def list_sessions():
uuid_msfjobid = {}
msfjobs = Job.list_msfrpc_jobs()
if msfjobs is not None:
for jobid in msfjobs:
datastore = msfjobs[jobid].get("datastore")
if datastore is not None:
uuid_msfjobid[msfjobs[jobid]["uuid"]] = {"job_id": int(jobid),
"PAYLOAD": datastore.get("PAYLOAD"),
"LPORT": datastore.get("LPORT"),
"LHOST": datastore.get("LHOST"),
"RHOST": datastore.get("RHOST")}
sessions_available_count = 0
sessions = []
infos = RpcClient.call(Method.SessionList, timeout=3)
if infos is None:
return sessions
if infos.get('error'):
logger.warning(infos.get('error_string'))
return sessions
sessionhosts = []
for key in infos.keys():
info = infos.get(key)
if info is not None:
one_session = {}
try:
one_session['id'] = int(key)
except Exception as E:
logger.warning(E)
continue
# 处理linux的no-user问题
if str(info.get('info')).split(' @ ')[0] == "no-user":
info['info'] = info.get('info')[10:]
one_session['type'] = info.get('type')
one_session['session_host'] = info.get('session_host')
one_session['tunnel_local'] = info.get('tunnel_local')
one_session['tunnel_peer'] = info.get('tunnel_peer')
one_session['tunnel_peer_ip'] = info.get('tunnel_peer').split(":")[0]
one_session['tunnel_peer_locate'] = Geoip.get_city(info.get('tunnel_peer').split(":")[0])
one_session['via_exploit'] = info.get('via_exploit')
one_session['exploit_uuid'] = info.get('exploit_uuid')
if uuid_msfjobid.get(info.get('exploit_uuid')) is None:
one_session['job_info'] = {"job_id": -1,
"PAYLOAD": None,
"LPORT": None,
"LHOST": None,
"RHOST": None}
else:
one_session['job_info'] = uuid_msfjobid.get(info.get('exploit_uuid'))
one_session['via_payload'] = info.get('via_payload')
one_session['tunnel_peer_ip'] = info.get('tunnel_peer').split(":")[0]
one_session['tunnel_peer_locate'] = Geoip.get_city(info.get('tunnel_peer').split(":")[0])
one_session['uuid'] = info.get('uuid')
one_session['platform'] = info.get('platform')
one_session['last_checkin'] = info.get('last_checkin') // 5 * 5
one_session['fromnow'] = (int(time.time()) - info.get('last_checkin')) // 5 * 5
one_session['info'] = info.get('info')
one_session['arch'] = info.get('arch')
try:
one_session['user'] = str(info.get('info')).split(' @ ')[0]
one_session['computer'] = str(info.get('info')).split(' @ ')[1]
except Exception as _:
one_session['user'] = "******"
one_session['computer'] = "Initializing"
one_session['advanced_info'] = {"sysinfo": {}, "username": "******"}
one_session['os'] = None
one_session['load_powershell'] = False
one_session['load_python'] = False
one_session['routes'] = []
one_session['isadmin'] = False
one_session['available'] = False # 是否初始化完成
sessions.append(one_session)
continue
one_session['load_powershell'] = info.get('load_powershell')
one_session['load_python'] = info.get('load_python')
one_session['advanced_info'] = info.get('advanced_info')
try:
one_session['os'] = info.get('advanced_info').get("sysinfo").get("OS")
one_session['os_short'] = info.get('advanced_info').get("sysinfo").get("OS").split("(")[0]
except Exception as _:
one_session['os'] = None
one_session['os_short'] = None
try:
one_session['isadmin'] = info.get('advanced_info').get("sysinfo").get("IsAdmin")
if info.get('platform').lower().startswith('linux'):
if "uid=0" in one_session['info'].lower():
one_session['isadmin'] = True
except Exception as _:
one_session['isadmin'] = None
routestrlist = info.get('routes')
one_session['routes'] = []
try:
if isinstance(routestrlist, list):
for routestr in routestrlist:
routestr.split('/')
tmpdict = {"subnet": routestr.split('/')[0], 'netmask': routestr.split('/')[1]}
one_session['routes'].append(tmpdict)
except Exception as E:
logger.error(E)
one_session['available'] = True
sessions.append(one_session)
# session监控统计信息
sessionhosts.append(info.get('session_host'))
sessions_available_count += 1
def split_ip(ip):
try:
result = tuple(int(part) for part in ip.split('.'))
except Exception as E:
logger.exception(E)
return 0, 0, 0
return result
def session_host_key(item):
return split_ip(item.get("session_host"))
sessions = sorted(sessions, key=session_host_key)
# session监控功能
if Xcache.get_sessionmonitor_conf().get("flag"):
if Xcache.get_session_count() < sessions_available_count:
Notice.send_sms(f"当前Session数量: {sessions_available_count} IP列表: {','.join(sessionhosts)}")
Notice.send_info(f"当前Session数量: {sessions_available_count}")
if Xcache.get_session_count() != sessions_available_count:
Xcache.set_session_count(sessions_available_count)
return sessions
def create(kind=None, tag=None, setting=None):
"""创建系统配置"""
if isinstance(setting, str):
setting = json.loads(setting)
if kind == "telegram":
token = setting.get("token")
chat_id = setting.get("chat_id")
proxy = setting.get("proxy")
if tag == "check": # 获取chat_id
user_chat_id_list = Telegram.get_alive_chat_id(token, proxy)
context = data_return(201, Setting_MSG.get(201),
user_chat_id_list)
return context
else:
if Settings._check_telegram_aliveable(token, chat_id,
proxy) is not True:
data = {
"token": token,
"chat_id": chat_id,
"proxy": proxy,
"alive": False
}
Xcache.set_telegram_conf(data)
context = data_return(303, Setting_MSG.get(303), data)
return context
else:
Notice.send_success("设置Telegram通知成功")
data = {
"token": token,
"chat_id": chat_id,
"proxy": proxy,
"alive": True
}
Xcache.set_telegram_conf(data)
context = data_return(202, Setting_MSG.get(202), data)
return context
elif kind == "dingding":
access_token = setting.get("access_token")
keyword = setting.get("keyword")
if Settings._check_dingding_aliveable(access_token,
keyword) is not True:
data = {
"access_token": access_token,
"keyword": keyword,
"alive": False
}
Xcache.set_dingding_conf(data)
context = data_return(304, Setting_MSG.get(304), data)
return context
else:
Notice.send_success("设置DingDing通知成功")
data = {
"access_token": access_token,
"keyword": keyword,
"alive": True
}
Xcache.set_dingding_conf(data)
context = data_return(203, Setting_MSG.get(203), data)
return context
elif kind == "serverchan":
sendkey = setting.get("sendkey")
if Settings._check_serverchan_aliveable(sendkey) is not True:
data = {"sendkey": sendkey, "alive": False}
Xcache.set_serverchan_conf(data)
context = data_return(305, Setting_MSG.get(305), data)
return context
else:
Notice.send_success("设置Server酱通知成功")
data = {"sendkey": sendkey, "alive": True}
Xcache.set_serverchan_conf(data)
context = data_return(207, Setting_MSG.get(207), data)
return context
elif kind == "FOFA":
email = setting.get("email")
key = setting.get("key")
client = FOFAClient()
client.set_email_and_key(email, key)
if client.is_alive() is not True:
data = {"email": email, "key": key, "alive": False}
Xcache.set_fofa_conf(data)
context = data_return(306, Setting_MSG.get(306), data)
return context
else:
Notice.send_success("设置FOFA API 成功")
data = {"email": email, "key": key, "alive": True}
Xcache.set_fofa_conf(data)
context = data_return(206, Setting_MSG.get(206), data)
return context
elif kind == "sessionmonitor":
flag = setting.get("flag")
Xcache.set_sessionmonitor_conf({"flag": flag})
if flag:
msg = "Session监控功能已打开"
Notice.send_success(msg)
Notice.send_sms(msg)
else:
msg = "Session监控功能已关闭"
Notice.send_info(msg)
Notice.send_sms(msg)
context = data_return(204, Setting_MSG.get(204), {"flag": flag})
return context
elif kind == "lhost":
Xcache.set_lhost_config(setting)
Notice.send_success(f"设置回连地址成功,当前回连地址: {setting.get('lhost')}")
context = data_return(205, Setting_MSG.get(205), setting)
return context
else:
context = data_return(301, Setting_MSG.get(301), {})
return context
