def db_fetch(dbx):
try:
conn = MySQLdb.connect(host=db_host, user=db_user, passwd=db_pass,db=db_db )
pd("DB::starting db_connection (db-init)")
except:
print "[-]ERROR DB::db-connection-error (db-init)"
sys.exit(2)
attempts = 0
error = 50505
while attempts < 5:
try:
cx = conn.cursor()
cx.execute(dbx)
res = cx.fetchall()
conn.close()
return(res)
except MySQLdb.Error, e:
error = "MySQL Error %d: %s" % (e.args[0], e.args[1])
attempts += 1
print "try: %s" % attempts
print error
time.sleep(0.1)
error = e.args[0]
def db_exec(dbx):
# due to http://stackoverflow.com/questions/567622/is-there-a-pythonic-way-to-try-something-up-to-a-maximum-number-of-times
# issue raised during livetests
#
try:
conn = MySQLdb.connect(host=db_host, user=db_user, passwd=db_pass,db=db_db )
pd("DB::starting db_connection (db-init)")
except:
print "[-]ERROR DB::db-connection-error (db-init)"
sys.exit(2)
attempts = 0
error = 40404
while attempts < 5:
try:
cx = conn.cursor()
cx.execute(dbx)
cx.close()
conn.close()
return(0)
except MySQLdb.Error, e:
error = "MySQL Error %d: %s" % (e.args[0], e.args[1])
attempts += 1
print "try: %s" % attempts
print error
time.sleep(0.1)
error = e.args[0]
def get_ftw_user_dict():
pd("reading user_list from %s " % ftw_user_list)
ud = {}
fd = open(ftw_user_list, "r").readlines()
for line in fd:
if line[0] == "#":
continue
if line.find("::") < 0:
continue
user = line.split("::")[0].strip()
pw = line.split("::")[1].strip()
pd(" - %s" % user)
ud[user] = pw
return(ud)
def start_test(ud):
pd("--[ start-test ]--------------------")
if len(ud) < 1:
print "[-] ERROR ... no users found in user_dict; \n maybe you need to setup ftw_user_list from ftw_config.py"
sys.exit(2)
# selecting a random user
ul = []
for u in ud:
ul.append(u)
if len(ul) == 0:
print "\n\n[-] ERROR ... userlist is empty \n\n"
sys.exit(2)
ftwinit = ul[random.randrange(0,len(ud))]
init_time = int(time.time())
hx = "%s-%s-%s" % (time.time(), random.randrange(1,1000000), ftwinit)
testid = hashlib.sha224(hx).hexdigest() # no more entropy needed
pd("testid : %s" % testid)
pd("ftwinit : %s" % ftwinit)
pw = ud[ftwinit]
usr_name = ftwinit.split("@")[0].strip()
usr_host = ftwinit.split("@")[1].strip()
msg = """
##### federation-test %s
----------------------------------------
automated test-entry @ %s
testid: ftw.%s
date: %s
timestamp: %s
botlink: https://%s/u/%s
#federationtestwarriors #federationtestautomated
""" % (now_date, ftwinit, testid, now_date, now_time, usr_host, usr_name)
pd("posting now -> %s " % ftwinit)
res = api_post(ftwinit, pw, msg)
if res != 0:
print "[-] ERROR while trying to create test-post @ %s " % ftwinit
return(3000)
# creating test-entry
dbx = """SET autocommit=1;
INSERT INTO tests (testid, ftwinit, init_time)
values ('%s', '%s', '%s');
""" % (testid, ftwinit, init_time)
# creating test-result-defaults
for u in ul:
if u == ftwinit:
continue
dbx = """%s
INSERT INTO test_results (testid, account, status)
values ('%s', '%s', '0');
""" % (dbx, testid, u)
# creating scheduler-entries
for val in schedule_time_steps.split(","):
try:
s_time = init_time + (int(val.strip()) * 60)
except:
continue
dbx = """%s
-- time-delay: %s min
INSERT INTO schedules (testid, start_time, status)
values ('%s', '%s', '0');
""" % (dbx, val, testid, s_time)
res = db_exec(dbx)
if res != 0:
print "[-] ERROR [ %s ] while trying to create test + scheduler-entries" % res
pd(dbx)
else:
print "[+] OK Test created %s :: %s " % (ftwinit, testid)
print msg
return(testid)
def exec_scheduler(ud):
now_time = int(time.time())
# first, calculate if we're already out of sync
outdated_ts = int(schedule_time_steps.split(",")[-1])
outdated_time = (now_time - (outdated_ts * 60) - 1800) # give additional 30 minutes
# dont check if older than outdated_timew
# select only one test at a time
dbx = "SELECT tests.testid, tests.ftwinit, schedules.start_time, tests.init_time from tests,schedules where tests.testid = schedules.testid and schedules.status = '0' and schedules.start_time < '%s' and schedules.start_time > '%s' order by schedules.start_time LIMIT 5;" % (now_time, outdated_time)
res = db_fetch(dbx)
try:
int(res)
print "[-] ERROR [%s] while trying to get results for scheduler" % res
return(res)
except:
# we got result, even if emtpy
pass
if res == ():
print "[i] no checks found for execution"
list_schedules()
for xt in res:
testid = xt[0]
testid_txt = testid[0:6]
ftwinit = xt[1]
start_time = xt[2]
init_time = xt[3]
cst = time.strftime("%F - %H:%M", time.localtime(float(start_time)))
pd("starting scheduled test %s :: %s " % (cst, testid_txt))
print "[i] starting check for %s :: %s \n init_date: %s" % (ftwinit, testid_txt, time.strftime("%H:%M", time.localtime(float(init_time)))
)
dbx = "SELECT account from test_results where testid = '%s' and checked != '1' and account != '%s' " % (testid, ftwinit)
# dbx = "SELECT account from test_results where testid = '%s' and checked != '1' and account != '%s' " % (testid, ftwinit)
res = db_fetch(dbx)
try:
int(res)
print "[-] ERROR [%s] while trying to get results for scheduler" % res
return(res)
except:
# we got result, even if emtpy
pass
accounts = res
print "[i] checking %s accounts from selection" % len(accounts)
if accounts == ():
print "[i] no accounts found for execution"
for account in accounts:
account = account[0]
host = account.split("@")[1]
user = account.split("@")[0]
try:
pw = ud[account]
except:
print "[-] ERROR ... cannot find pw for %s " % account
continue
threads = []
find_text = "%s" % testid[0:12].strip()
print "[i] checking #ftw [ %s ] for %s " % (find_text, account)
start_check(account, pw, find_text, testid, start_time, init_time)
try:
t = threading.Thread(target=start_check, args=(account, pw, find_text, testid, start_time, init_time))
threads.append(t)
t.start()
time.sleep(int(ramp_up_delay))
except:
print "thread-exeption"
time.sleep(3)
start_check(account, pw, find_text, testid, start_time, init_time)
max_runtime = 90 # seconds
while len(threading.enumerate()) > 1:
xt = int(time.time())
if xt - now_time > max_runtime:
t.join()
break
print "[i] %2s checks running, waiting for threads to finish" % (len(threading.enumerate())-1)
time.sleep(5)
#~ # debug - keep alive 3 min to see if mysql stays open
#~ print "debug-sleeping"
#~ time.sleep(120)
dbx = "set autocommit=1; update schedules set status = '1' where testid = '%s' and start_time = '%s'"% (testid, start_time)
res = db_exec(dbx)
if res != 0:
print "[-] ERROR [ %s ] while trying to update scheduler-table" % res
pd(dbx)
else:
print "[+] run finished %s :: %s " % (ftwinit, testid_txt)
time.sleep(0.1)
return(0)
# User-Agent (this is cheating, ok?)
br.addheaders = [('Connection', 'keep-alive'), ('User-agent', ua) ]
#~ #~
#~ #~
try:
r = br.open("https://%s/users/sign_in" % usr_host, timeout=15)
except mechanize.HTTPError, e:
print 'ERROR! The server couldn\'t fulfill the request.'
print 'Error code: ', e.code
return(e.code)
except mechanize.URLError, e:
print 'We failed to reach a server.'
print 'Reason: ', e.reason
return(404)
html = r.read()
pd(r.info())
# thanx, d*inc for breaking this again ...
try:
csrf = html.split("""csrf-token" content=\"""")[1].split("\"")[0]
except:
csrf = html.split("""name="csrf-token""")[0].split("\"")[0]
pd("csrf PURE : %s" % csrf)
h = HTMLParser.HTMLParser()
csrftoken = h.unescape(csrf)
pd("csrf eascaped: %s" % csrftoken)
# Show the response headers
# login
br.select_form(nr=0)
# Let's search