_manager.cmd(AttackManager.UPDATE_EXPLOITS)
elif(msg.type == "PROCESS_OUTPUT"):
self.attack_manager.cmd(AttackManager.PROCESS_OUTPUT)
elif(msg.type == "GATHER_FLAGS"):
self.attack_manager.cmd(AttackManager.GATHER_FLAGS)
collected = []
while(True):
try:
collected.append(
self.attack_manager.collected_flags.get(True,1))
except Queue.Empty:
break
self.comm.send(BotMessage("COLLECTED_FLAGS",collected))
elif(msg.type == "STOP_EXPLOITS"):
self.attack_manager.cmd(AttackManager.STOP_ALL)
elif(msg.type == "TERMINATE"):
self.comm.kill()
break
else:
assert(False),"Invalid msg type received"
def __mainLoopAuto(self):
while(True):
msg = self.comm.receive(True,1)
if(msg != None):
if(msg.type == "TERMINATE"):
self.comm.kill()
break
elif(msg.type == "NEW_EXPLOIT"):
self.__newExploit(msg.data[0],msg.data[1])
elif(msg.type == "LIST_EXPLOITS"):
exploits = self.__listExploits()
self.comm.sendResponse(msg,BotMessage("LIST_EXPLOITS_RESULT",exploits))
elif(msg.type.startswith("GET_LOG:")):
payload = msg.type[8:]
(exploit, lines) = payload.split("|")
lines = int(lines)
log_data = self.__getLog(exploit,lines)
self.comm.sendResponse(msg,BotMessage("GET_LOG_RESULT:%s" % exploit, log_data))
elif(msg.type.startswith("GET_EXPLOIT:")):
exploit = msg.type[12:]
data = self.__getExploit(exploit)
self.comm.sendResponse(msg,BotMessage("GET_EXPLOIT_RESULT:%s" % exploit, data))
elif(msg.type.startswith("TOGGLE_EXPLOIT:")):
exploit = msg.type[15:]
self.__toggleExploit(exploit)
else:
flags = self.attack_manager.getFlags()
if(len(flags) != 0):
self.comm.send(BotMessage("COLLECTED_FLAGS",flags))
def __newExploit(self,filename,filedata):
self.logger.info("New exploit uploaded: %s" % filename)
exploit_dir = self.attack_conf.exploitDir()
path = os.path.join(exploit_dir,filename)
exploit_file = open(path,"w")
exploit_file.write(filedata)
exploit_file.close()
os.chmod(path,stat.S_IRWXU | stat.S_IRWXO | stat.S_IRWXG)
def __toggleExploit(self,exploit):
exploit_dir = self.attack_conf.exploitDir()
exploit_path = os.path.join(exploit_dir,exploit)
if( exploit.endswith(".bin") or
exploit.endswith(".dat")):
self.logger.warn("Tried to toggled data file %s" % exploit)
elif(os.path.exists(exploit_path) and not os.path.isdir(exploit_path)):
if(os.access(exploit_path,os.X_OK)):
self.logger.info("Toggled %s off" % exploit)
os.chmod(exploit_path,
stat.S_IRUSR | stat.S_IWUSR |
stat.S_IRGRP | stat.S_IWGRP |
stat.S_IROTH | stat.S_IWOTH )
else:
self.logger.info("Toggled %s on" % exploit)
os.chmod(exploit_path,stat.S_IRWXU | stat.S_IRWXO | stat.S_IRWXG)
else:
self.logger.warn("Tried to toggle unknown exploit: %s" % exploit)
def __listExploits(self):
exploit_dir = self.attack_conf.exploitDir()
exploits = []
for file in os.listdir(exploit_dir):
path = os.path.join(exploit_dir,file)
if( os.path.isdir(path) == True or
path.endswith(".bin") or
path.endswith(".dat")):
continue
if(os.access(path,os.X_OK)):
exploits.append((file,True))
else:
exploits.append((file,False))
return exploits
def __getExploit(self, exploit):
try:
exploit_dir = self.attack_conf.exploitDir()
path = os.path.join(exploit_dir,exploit)
file = open(path,"r")
data = file.read()
return data
except:
return None
def __getLog(self, exploit, nLines):
try:
log = os.path.join(self.conf.log_dir,"Exploit-%s.log"%exploit)
file = open(log,"r")
file.seek(0,os.SEEK_END)
fsize = file.tell()
file.seek(max(fsize-65536,0),0)
lines = file.readlines()
if len(lines) > nLines:
lines = lines[-nLines:]
return lines
except Exception as e:
self.logger.error("Error getting exploit log: %s" % e)
return []
class AttackBot(Process):
def __init__(self, conf, init=False, auto_restart=True):
Process.__init__(self)
self.conf = conf
self.comm = None
self.init = init
self.logger = conf.buildLogger("AttackBot")
self.attack_manager = AttackManager(conf, self.logger, init,
auto_restart)
self.auto_restart = auto_restart
self.attack_conf = self.conf.getSection("ATTACK_BOT")
self.round_time = self.attack_conf.roundInterval()
def run(self):
self.attack_manager.start()
server_info = self.conf.getGameStateServerInfo()
self.comm = BotCommClient(server_info.host, server_info.port,
server_info.key, server_info.iv,
"ATTACK_BOT")
self.comm.start()
if (self.auto_restart == True):
self.logger.info("Starting (AUTO Logic)")
self.__mainLoopAuto()
else:
self.logger.info("Starting (WAIT Logic)")
self.__mainLoopWait()
def __mainLoopWait(self):
while (True):
msg = self.comm.receive()
self.logger.debug("Wait logic processing msg: %s (%s)" %
(msg.type, str(msg.data)))
if (msg.type == "EXECUTE_EXPLOITS"):
exploits = msg.data
for exploit in exploits:
self.attack_manager.cmd(AttackManager.LAUNCH_EXPLOIT,
exploit)
elif (msg.type == "UPDATE_EXPLOITS"):
self.attack_manager.cmd(AttackManager.UPDATE_EXPLOITS)
elif (msg.type == "PROCESS_OUTPUT"):
self.attack_manager.cmd(AttackManager.PROCESS_OUTPUT)
elif (msg.type == "GATHER_FLAGS"):
self.attack_manager.cmd(AttackManager.GATHER_FLAGS)
collected = []
while (True):
try:
collected.append(
self.attack_manager.collected_flags.get(True, 1))
except Queue.Empty:
break
self.comm.send(BotMessage("COLLECTED_FLAGS", collected))
elif (msg.type == "STOP_EXPLOITS"):
self.attack_manager.cmd(AttackManager.STOP_ALL)
elif (msg.type == "TERMINATE"):
self.comm.kill()
break
else:
assert (False), "Invalid msg type received"
def __mainLoopAuto(self):
while (True):
msg = self.comm.receive(True, 1)
if (msg != None):
if (msg.type == "TERMINATE"):
self.comm.kill()
break
elif (msg.type == "NEW_EXPLOIT"):
self.__newExploit(msg.data[0], msg.data[1])
elif (msg.type == "LIST_EXPLOITS"):
exploits = self.__listExploits()
self.comm.sendResponse(
msg, BotMessage("LIST_EXPLOITS_RESULT", exploits))
elif (msg.type.startswith("GET_LOG:")):
payload = msg.type[8:]
(exploit, lines) = payload.split("|")
lines = int(lines)
log_data = self.__getLog(exploit, lines)
self.comm.sendResponse(
msg, BotMessage("GET_LOG_RESULT:%s" % exploit,
log_data))
elif (msg.type.startswith("GET_EXPLOIT:")):
exploit = msg.type[12:]
data = self.__getExploit(exploit)
self.comm.sendResponse(
msg, BotMessage("GET_EXPLOIT_RESULT:%s" % exploit,
data))
elif (msg.type.startswith("TOGGLE_EXPLOIT:")):
exploit = msg.type[15:]
self.__toggleExploit(exploit)
else:
flags = self.attack_manager.getFlags()
if (len(flags) != 0):
self.comm.send(BotMessage("COLLECTED_FLAGS", flags))
def __newExploit(self, filename, filedata):
self.logger.info("New exploit uploaded: %s" % filename)
exploit_dir = self.attack_conf.exploitDir()
path = os.path.join(exploit_dir, filename)
exploit_file = open(path, "w")
exploit_file.write(filedata)
exploit_file.close()
os.chmod(path, stat.S_IRWXU | stat.S_IRWXO | stat.S_IRWXG)
def __toggleExploit(self, exploit):
exploit_dir = self.attack_conf.exploitDir()
exploit_path = os.path.join(exploit_dir, exploit)
if (exploit.endswith(".bin") or exploit.endswith(".dat")):
self.logger.warn("Tried to toggled data file %s" % exploit)
elif (os.path.exists(exploit_path)
and not os.path.isdir(exploit_path)):
if (os.access(exploit_path, os.X_OK)):
self.logger.info("Toggled %s off" % exploit)
os.chmod(
exploit_path, stat.S_IRUSR | stat.S_IWUSR | stat.S_IRGRP
| stat.S_IWGRP | stat.S_IROTH | stat.S_IWOTH)
else:
self.logger.info("Toggled %s on" % exploit)
os.chmod(exploit_path,
stat.S_IRWXU | stat.S_IRWXO | stat.S_IRWXG)
else:
self.logger.warn("Tried to toggle unknown exploit: %s" % exploit)
def __listExploits(self):
exploit_dir = self.attack_conf.exploitDir()
exploits = []
for file in os.listdir(exploit_dir):
path = os.path.join(exploit_dir, file)
if (os.path.isdir(path) == True or path.endswith(".bin")
or path.endswith(".dat")):
continue
if (os.access(path, os.X_OK)):
exploits.append((file, True))
else:
exploits.append((file, False))
return exploits
def __getExploit(self, exploit):
try:
exploit_dir = self.attack_conf.exploitDir()
path = os.path.join(exploit_dir, exploit)
file = open(path, "r")
data = file.read()
return data
except:
return None
def __getLog(self, exploit, nLines):
try:
log = os.path.join(self.conf.log_dir, "Exploit-%s.log" % exploit)
file = open(log, "r")
file.seek(0, os.SEEK_END)
fsize = file.tell()
file.seek(max(fsize - 65536, 0), 0)
lines = file.readlines()
if len(lines) > nLines:
lines = lines[-nLines:]
return lines
except Exception as e:
self.logger.error("Error getting exploit log: %s" % e)
return []