def do_GET(self):
try:
# go away
if self.path == '/favicon.ico':
return
# serve user-specified page
if not self.context['root'] is None and util.does_file_exist(self.context['root']):
self.send_headers()
fle = open(self.context['root'], 'rb')
self.wfile.write(fle.read())
fle.close()
return
# else serve up the authentication page to collect credentials
auth_header = self.headers.getheader('Authorization')
if auth_header is None:
self.send_auth_headers()
elif auth_header.split(' ')[1] == base64.b64encode('ballast:security'):
self.send_headers()
self.wfile.write('Authenticated :)')
elif not auth_header is None:
if self.context['log_data']:
self.context['log_file'].write(base64.b64decode(auth_header.split(' ')[1]) + '\n')
if self.context['dump']:
util.Msg('Collected: %s'%base64.b64decode(auth_header.split(' ')[1]))
self.send_auth_headers()
else:
self.send_auth_headers()
except Exception, j:
if j.errono == 32:
# connection closed prematurely
return
util.Error('Error: %s'%j)
return
def update():
"""Run update routine
"""
if not util.does_file_exist('./.git/config'):
util.Error(
'Not a git repo; please checkout from Github with \n\tgit clone http://github.com/hatRiot/zarp.git\n to update.'
)
else:
util.Msg('Updating Zarp...')
ret = util.init_app('git branch -a | grep \'* dev\'', True)
if len(ret) > 3:
util.Error(
'You appear to be on the dev branch. Please switch off dev to update.'
)
return
ret = util.init_app('git pull git://github.com/hatRiot/zarp.git HEAD',
True)
if 'Already up-to-date' in ret:
util.Msg('Zarp already up to date.')
elif 'fatal' in ret:
util.Error('Error updating Zarp: %s' % ret)
else:
from util import version
util.Msg('Zarp updated to version %s' % (version()))
def menu():
"""Driver for the session management menu
"""
while True:
stream.dump_sessions()
choice = util.print_menu(session_menu)
if choice == 0:
break
elif choice == 1:
(module, number) = stream.get_session_input()
if not module is None:
stream.stop_session(module, number)
elif choice == 2:
(module, number) = stream.get_session_input()
if not module is None:
stream.view_session(module, number)
elif choice == 3:
try:
display = color.B_YELLOW + '[' + color.B_GREEN + '!' + color.B_YELLOW + \
'] Enter file to log to' + color.B_WHITE + ' > ' + color.END
file_path = raw_input(display)
if file_path is None:
return
if util.does_file_exist(file_path) or path.islink(file_path):
util.Error('File already exists.')
return
(module, number) = stream.get_session_input()
if not module is None:
display = color.B_YELLOW + '[' + color.B_GREEN + '!' + color.B_YELLOW + \
'] Log output from %s session %s to %s. Is this correct? ' + \
color.B_GREEN + '[' + color.B_YELLOW + 'Y' + color.B_GREEN + \
'/' + color.B_YELLOW + 'n' + color.B_GREEN + '] ' + \
color.B_WHITE + '> ' + color.END
tmp = raw_input(display % (module, number, file_path))
if 'n' in tmp.lower():
return
stream.toggle_log(module, number, file_path, True)
except KeyboardInterrupt:
return
except Exception:
util.Error('Error logging to given file')
return
elif choice == 4:
(module, number) = stream.get_session_input()
if not module is None:
stream.toggle_log(module, number)
elif choice == -1:
pass
else:
system('clear')
def menu():
"""Driver for the session management menu
"""
while True:
stream.dump_sessions()
choice = util.print_menu(session_menu)
if choice == 0:
break
elif choice == 1:
(module, number) = stream.get_session_input()
if not module is None:
stream.stop_session(module, number)
elif choice == 2:
(module, number) = stream.get_session_input()
if not module is None:
stream.view_session(module, number)
elif choice == 3:
try:
display = color.B_YELLOW + '[' + color.B_GREEN + '!' + color.B_YELLOW + \
'] Enter file to log to' + color.B_WHITE + ' > ' + color.END
file_path = raw_input(display)
if file_path is None:
return
if util.does_file_exist(file_path) or path.islink(file_path):
util.Error('File already exists.')
return
(module, number) = stream.get_session_input()
if not module is None:
display = color.B_YELLOW + '[' + color.B_GREEN + '!' + color.B_YELLOW + \
'] Log output from %s session %s to %s. Is this correct? ' + \
color.B_GREEN + '[' + color.B_YELLOW + 'Y' + color.B_GREEN + \
'/' + color.B_YELLOW + 'n' + color.B_GREEN + '] ' + \
color.B_WHITE + '> ' + color.END
tmp = raw_input(display % (module, number, file_path))
if 'n' in tmp.lower():
return
stream.toggle_log(module, number, file_path, True)
except KeyboardInterrupt:
return
except Exception:
util.Error('Error logging to given file')
return
elif choice == 4:
(module, number) = stream.get_session_input()
if not module is None:
stream.toggle_log(module, number)
elif choice == -1:
pass
else:
system('clear')
def menu():
while True:
stream.dump_sessions()
choice = util.print_menu(session_menu)
if choice == 0:
break
elif choice == 1:
module, number = get_session_input()
if not module is None:
stream.stop_session(string.lower(module), int(number))
else:
return
elif choice == 2:
module, number = get_session_input()
if not module is None:
stream.view_session(string.lower(module), int(number))
else:
return
elif choice == 3:
print '[!] Enter file to log to: '
file_path = raw_input('> ')
if file_path is None:
return
if util.does_file_exist(file_path):
util.Error('File already exists.')
return
util.Msg('Module must be a sniffer or valid logging module.')
module = None
(module, number) = get_session_input()
try:
if not module is None:
tmp = raw_input('[!] Log output from %s session %s to %s. Is this correct? '%
(module,number,file_path))
else:
return
except Exception, j:
util.Error('Error logging to given file')
return
if tmp == 'n':
return
stream.start_log_session(module, int(number), file_path)
elif choice == 4:
(module, number) = get_session_input()
if not module is None:
stream.stop_log_session(module, int(number))
def menu():
"""Driver for the session management menu
"""
while True:
stream.dump_sessions()
choice = util.print_menu(session_menu)
if choice == 0:
break
elif choice == 1:
(module, number) = stream.get_session_input()
if not module is None:
stream.stop_session(module, number)
elif choice == 2:
(module, number) = stream.get_session_input()
if not module is None:
stream.view_session(module, number)
elif choice == 3:
print '[!] Enter file to log to: '
file_path = raw_input('> ')
if file_path is None:
return
if util.does_file_exist(file_path) or path.islink(file_path):
util.Error('File already exists.')
return
util.Msg('Module must be a sniffer or valid logging module.')
(module, number) = stream.get_session_input()
try:
if not module is None:
tmp = raw_input('[!] Log output from %s session %s to %s.'
'Is this correct? [Y/n]' % (module, number, file_path))
if 'n' in tmp.lower():
return
stream.toggle_log(module, number, file_path, True)
except Exception:
util.Error('Error logging to given file')
return
elif choice == 4:
(module, number) = stream.get_session_input()
if not module is None:
stream.toggle_log(module, number)
elif choice == -1:
pass
else:
system('clear')
def update():
if not util.does_file_exist('./.git/config'):
util.Error('Not a git repo; please checkout from Github with \n\tgit clone http://github.com/hatRiot/zarp.git\n to update.')
else:
util.Msg('Updating Zarp...')
ret = util.init_app('git branch -a | grep \'* dev\'', True)
if len(ret) > 3:
util.Error('You appear to be on the dev branch. Please switch off dev to update.')
return
ret = util.init_app('git pull git://github.com/hatRiot/zarp.git HEAD', True)
if 'Already up-to-date' in ret:
util.Msg('Zarp already up to date.')
elif 'fatal' in ret:
util.Error('Error updating Zarp: %s'%ret)
else:
from util import version
util.Msg('Zarp updated to version %s'%(version()))
def do_GET(self):
"""Handle GET"""
try:
# go away
if self.path == '/favicon.ico':
return
# serve user-specified page
if not self.context['root'] is None and util.does_file_exist(self.context['root']):
self.send_headers()
fle = open(self.context['root'], 'rb')
self.wfile.write(fle.read())
fle.close()
return
# else serve up the authentication page to collect credentials
auth_header = self.headers.getheader('Authorization')
if auth_header is None:
self.send_auth_headers()
elif auth_header.split(' ')[1] == base64.b64encode('ballast:security'):
self.send_headers()
self.wfile.write('Authenticated :)')
elif not auth_header is None:
(usr, pswd) = base64.b64decode(auth_header.split(' ')[1]).split(':')
self.context['self'].log_msg(\
'Collected: \033[32m%s:%s\033[33m' % (usr,pswd))
self.context['self']._dbcredentials(usr, pswd, 'local HTTP',
self.connection.getpeername()[0])
self.send_auth_headers()
else:
self.send_auth_headers()
except Exception, j:
if j.errono == 32:
# connection closed prematurely
return
util.Error('Error: %s' % j)
return
def update():
"""Run update routine
"""
if not util.does_file_exist("./.git/config"):
util.Error(
"Not a git repo; please checkout from Github with \n\t"
"git clone http://github.com/hatRiot/zarp.git\n to update."
)
else:
util.Msg("Updating Zarp...")
ret = util.init_app("git branch -a | grep '* dev'", True)
if len(ret) > 3:
util.Error("You appear to be on the dev branch." "Please switch off dev to update.")
return
ret = util.init_app("git pull git://github.com/hatRiot/zarp.git HEAD")
if "Already up-to-date" in ret:
util.Msg("Zarp already up to date.")
elif "fatal" in ret:
util.Error("Error updating Zarp: %s" % ret)
else:
from util import version
util.Msg("Zarp updated to version %s" % (version()))
def initialize(self):
priv_key = self.config['priv_key'].value
try:
# try importing here so we can catch it right away
import paramiko
except ImportError:
util.Error('Paramiko libraries required for this module.')
return
level = getattr(paramiko.common, 'CRITICAL')
paramiko.common.logging.basicConfig(level=level)
# if the user did not specify a key, generate one
if priv_key is None:
if not util.check_program('openssl'):
util.Error('OpenSSL required to generate cert/key files.')
return
if not util.does_file_exist('./privkey.key'):
util.debug('Generating RSA private key...')
util.init_app('openssl genrsa -out privkey.key 2048')
util.debug('privkey.key was generated.')
priv_key = self.config['priv_key'].value = './privkey.key'
try:
server_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
server_socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, True)
server_socket.settimeout(3)
server_socket.bind(('0.0.0.0', self.config['port'].value))
server_socket.listen(1)
self.running = True
while self.running:
try:
con, addr = server_socket.accept()
except KeyboardInterrupt:
return
except:
# timeout
continue
pkey = paramiko.RSAKey.from_private_key_file(priv_key)
transport = paramiko.Transport(con)
transport.add_server_key(pkey)
transport.set_subsystem_handler('handler', paramiko.SFTPServer, SSHHandler)
context = {'dump': self.dump, 'log_data': self.log_data,
'log_file': self.log_file}
server = SSHStub(context)
try:
transport.start_server(server=server)
transport.accept()
while transport.is_active():
sleep(1)
except socket.error as j:
if j.errno == 104:
# just means we've got a broken pipe, or
# the peer dropped unexpectedly
continue
else:
raise Exception()
except IOError:
util.Error('There was an error reading the keyfile.')
return False
except EOFError:
# thrown when we dont get the key correctly, or
# remote host gets mad because the key changed
continue
except:
raise Exception()
except KeyboardInterrupt:
pass
except Exception as j:
util.Error('Error with server: %s' % j)
finally:
self.running = False
self.cleanup()
def initialize(self):
try:
# try importing here so we can catch it right away
import paramiko
except ImportError:
util.Error('Paramiko libraries required for this module.')
return
level = getattr(paramiko.common, 'CRITICAL')
paramiko.common.logging.basicConfig(level=level)
# if the user did not specify a key, generate one
if self.priv_key is None:
if not util.check_program('openssl'):
util.Error('OpenSSL required to generate cert/key files.')
return
if not util.does_file_exist('./privkey.key'):
util.debug('Generating RSA private key...')
tmp = util.init_app('openssl genrsa -out privkey.key 2048',
True)
util.debug('privkey.key was generated.')
self.priv_key = './privkey.key'
try:
server_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
server_socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR,
True)
server_socket.settimeout(3)
server_socket.bind(('0.0.0.0', 22))
server_socket.listen(1)
self.running = True
while self.running:
try:
con, addr = server_socket.accept()
except KeyboardInterrupt:
return
except:
# timeout
continue
pkey = paramiko.RSAKey.from_private_key_file(self.priv_key)
transport = paramiko.Transport(con)
transport.add_server_key(pkey)
transport.set_subsystem_handler('handler', paramiko.SFTPServer,
SSHHandler)
context = {
'dump': self.dump,
'log_data': self.log_data,
'log_file': self.log_file
}
server = SSHStub(context)
try:
transport.start_server(server=server)
channel = transport.accept()
while transport.is_active():
sleep(1)
except socket.error as j:
if j.errno == 104:
# just means we've got a broken pipe, or
# the peer dropped unexpectedly
continue
else:
raise Exception()
except IOError:
util.Error('There was an error reading the keyfile.')
return False
except EOFError:
# thrown when we dont get the key correctly, or
# remote host gets mad because the key changed
continue
except:
raise Exception()
except KeyboardInterrupt:
pass
except Exception as j:
util.Error('Error with server: %s' % j)
finally:
self.running = False
self.cleanup()
