def decrypt(file, key, extension=EXTENSION, exception=False): if (os.path.isfile(file)): if (file.endswith('.{}'.format(extension)) == True): with open(file, 'rb') as obj: try: file_decrypt = simplycrypt.decrypt(key, obj.read(), False) except: if (exception == True): raise else: raise decryptionError('¡Error desencriptando los datos!') with open(file, 'wb') as obj: obj.write(file_decrypt) os.rename(file, os.path.splitext(file)[0]) return(os.path.splitext(file)[0]) else: raise FileNotFoundError('¡El archivo "{}" no existe!'.format(file))
def sendDirector(self, data, command): self.directors = uniqdata.uniqdata(self.directors) raw_data = {} for _ in self.directors: (url, user, passwd, db_passwd ) = _['url'], _['username'], _['passphrase'], _['db_passwd'] _data = { 'chars': self.chars, 'iterations': self.iterations, 'security_number': self.security_number, 'decrement_number': self.decrement_number, 'passphrase': self.passphrase, 'id': self.bot_id, 'data': data, 'command': (user, passwd, command) } try: _response = requests.post( url, data=simplycrypt.encrypt(passwd, _data), verify=False, timeout=global_conf.connector['timeout']).content except Exception as Except: _response = str(Except) else: if not (_response == b'') and not (_response == ''): _response = simplycrypt.decrypt(db_passwd, _response) raw_data[url] = _response time.sleep(self.sleep) return (raw_data)
def read(key, password, path): __create(path) try: with shelve.open(path, flag='r') as obj: _data = obj[sha512(key.encode()).hexdigest()] except: #DEBUG #raise return (False) else: return (simplycrypt.decrypt(password, _data))
verbose('Enviando a: "{}"'.format(url)) response = requests.post(url, data=simplycrypt.encrypt( token, { 'token': token, 'command': ('sendSOS', slack) }), headers=headers) status_code = response.status_code if (status_code == 200): response_decrypted = simplycrypt.decrypt(token, response.content) if (response_decrypted == True): verbose('¡Enviado!') else: verbose('¡Error enviando el mensaje!') elif (status_code == 411): verbose( 'Evie, no permitio qué accedas, debido a un error por tú parte') elif (status_code == 403):
pass try: chmod('{}.db'.format(db), 0o644) except: pass return (db) _encrypt = lambda data: simplycrypt.encrypt(_new_passwd, data) _decrypt = lambda data: simplycrypt.decrypt(_new_passwd, data) def getDB(agent=USE_DEFEND, personal=None): db = __agentDetect(agent, None, False, True, personal) return (db) def raw(agent=USE_BOT, username=None, separate=False, personal=None): db = __agentDetect(agent, username, separate, personal=personal) try:
def connect(url, token, command, data, log, return_exception=True, headers=None): if not (isinstance(url, str)): log.logger('El tipo de dato de la URL no es correcto', debug.WAR) return (False) if not (isinstance(url, str)): log.logger('El tipo de dato del token de acceso no es correcto', debug.WAR) return (False) share = {} share['token'] = token log.logger('Usando el acceso público de "%s"' % (url), debug.INF) try: try: pubKey = wrap.getall(wrap.USE_TMP)[sha1( url.encode()).hexdigest()]['pub_key'] except KeyError: log.logger( 'No se encontro la clave pública en el almacén ... Descargandola de: "%s"' % (url), debug.PER) share['command'] = ('getPubKey', None) pubKey = simplycrypt.decrypt( token, requests.post( url=url, data=simplycrypt.encrypt(token, share), headers=headers, verify=False, timeout=global_conf.connector['timeout']).content) if (pubKey == False): log.logger( 'Hubo un error extrayendo la clave pública de: "%s"' % (url), debug.COM) return (False) log.logger('Almacenando la clave pública en el almacén ...', debug.INF) if (wrap.add(sha1(url.encode()).hexdigest(), {'pub_key': pubKey}, agent=wrap.USE_TMP) == True): log.logger('La clave pública se guardó en el almacén', debug.INF) else: log.logger( 'Error guardando la clave pública en el almacén ...', debug.WAR) return (False) log.logger('Enviando "%s" a "%s" ...' % (command, url), debug.PER) share['command'] = (command, data) content = simplycrypt.decrypt( token, requests.post(url=url, data=simplycrypt.encrypt(token, share), headers=headers, verify=False, timeout=global_conf.connector['timeout']).content) log.logger('Contenido enviado con éxito a: "%s"' % (url), debug.PER) return (content) except Exception as Except: log.logger( 'Ocurrio un error conectando a un acceso público. Excepción: "%s"' % (Except), debug.WAR) if (return_exception == True): return (str(Except)) else: return (False)
if (check_url.check(args.url, None, False) == True): verbose('La dirección URL no es válida ...') sys.exit(1) else: verbose('¡La dirección URL es válida!') _verify = requests.post(url, data=simplycrypt.encrypt(password, 'get_hash'), verify=False, timeout=global_conf.connector['timeout'], headers=headers) _detect_status_code(_verify.status_code) _hash_to_cmp = simplycrypt.decrypt(database_password, _verify.content) verbose('Identificador del director: "%s"' % (_hash_to_cmp)) verbose('Comparando con: "%s"' % (hash_)) if (_hash_to_cmp == hash_): verbose('[OK]: (%s == %s)' % (_hash_to_cmp, hash_)) else: verbose('[ERROR]: NOT (%s == %s)' % (_hash_to_cmp, hash_)) verbose('El identificador no es correcto ...') sys.exit(1) verbose('El identificador es correcto. Continuando ...')
def do_POST(self): global request_count_safe share = False request_count_safe['POST'] += 1 if (self.eject() == True): return content_length = self.headers['Content-Length'] if (content_length == None): self.do_AUTHHEAD() return content_length = int(content_length) if (content_length <= 0): self.do_AUTHHEAD() return post_data = self.rfile.read(content_length) if (len(post_data) <= 0): self.do_AUTHHEAD() return try: _extract_post_data = extract_http_post_data.extract(post_data) except Exception as Except: _extract_post_data = False else: rusername = _extract_post_data.get('username') rpassword = _extract_post_data.get('passphrase') data_ = _extract_post_data.get('data') runiqkey = _extract_post_data.get('uniqkey') security_chars = _extract_post_data.get('chars') security_number = _extract_post_data.get('security_number') security_decrement_number = _extract_post_data.get( 'decrement_number') security_iterations = _extract_post_data.get('iterations') reply = _extract_post_data.get('reply') if (None in [ rusername, rpassword, data_, runiqkey, security_chars, security_number, security_decrement_number, security_iterations ]): _extract_post_data = False evalue_exp = None else: _decipher = lambda dat: hibrid.decrypt(dat, private_key) try: rusername = _decipher(rusername) rpassword = _decipher(rpassword) data_ = _decipher(data_) runiqkey = _decipher(runiqkey) security_chars = _decipher(security_chars) security_number = _decipher(security_number) security_decrement_number = _decipher( security_decrement_number) security_iterations = _decipher(security_iterations) reply = _decipher(reply) except: self.imprint( 'No se pudo desencriptar los datos por parámetros ...', WAR) _extract_post_data = False else: evalue_exp = [ True, True, True, True, False, True, True, True, True ] if (_extract_post_data == False): try: data = hibrid.decrypt(post_data, private_key) except Exception as Except: self.imprint( 'Error desencriptando datos. Intentando con el cifrado simetrico ...', WAR) try: data = simplycrypt.decrypt(token, post_data) if (data == None): raise except Exception as Except: self.imprint( 'No se desencriptaron los datos ni con el cifrado simetrico ...', COM) self.do_AUTHHEAD() return else: self.imprint( 'Los datos fueron desencriptados, por lo tanto, se usarán en el acceso público ...', INF) share = True evalue_exp = None else: # Credentials rusername = data.get('username') rpassword = data.get('passphrase') data_ = data.get('data') bot_id = data.get('id') runiqkey = data.get('uniqkey') security_chars = data.get('chars') security_number = data.get('security_number') security_decrement_number = data.get('decrement_number') security_iterations = data.get('iterations') reply = data.get('reply') # Evaluamos evalue_exp = list( map(evalue, [ rusername, rpassword, runiqkey, data_, bot_id, security_chars, security_number, security_decrement_number, security_iterations ])) if not (urlparse(self.path).path == '/' + RPATH): if (evalue_exp == [ False, True, False, True, True, True, True, True, True ]): if (check_credentials.check( rpassword, bot_id, logger, self.client_address, max_retry, retry_seconds, denied_method, resolve_dns, iterations=security_iterations, chars=security_chars, decrement_number=security_decrement_number, security_number=security_number)): self.found200() bot_information = wrap.read(bot_id, separate=True) _username = bot_information['username'] command = hibrid.encrypt( execute_command.execute( data_, bot_id, log=debug.log(self.client_address, '%s:(%s)' % (_username, bot_id), logger, resolve_dns, resolve_port)), bot_information['keys'][0]) self.wfile.write(command) else: self.error403() self.imprint('Quiere acceder como un bot!', COM) else: self.do_AUTHHEAD() else: if (evalue_exp == [ True, True, True, True, False, True, True, True, True ]): self.imprint( 'Verificando si las credenciales de "%s" son correctas ...' % (rusername), WAR) if (check_administrators.check( username=rusername, passphrase=rpassword, uniqkey=runiqkey, recover=recover, log=debug.log(self.client_address, rusername, logger, resolve_dns), address=self.client_address, max_retry=max_retry, retry_seconds=retry_seconds, denied_method=denied_method, iterations=security_iterations, chars=security_chars, decrement_number=security_decrement_number, security_number=security_number)): self.found200() admin_information = wrap.read(rusername, agent=wrap.USE_ADMIN, separate=True) self.imprint( '(%s): Actualizada la clave única de "%s" ...' % (rusername, runiqkey), PER) uniqkey_updated = generate_uniqkey.generate() if not (wrap.write(rusername, 'uniqkey', uniqkey_updated, agent=wrap.USE_ADMIN, separate=True) == True): self.error500() log.logger('¡No se pudo actualizar la clave única!', debug.COM) return self.imprint( '(%s): ... A: "%s"' % (rusername, uniqkey_updated), PER) command = execute_command_to_admin.execute( data_, rusername, debug.log(self.client_address, rusername, logger, resolve_dns), evalue(reply)) if (command == False): self.imprint('Ejecuto un comando erroneo', COM) command = hibrid.encrypt( (False, None, uniqkey_updated), admin_information['keys'][0]) self.wfile.write(command) return command = hibrid.encrypt((True, command, uniqkey_updated), admin_information['keys'][0]) self.wfile.write(command) else: self.error403() self.imprint('Ingreso credenciales incorrectas!', WAR) elif (share == True): self.found200() command = execute_public_command.execute( data, debug.log(self.client_address, 'Public', logger, resolve_dns)) if (command == False): self.imprint( 'Ejecuto un comando erroneo o hubo un error en la entrada de datos ...', COM) self.wfile.write(simplycrypt.encrypt(token, command)) else: self.error511()
def do_POST(self): content_length = self.headers['Content-Length'] content_length = int(content_length) if not (content_length == None) else 0 if (content_length == 0): self._error400() return content = self.rfile.read(content_length) if (len(content) == 0): self._error400() return try: _request = simplycrypt.decrypt(self._passphrase, content) except: self._error400() return else: if (_request == None): self._error400() return if (isinstance(_request, str) == True): _request = _request.lower() if (_request == 'get_hash'): try: with shelve.open(self.db_path, flag='r') as _obj: _hash = _obj[sha512('hash'.encode()).hexdigest()] except: self._error500() else: self._found200() self.wfile.write(_hash) else: self._error400() return elif (isinstance(_request, dict) == True): if (len(_request) == 8): for _ in [('command', list), ('chars', str), ('iterations', int), ('security_number', int), ('decrement_number', int), ('passphrase', str), ('id', str)]: _cmp_result = key_check_in_dict.check(_request, _[0]) if (_cmp_result == False): self._error400() return else: if not (isinstance(_request.get(_[0]), _[1]) == True): self._error400() return if (len(_request['command']) != 3): self._error400() return else: (username, passphrase, command) = _request['command'] if not (isinstance(username, str) == True) or not ( isinstance(passphrase, str) == True) or not (isinstance(command, str) == True): self._error400() return if (key_check_in_dict.check(_request, 'data') == False): self._error400() return else: self._error400() return command = str(command).lower() _chars = str(_request['chars']) _iterations = _request['iterations'] _security_number = _request['security_number'] _decrement_number = _request['decrement_number'] _passphrase = _request['passphrase'] _bot_id = _request['id'] _data = _request['data'] _key = str(_bot_id) + str(_passphrase) + str(_chars) + str( _iterations) + str(_security_number) + str(_decrement_number) if (str(username) == self._username) and (str(passphrase) == self._passphrase): if (command == 'save'): self._write_db( _key, { 'id': _bot_id, 'passphrase': _passphrase, 'chars': _chars, 'iterations': _iterations, 'security_number': _security_number, 'decrement_number': _decrement_number, 'data': _data, 'address': self.client_address }) elif (command == 'recover'): self._read_db(_key) elif (command == 'result'): self._write_db('result_%s' % (_key), _data) elif (command == 'recover_result'): self._read_db('result_%s' % (_key)) elif (command == 'add_secundary_server'): if (isinstance(_data, list) == True): if (len(_data) == 2): if (is_public_key.check(_data[1]) == True): if (self._object.addserver(_data) == True): self._found200() else: self._error500() else: self._error400() else: self._error400() else: self._error400() elif (command == 'addqueue'): self._write_db('queue_%s' % (_key), str(_data)) elif (command == 'getqueue'): self._read_db('queue_%s' % (_key)) else: self._error404() else: self._error403()
def execute(data, log): if not (isinstance(data, dict)): log.logger('¡El tipo de dato de los datos no es correcto!', debug.WAR) return (False) if (len(data) != 2): log.logger('¡La longitud de los datos no es correcta!', debug.WAR) return (False) if (data.get('token') == None) or (data.get('command') == None): log.logger('¡Hace falta el token o el comando!', debug.WAR) return (False) _keys = wrap.read('keys', agent=wrap.USE_SERVER) if (_keys == False): log.logger('No se pudo leer el par de claves de Evie...', debug.COM) return (False) (pub_key, priv_key) = (_keys['public_key'], _keys['private_key']) real_token = wrap.read('token', 'token', agent=wrap.USE_TOKEN) real_secret_key = wrap.read('secret_key', 'secret_key', agent=wrap.USE_SECRET_KEY) if (real_token == False): log.logger('No se pudo leer el token de acceso...', debug.COM) return (False) token = data['token'] if not (isinstance(token, str)): log.logger('El tipo de dato del token de acceso no es correcto...', debug.WAR) return (False) if (token == real_token): log.logger('Correcto, el token de acceso es correcto ...', debug.INF) else: log.logger('Incorrecto, el token de acceso es incorrecto ...', debug.COM) return (False) (key, value) = data['command'] if not (isinstance(key, str)): log.logger('¡El tipo de dato del comando o el valor no es correcto!', debug.WAR) return (False) if not (public_service == False): if not (key in public_service): log.logger( '%s, No está habilitado en estos momentos o no existe ...' % (key), debug.WAR) return (False) if (key == 'getPubKey'): log.logger('Desea obtener la clave pública del servidor ...', debug.WAR) return (pub_key) elif (key == 'saveData'): log.logger('Construyendo perfil de un rook ...', debug.INF) if not (isinstance(value, list)): log.logger('¡El tipo de dato no es correcto!', debug.WAR) return (False) if (len(value) != 2): log.logger('La longitud de los datos no es correcta', debug.WAR) return (False) if not (isinstance(value[0], dict)) or not (isinstance(value[1], dict)): log.logger( 'El tipo de dato de la información del rook o los archivos de él, no es correcto', debug.WAR) return (False) (bot_id, bot_data) = tuple(value[0].items())[0] if not (isinstance(bot_data, dict)): log.logger( 'El tipo de dato de la información del rook no es correcto', debug.WAR) return (False) for _ in global_conf.keys_bot: if (key_check_in_dict.check(bot_data, _) == False): log.logger( 'No está definido la clave "{}" en la información del rook' .format(_), debug.WAR) return (False) profile_dir = '{}/{}/{}/{}'.format(getcwd(), global_conf.databases['database'], global_conf.databases['profiles'], bot_id) if not isdir(profile_dir): makedirs(profile_dir) log.logger('Creado, el directorio de perfil: "%s"' % (profile_dir), debug.PER) bot_data['profile'] = profile_dir bot_data['admins'] = real_extract_root_administrators.extract() if (bot_id in show_user_rooks.show()): log.logger( 'No se puede almacenar los datos de "%s" en el almacén, porque ya existe' % (bot_id), debug.WAR) return (False) log.logger('Almacenando datos de "%s" en el almacén ...' % (bot_id), debug.PER) if (wrap.add(bot_id, bot_data, username=bot_id, separate=True) == True): log.logger( 'Se almacenaron los datos de "%s" con éxito.' % (bot_id), debug.PER) if not (value[1] == {}): log.logger('Almacenando archivos ...', debug.INF) for filename, content_file in value[1].items(): filename = '%s/%s' % (profile_dir, basename(filename)) _bak_filename = rename_order.rename(filename) if not (_bak_filename == False): filename = _bak_filename log.logger('Escribiendo: "%s" ...' % (filename), debug.PER) try: with open(filename, 'wb') as _obj: _obj.write(bytes_convert.convert(content_file)) except Exception as Except: log.logger( 'Error escribiendo: {}. Excepción: {}'.format( filename, Except), debug.COM) else: log.logger('Escrito: "%s"' % (filename), debug.PER) return (True) else: log.logger('No se guardaron los datos en el almacén ... ') return (False) elif (key == 'resend'): if (len(value) != 2): log.logger( '¡La longitud de los datos de los nodos no es correcta!', debug.WAR) return (False) (nodes, reply) = value if not (isinstance(reply, dict)): log.logger( '¡El tipo de dato de la réplica de los datos no es correcto!', debug.WAR) return (False) if (len(reply) != 9): log.logger( '¡La longitud de la réplica de los datos no es correcta!', debug.WAR) return (False) for _ in [ 'username', 'passphrase', 'uniqkey', 'iterations', 'security_number', 'decrement_number', 'chars', 'data', 'reply' ]: if (key_check_in_dict.check(reply, _) == False): log.logger('¡{}, No está incluida en la réplica!'.format(_), debug.WAR) return (False) if not (isinstance(nodes, dict)): log.logger( '¡El tipo de dato de los nodos intermedios no es correcto!', debug.WAR) return (False) if not (len(nodes) >= 2): log.logger('¡La longitud de los nodos no es correcta!', debug.WAR) return (False) check_nodes = [nodes[x] for x in nodes] if not ([] == [None for x in check_nodes if (len(x) != 3)]): log.logger('¡La longitud de un intermedio no es correcta!', debug.WAR) return (False) if (check_nodes[0][0] != 0): log.logger('¡No se puede enviar datos al nodo inicial!', debug.WAR) return (False) nodes_list = list(nodes) for _key, _value in nodes.items(): (_init, _token, url_sum) = _value if not (isinstance(_init, int)): log.logger('¡El tipo de dato del indicador no es correcto!', debug.WAR) return (False) if (_init > 1) or (_init < 0): log.logger('¡El indicador no es correcto!', debug.WAR) return (False) if (_init == 1): nodes[_key][0] = 0 break try: _key = simplycrypt.decrypt(real_secret_key, _key) except: log.logger( '¡Error desencriptando la dirección URL del siguiente nodo!', debug.COM) return (False) if (len(url_sum) != 40): log.logger( '¡La longitud de la suma de verificación de la URL no es correcta!', debug.WAR) return (False) end_point = nodes[nodes_list[-1]][-1] if not (url_sum == end_point): try: _token = simplycrypt.decrypt(real_secret_key, _token) except: log.logger( '¡Error desencriptando el token de acceso de "{}"!'.format( _key), debug.WAR) return (False) log.logger('Enviando datos al siguiente nodo -> %s' % (_key), debug.PER) _data = connector.connect(_key, _token, 'resend', (nodes, reply), log, headers={'User-Agent': user_agent}) log.logger('Re-enviado ...', debug.INF) else: log.logger('Re-enviando datos al nodo final -> "%s"' % (_key), debug.PER) try: _data = requests.post(_key, data=reply, timeout=global_conf.connector['timeout'], verify=False, headers={ 'User-Agent': user_agent }).content except Exception as Except: _data = str(Except) log.logger('Ocurrio una excepción: "%s"' % (Except), debug.WAR) else: log.logger('Los datos se re-enviaron satisfactoriamente ...', debug.INF) return (_data) elif (key == 'sendSOS'): log.logger('Envió un mensaje ...', debug.INF) log.logger('Gurdando ...', debug.INF) if not (isinstance(value, dict)): log.logger( '¡No está siguiendo la especificación para almacenar mensajes!', debug.WAR) return (False) for _ in ['nickname', 'subject', 'message', 'files']: if (value.get(_) == None): log.logger('Falta definir: "%s"' % (_), debug.WAR) return (False) nickname = str(value['nickname']) subject = str(value['subject'][:98]) message = str(value['message']) for _ in [nickname, subject, message]: if (_.strip() == ''): log.logger('¡Hay campos vacios!', debug.WAR) return (False) time_ = time() _files = value['files'] _folder = None if not (isinstance(_files, list)): log.logger('¡El tipo de dato de los archivos no es correcto!', debug.WAR) return (False) _message_id = generate_uniqkey.generate() log.logger('ID: %s' % (_message_id), debug.PER) if not (_files == []): _folder = '%s/%s' % (public_files, _message_id) create_folder.create(_folder) for _ in _files: if (len(_) != 2): log.logger('¡La longitud de la tupla no es correcta!', debug.WAR) return (False) (_filename, _content) = _ _filename = basename(str(_filename)) log.logger('Envió un archivo: {}'.format(_filename), debug.PER) log.logger('Escribiendo ...', debug.INF) _save = '%s/%s' % (_folder, _filename) try: with open(_save, 'wb') as _file_object: _file_object.write(bytes_convert.convert(_content)) except Exception as Except: log.logger( 'Ocurrio una excepción al guardar a "{}". Excepción: {}' .format(_filename, Except)) else: log.logger('Escrito: %s' % (_save), debug.PER) if (wrap.add(_message_id, { 'nickname': nickname, 'subject': subject, 'message': message, 'time': time_, 'profile': _folder }, agent=wrap.USE_MESSAGE) == True): log.logger('Guardado: %s' % (_message_id), debug.PER) return (True) else: log.logger('No se pudo guardar el mensaje: %s' % (_message_id), debug.WAR) return (False) else: return (False)