def query_plugins(self, weapon_system, rpc): if 0 < len(weapon_system.plugins): self.output += "[-] Clearing old plugin(s) ...\n" for old_plugin in weapon_system.plugins: dbsession.delete(old_plugin) dbsession.flush() self.output += "[*] Attempting to detect remote plugin(s) ...\n" for algo in Algorithm.all(): self.output += "[+] Looking for %s plugins ..." % algo plugin_names = rpc.root.exposed_get_category_plugins(algo.name) self.output += " found %d\n" % len(plugin_names) for plugin_name in plugin_names: self.output += "[+] Query info from remote plugin '%s'\n" % plugin_name details = rpc.root.exposed_get_plugin_details(algo.name, plugin_name) plugin = PluginDetails( name=unicode(plugin_name), author=unicode(details['author']), website=unicode(details['website']), version=unicode(details['version']), description=unicode(details['description']), copyright=unicode(details['copyright']), ) plugin.precomputation = details['precomputation'] plugin.algorithm_id = algo.id weapon_system.plugins.append(plugin)
def __queue__(self): ''' Starts a job or leaves it in the queue (thread safe) ''' logging.debug("Attempting to acquire queue mutex ...") self.mutex.acquire() logging.debug("Successfully acquired queue mutex.") queue = list(Job.queue()) # Create a copy of the queue for job in queue: logging.info("Dispatching job: %s" % job.job_name) if len(job) == 0: job.status = u"COMPLETED" dbsession.add(job) dbsession.flush() else: algo = Algorithm.by_id(job.algorithm_id) weapon_systems = WeaponSystem.system_ready(algo) if weapon_systems is not None and 0 < len(weapon_systems): logging.info("Weapon systems available: %d" % ( len(weapon_systems), )) thread.start_new_thread( self.__crack__, (job, weapon_systems[0],) ) else: logging.info("No available weapon systems at this time.") self.mutex.release()
def __queue__(self): ''' Starts a job or leaves it in the queue (thread safe) ''' logging.debug("Attempting to acquire queue mutex ...") self.mutex.acquire() logging.debug("Successfully acquired queue mutex.") queue = list(Job.queue()) # Create a copy of the queue for job in queue: logging.info("Dispatching job: %s" % job.job_name) if len(job) == 0: job.status = u"COMPLETED" dbsession.add(job) dbsession.flush() else: algo = Algorithm.by_id(job.algorithm_id) weapon_systems = WeaponSystem.system_ready(algo) if weapon_systems is not None and 0 < len(weapon_systems): logging.info("Weapon systems available: %d" % (len(weapon_systems), )) thread.start_new_thread(self.__crack__, ( job, weapon_systems[0], )) else: logging.info("No available weapon systems at this time.") self.mutex.release()
def query_plugins(self, weapon_system, rpc): if 0 < len(weapon_system.plugins): self.output += "[-] Clearing old plugin(s) ...\n" for old_plugin in weapon_system.plugins: dbsession.delete(old_plugin) dbsession.flush() self.output += "[*] Attempting to detect remote plugin(s) ...\n" for algo in Algorithm.all(): self.output += "[+] Looking for %s plugins ..." % algo plugin_names = rpc.root.exposed_get_category_plugins(algo.name) self.output += " found %d\n" % len(plugin_names) for plugin_name in plugin_names: self.output += "[+] Query info from remote plugin '%s'\n" % plugin_name details = rpc.root.exposed_get_plugin_details( algo.name, plugin_name) plugin = PluginDetails( name=unicode(plugin_name), author=unicode(details['author']), website=unicode(details['website']), version=unicode(details['version']), description=unicode(details['description']), copyright=unicode(details['copyright']), ) plugin.precomputation = details['precomputation'] plugin.algorithm_id = algo.id weapon_system.plugins.append(plugin)
def get(self): author = users.get_current_user() name = self.request.get('name') query = Algorithm.query(ancestor=ndb.Key('Python Algorithms', 'scrap')) \ .filter(Algorithm.author == author) \ .filter(Algorithm.name == name) \ .order(Algorithm.date) self.response.content_type = 'application/json' try: for algo in query.fetch(None): algo.public = True algo.put() msg = 'User %s shared "%s".' % (author.email(), name) result = Executor(algo.script, algo.viz, False) if result.events: step = max(1, len(result.events) / 10) events = result.events[2::step] + [result.events[-1]] events = [viz for lineno, viz, output in events] algo.events = str(events) algo.put() msg += '\nAdded %d preview events' % len(events) else: msg += '\nNo preview events were recorded' info(msg) notify(author, 'share', algo.name, algo.script, algo.viz) self.response.write(json.encode({'result': msg})) except Exception as e: msg = 'Cannot publish "%s": %s' % (name, e) error(msg) self.response.write(json.encode({'result': msg}))
def post(self, *args, **kwargs): ''' Creates a job based on the parameters ''' form = Form( jobname="Please enter a job name", algorithm_uuid="Please select an algorithm", hashes="Please provide the target hashes", ) if form.validate(self.request.arguments): algo = Algorithm.by_uuid(self.get_argument('algorithm_uuid')) user = self.get_current_user() if algo is None: self.render('cracking/jobs/create.html', errors=['Invalid algorithm'] ) elif Job.by_job_name(self.get_argument('jobname')) is not None: self.render('cracking/jobs/create.html', errors=['Duplicate job name'] ) else: job = self.create_job(user, algo) dispatch = Dispatch.Instance() dispatch.refresh() self.render("cracking/jobs/created.html", job=job) else: self.render('cracking/jobs/create.html', errors=form.errors)
def __crack__(self, job, weapon_system): ''' Does the actual password cracking, before calling this function you should ensure the weapon system is online and not busy ''' results = None user = User.by_id(job.user_id) if user is None: logging.error( "Invalid job passed to dispatcher (no user with id %d)." % (job.user_id, )) elif job == None: logging.error("Invalid job passed to dispatcher (job is None).") else: job.started = datetime.now() algorithm = Algorithm.by_id(job.algorithm_id) try: ssh_keyfile = NamedTemporaryFile() ssh_keyfile.write(weapon_system.ssh_key) ssh_keyfile.seek(0) ssh_context = SshContext( weapon_system.ip_address, user=weapon_system.ssh_user, keyfile=ssh_keyfile.name, ) rpc_connection = rpyc.ssh_connect( ssh_context, weapon_system.service_port, ) hashes = job.to_list() logging.info("Sending %s job to %s for cracking." % ( job.job_name, weapon_system.weapon_system_name, )) job.status = u"IN_PROGRESS" dbsession.add(job) dbsession.flush() results = rpc_connection.root.exposed_crack_list( job.id, job.to_list(), algorithm.algorithm_name, ) except: logging.exception( "Connection to remote weapon system failed, check parameters." ) finally: ssh_keyfile.close() if results is not None: job.save_results(results) else: logging.warn("No results returned from weapon system.") job.status = u"COMPLETED" job.finished = datetime.now() dbsession.add(job) dbsession.flush() self.__next__()
def __crack__(self, job, weapon_system): ''' Does the actual password cracking, before calling this function you should ensure the weapon system is online and not busy ''' results = None user = User.by_id(job.user_id) if user is None: logging.error("Invalid job passed to dispatcher (no user with id %d)." % ( job.user_id, )) elif job == None: logging.error("Invalid job passed to dispatcher (job is None).") else: job.started = datetime.now() algorithm = Algorithm.by_id(job.algorithm_id) try: ssh_keyfile = NamedTemporaryFile() ssh_keyfile.write(weapon_system.ssh_key) ssh_keyfile.seek(0) ssh_context = SshContext( weapon_system.ip_address, user=weapon_system.ssh_user, keyfile=ssh_keyfile.name, ) rpc_connection = rpyc.ssh_connect( ssh_context, weapon_system.service_port, ) hashes = job.to_list() logging.info("Sending %s job to %s for cracking." % ( job.job_name, weapon_system.weapon_system_name, )) job.status = u"IN_PROGRESS" dbsession.add(job) dbsession.flush() results = rpc_connection.root.exposed_crack_list( job.id, job.to_list(), algorithm.algorithm_name, ) except: logging.exception("Connection to remote weapon system failed, check parameters.") finally: ssh_keyfile.close() if results is not None: job.save_results(results) else: logging.warn("No results returned from weapon system.") job.status = u"COMPLETED" job.finished = datetime.now() dbsession.add(job) dbsession.flush() self.__next__()
def post(self): author = users.get_current_user() self.response.content_type = 'application/json' try: algo = Algorithm(parent=ndb.Key('Python Algorithms', 'scrap')) algo.author = author algo.script = self.request.get('script') algo.viz = self.request.get('viz') algo.name = self.request.get('name') algo.public = False algo.put() # notify(author, 'save', algo.name, algo.script, algo.viz) msg = 'Script was successfully saved by %s as "%s"' % ( author.email(), algo.name) info(msg) info(algo.script) except Exception as e: msg = 'Could not save script: %s' % e self.response.write(json.encode({'result': msg}))
def loadScript(self, name, user=None): query = Algorithm.query(ancestor=ndb.Key('Python Algorithms', 'scrap')) \ .filter(Algorithm.name == name) \ .order(-Algorithm.date) algo = None for algo in query.fetch(None): if algo.public or not user or algo.author == user: break if algo: logging.info('Load script ' + str(algo.date)) return algo.name, algo.script, algo.viz, algo.author else: logging.info('No algo found for ' + name) return name, "# Cannot find: '" + name + "'", "", user
def get(self): author = users.get_current_user() name = self.request.get('name') query = Algorithm.query(ancestor=ndb.Key('Python Algorithms', 'scrap')) \ .filter(Algorithm.author == author) \ .filter(Algorithm.name == name) self.response.content_type = 'application/json' try: for version in query.fetch(None): version.key.delete() self.response.write(json.encode({'result': 'Deleted "%s"' % name})) info('User %s deleted "%s"' % ( author.email(), self.request.get('name'), )) except Exception as e: self.response.write( json.encode( {'result': 'Could not delete "%s": %s' % (name, e)}))
def post(self, *args, **kwargs): ''' Creates a job based on the parameters ''' form = Form( jobname="Please enter a job name", algorithm_uuid="Please select an algorithm", hashes="Please provide the target hashes", ) if form.validate(self.request.arguments): algo = Algorithm.by_uuid(self.get_argument('algorithm_uuid')) user = self.get_current_user() if algo is None: self.render('cracking/jobs/create.html', errors=['Invalid algorithm']) elif Job.by_job_name(self.get_argument('jobname')) is not None: self.render('cracking/jobs/create.html', errors=['Duplicate job name']) else: job = self.create_job(user, algo) dispatch = Dispatch.Instance() dispatch.refresh() self.render("cracking/jobs/created.html", job=job) else: self.render('cracking/jobs/create.html', errors=form.errors)
def load(self, filter): query = Algorithm.query(ancestor=ndb.Key('Python Algorithms', 'scrap')) \ .filter(filter) def info(pair): n, algo = pair return ( algo.name, algo.author.nickname(), algo.author.user_id(), algo.events or '[]', n, 'not yet shared' if not algo.public else '', ) algos = reversed(sorted(query.fetch(None), key=lambda algo: algo.date)) algos = map(info, enumerate(algos)) found = set() result = [] for algo in algos: if algo[0] not in found: found.add(algo[0]) result.append(algo) return sorted(result)
def execute_upload(self,request): import uuid form = self.form_class(request.POST, request.FILES) print request.FILES['file'] if form.is_valid(): print request.FILES['file'] resp = self.handle_uploaded_file(request.FILES['file']) if resp['score'] < 100 : button_type = 'btn-warning' else: button_type = 'btn-success' self.uuid_index = str(uuid.uuid4()) resp['score']= random.randint(1, 100) model = Algorithm run_rank = model.objects.filter(rating__gt=int(resp['score'])).order_by('ranking') if len(run_rank) > 0: rankobj = run_rank.last() rank = rankobj.ranking + 1 else: rank = 1 run_rank_low = model.objects.filter(rating__lte=int(resp['score'])) if len(run_rank_low) > 0 : for i in run_rank_low: i.ranking += 1 i.save() else: pass b = Algorithm(run_id= self.uuid_index, name=request.user.username, user=request.user, ranking = rank, rating=resp['score'], button = button_type, time= resp['duration'], cpu=18) b.save() job_post = u'{0} has sent a job score: {1} rank: {2} :'.format(request.user.username,resp['score'], rank) resp = model.objects.all().order_by('ranking') values = resp.values('run_id') for ind, item in enumerate(values) : if (item['run_id']) == self.uuid_index : paging = divmod(ind, 5)[0] feed = Feed(user=request.user, post=job_post, job_link='/leaderboard?q=foo&flop=flip&page='+str(paging+1)) feed.save() #request.user.profile.notify_job_done(b) like = Activity(activity_type=Activity.RUN_PROCESSED, feed=feed.pk, user=request.user) like.save() user = request.user user.profile.notify_liked_bis(feed) return paging
def execute_upload(self, request): import uuid form = self.form_class(request.POST, request.FILES) print request.FILES['file'] if form.is_valid(): print request.FILES['file'] resp = self.handle_uploaded_file(request.FILES['file']) if resp['score'] < 100: button_type = 'btn-warning' else: button_type = 'btn-success' self.uuid_index = str(uuid.uuid4()) resp['score'] = random.randint(1, 100) model = Algorithm run_rank = model.objects.filter( rating__gt=int(resp['score'])).order_by('ranking') if len(run_rank) > 0: rankobj = run_rank.last() rank = rankobj.ranking + 1 else: rank = 1 run_rank_low = model.objects.filter(rating__lte=int(resp['score'])) if len(run_rank_low) > 0: for i in run_rank_low: i.ranking += 1 i.save() else: pass b = Algorithm(run_id=self.uuid_index, name=request.user.username, user=request.user, ranking=rank, rating=resp['score'], button=button_type, time=resp['duration'], cpu=18) b.save() job_post = u'{0} has sent a job score: {1} rank: {2} :'.format( request.user.username, resp['score'], rank) resp = model.objects.all().order_by('ranking') values = resp.values('run_id') for ind, item in enumerate(values): if (item['run_id']) == self.uuid_index: paging = divmod(ind, 5)[0] feed = Feed(user=request.user, post=job_post, job_link='/leaderboard?q=foo&flop=flip&page=' + str(paging + 1)) feed.save() #request.user.profile.notify_job_done(b) like = Activity(activity_type=Activity.RUN_PROCESSED, feed=feed.pk, user=request.user) like.save() user = request.user user.profile.notify_liked_bis(feed) return paging
def create_or_edit(self, data, contract): try: algorithm_id = data.get('id') if not algorithm_id: algorithm = Algorithm() else: algorithm = Algorithm.query.filter_by( id=algorithm_id).first_or_404() if algorithm.contract_id != contract.id and not contract.is_admin: return None algorithm.title = data.get('title') algorithm.steps = data.get('steps') algorithm.description = data.get('description') algorithm.categories = data.get('categories') algorithm.template_id = data.get('template_id') algorithm.initial_step = data.get('steps')[0].get('uid') algorithm.current_step = data.get('steps')[0].get('uid') if data.get('is_template') and contract.is_admin: algorithm.clinics = data.get('clinics') algorithm.is_template = True algorithm.template_category = data.get('template_category') else: algorithm.patient_id = contract.patient_id algorithm.contract_id = contract.id if not algorithm_id: self.db.session.add(algorithm) self.change_step(algorithm, algorithm.initial_step) self.check_inits(algorithm) return algorithm except Exception as e: log(e) return None
#!/usr/bin/env python import sqlalchemy from models import Algorithm, Base, Currency, Wallet if __name__ == "__main__": engine = sqlalchemy.create_engine('sqlite:///:memory:', echo=True) Base.metadata.create_all(engine) Session = sqlalchemy.orm.sessionmaker(bind=engine) algo = Algorithm(name="crytponight") session = Session() session.add(algo) session.commit()
def algorithm(self): ''' Returns an algorithm object based on self.algorithm_id ''' return Algorithm.by_id(self.algorithm_id)
def execute_upload(self,request): import uuid form = self.form_class(request.POST, request.FILES) if form.is_valid(): #resp = self.handle_uploaded_file(request.FILES['file']) with open('uploaded_custom.py', 'wb+') as destination: for chunk in request.FILES['file'].chunks(): destination.write(chunk) destination.close() proxy = callme.Proxy(server_id='fooserver2',amqp_host='amqp://*****:*****@37.187.117.106/echopen1', timeout=3600) resp = proxy.denoise(open('uploaded_custom.py', 'rb').read()) self.uuid_index = str(uuid.uuid4()) model = Algorithm run_rank = model.objects.filter(rating__gt=int(resp['score'])).order_by('ranking') if len(run_rank) > 0: rankobj = run_rank.last() rank = rankobj.ranking + 1 else: rank = 1 run_rank_low = model.objects.filter(rating__lte=int(resp['score'])) if len(run_rank_low) > 0 : for i in run_rank_low: i.ranking += 1 i.save() else: pass b = Algorithm(run_id= self.uuid_index, name=request.user.username, user=request.user, ranking = rank, rating=resp['score'], button = button_type, time= resp['duration'], source_code=source, cpu=18) b.save() job_post = u'{0} has sent a job score: {1} rank: {2} :'.format(request.user.username,resp['score'], rank) resp = model.objects.all().order_by('ranking') values = resp.values('run_id') for ind, item in enumerate(values) : if (item['run_id']) == self.uuid_index : paging = divmod(ind, 5)[0] feed = Feed(user=request.user, post=job_post, job_link='/leaderboard?q=foo&flop=flip&page='+str(paging+1)) feed.save() #request.user.profile.notify_job_done(b) like = Activity(activity_type=Activity.RUN_PROCESSED, feed=feed.pk, user=request.user) like.save() user = request.user user.profile.notify_liked_bis(feed) return paging
sys.stdout.flush() password1 = getpass.getpass() sys.stdout.write(PROMPT + "Confirm New Admin ") sys.stdout.flush() password2 = getpass.getpass() if password1 == password2 and 12 <= len(password1): password = password1 else: print(WARN + 'Error: Passwords did not match, or were less than 12 chars') os._exit(1) ### Initialize algorithms md5 = Algorithm( name=u'MD5', length=32, chars=u'1234567890ABCDEF', ) lm = Algorithm( name=u'LM', length=16, chars=u'1234567890ABCDEF', ) ntlm = Algorithm( name=u'NTLM', length=16, chars=u'1234567890ABCDEF', ) dbsession.add(md5) dbsession.add(lm) dbsession.add(ntlm)