def __init__(self, config, HandlerClass, *args, **kwargs): """ :param config: Configuration to retrieve settings from. :type config: :py:class:`smoke_zephyr.configuration.Configuration` """ # additional mime types to be treated as html because they're probably cloned pages HandlerClass.extensions_map.update({ '': 'text/html', '.asp': 'text/html', '.aspx': 'text/html', '.cfm': 'text/html', '.cgi': 'text/html', '.do': 'text/html', '.jsp': 'text/html', '.nsf': 'text/html', '.php': 'text/html', '.srf': 'text/html' }) super(KingPhisherServer, self).__init__(HandlerClass, *args, **kwargs) self.logger = logging.getLogger('KingPhisher.Server') self.config = config """A :py:class:`~smoke_zephyr.configuration.Configuration` instance used as the main King Phisher server configuration.""" self.serve_files = True self.serve_files_root = config.get('server.web_root') self.serve_files_list_directories = False self.serve_robots_txt = True self.database_engine = db_manager.init_database( config.get('server.database')) self.http_server.config = config self.http_server.throttle_semaphore = threading.Semaphore() self.http_server.session_manager = aaa.AuthenticatedSessionManager( timeout=config.get_if_exists('server.authentication.cache_timeout', '30m')) self.http_server.forked_authenticator = aaa.ForkedAuthenticator( cache_timeout=config.get_if_exists( 'server.authentication.cache_timeout', '10m'), required_group=config.get_if_exists('server.authentication.group'), pam_service=config.get_if_exists( 'server.authentication.pam_service', 'sshd')) self.job_manager = job.JobManager() """A :py:class:`~smoke_zephyr.job.JobManager` instance for scheduling tasks.""" self.job_manager.start() self.http_server.job_manager = self.job_manager loader = jinja2.FileSystemLoader(config.get('server.web_root')) global_vars = {} if config.has_section('server.page_variables'): global_vars = config.get('server.page_variables') global_vars['embed_youtube_video'] = pages.embed_youtube_video global_vars['make_csrf_page'] = pages.make_csrf_page global_vars['make_redirect_page'] = pages.make_redirect_page self.http_server.template_env = templates.TemplateEnvironmentBase( loader=loader, global_vars=global_vars) self.__geoip_db = geoip.init_database( config.get('server.geoip.database')) self.__is_shutdown = threading.Event() self.__is_shutdown.clear()
def test_authenticator_bad_credentials(self): auth = aaa.ForkedAuthenticator() self.assertFalse(auth.authenticate('fakeuser', 'FakePassword1')) self.assertFalse(auth.authenticate('root', 'FakePassword1')) auth.stop()
def __init__(self, config, plugin_manager, handler_klass, *args, **kwargs): """ :param config: Configuration to retrieve settings from. :type config: :py:class:`smoke_zephyr.configuration.Configuration` """ # additional mime types to be treated as html because they're probably cloned pages handler_klass.extensions_map.update({ '': 'text/html', '.asp': 'text/html', '.aspx': 'text/html', '.cfm': 'text/html', '.cgi': 'text/html', '.do': 'text/html', '.jsp': 'text/html', '.nsf': 'text/html', '.php': 'text/html', '.srf': 'text/html' }) super(KingPhisherServer, self).__init__(handler_klass, *args, **kwargs) self.logger = logging.getLogger('KingPhisher.Server') self.config = config """A :py:class:`~smoke_zephyr.configuration.Configuration` instance used as the main King Phisher server configuration.""" self.headers = collections.OrderedDict() """A :py:class:`~collections.OrderedDict` containing additional headers specified from the server configuration to include in responses.""" self.plugin_manager = plugin_manager self.serve_files = True self.serve_files_root = config.get('server.web_root') self.serve_files_list_directories = False self.serve_robots_txt = True self.database_engine = db_manager.init_database(config.get('server.database'), extra_init=True) self.throttle_semaphore = threading.BoundedSemaphore() self.session_manager = aaa.AuthenticatedSessionManager( timeout=config.get_if_exists('server.authentication.session_timeout', '30m') ) self.forked_authenticator = aaa.ForkedAuthenticator( cache_timeout=config.get_if_exists('server.authentication.cache_timeout', '10m'), required_group=config.get_if_exists('server.authentication.group'), pam_service=config.get_if_exists('server.authentication.pam_service', 'sshd') ) self.job_manager = smoke_zephyr.job.JobManager(logger_name='KingPhisher.Server.JobManager') """A :py:class:`~smoke_zephyr.job.JobManager` instance for scheduling tasks.""" self.job_manager.start() maintenance_interval = 900 # 15 minutes self._maintenance_job = self.job_manager.job_add(self._maintenance, parameters=(maintenance_interval,), seconds=maintenance_interval) loader = jinja2.FileSystemLoader(config.get('server.web_root')) global_vars = {} if config.has_section('server.page_variables'): global_vars = config.get('server.page_variables') global_vars.update(template_extras.functions) self.template_env = templates.TemplateEnvironmentBase(loader=loader, global_vars=global_vars) self.ws_manager = web_sockets.WebSocketsManager(config, self.job_manager) self.tables_api = {} self._init_tables_api() for http_server in self.sub_servers: http_server.add_sni_cert = self.add_sni_cert http_server.config = config http_server.forked_authenticator = self.forked_authenticator http_server.get_sni_certs = lambda: self.sni_certs http_server.headers = self.headers http_server.job_manager = self.job_manager http_server.kp_shutdown = self.shutdown http_server.plugin_manager = plugin_manager http_server.remove_sni_cert = self.remove_sni_cert http_server.session_manager = self.session_manager http_server.tables_api = self.tables_api http_server.template_env = self.template_env http_server.throttle_semaphore = self.throttle_semaphore http_server.ws_manager = self.ws_manager if not config.has_option('server.secret_id'): test_id = rest_api.generate_token() config.set('server.secret_id', test_id) self.logger.debug('server request test id initialized with value: ' + test_id) if not config.get_if_exists('server.rest_api.token'): config.set('server.rest_api.token', rest_api.generate_token()) if config.get('server.rest_api.enabled'): self.logger.info('rest api token initialized with value: ' + config.get('server.rest_api.token')) self.__geoip_db = geoip.init_database(config.get('server.geoip.database')) self.__is_shutdown = threading.Event() self.__is_shutdown.clear() self.__shutdown_lock = threading.Lock() plugin_manager.server = weakref.proxy(self) headers = self.config.get_if_exists('server.headers', []) for header in headers: if ': ' not in header: self.logger.warning("header '{0}' is invalid and will not be included".format(header)) continue header, value = header.split(': ', 1) header = header.strip() self.headers[header] = value self.logger.info("including {0} custom http headers".format(len(self.headers)))