def get_api_rpc_cmd(cmd_id: str, auth_token: str):
'''Caller gets result of previous OS command on agent.
Calls web api.
TODO: Add authorization check on whether caller has permissions.
Params
cmd_id: Integer of os cmd record.
'''
import requests
session = HTMLSession()
CMD_ID = cmd_id
AUTH_TOKEN = auth_token
BASE_URL = 'http://127.0.0.1:8000/'
timestamp = datetime.datetime.now(timezone('UTC')).isoformat()
req = requests.Request(
'GET',
f'{BASE_URL}rpc/{CMD_ID}/',
{
'Authorization': f'Token {AUTH_TOKEN}',
},
)
prep_req = session.prepare_request(req)
res = session.send(prep_req)
return res
def run_api_rpc(rpc: str, rpc_params: str, rsa_key_path: str, auth_token: str):
'''Caller specifies the RPC and to run on agent.
Calls web api.
Params
rpc: Remote procedure call (Python function)
rpc_params: Parameters to pass to the rpc. Must be base64 encoded
json string.
'''
session = HTMLSession()
RPC = rpc
# Verify rpc params is valid json.
RPC_PARAMS = rpc_params
if RPC_PARAMS:
params_jstr = base64.b64decode(RPC_PARAMS)
try:
json.loads(params_jstr)
except ValueError:
raise Exception(f'Decoding JSON has failed')
AUTH_TOKEN = auth_token
BASE_URL = 'http://127.0.0.1:8000/'
RSA_KEY_PATH = rsa_key_path
timestamp = datetime.datetime.now(timezone('UTC')).isoformat()
# Sign rpc call, params, and timestamp
rsa_key = get_crypto_key(RSA_KEY_PATH)
signaure_json_str = json.dumps({
'rpc': RPC,
'rpc_params': RPC_PARAMS,
'timestamp': timestamp,
})
signature = get_cmd_sign(rsa_key, signaure_json_str)
b64_signature = base64.b64encode(signature).decode('utf-8')
print(f'{repr(signaure_json_str)}')
req = requests.Request('POST',
f'{BASE_URL}rpc/', {
'Authorization': f'Token {AUTH_TOKEN}',
},
json={
'rpc': RPC,
'signature': b64_signature,
'params': RPC_PARAMS,
'timestamp': timestamp,
})
prep_req = session.prepare_request(req)
res = session.send(prep_req)
return res
def run_api_os_cmd(os_cmd: str, rsa_key_path: str, auth_token: str):
'''Caller executes an OS command on agent.
Calls web api.
Params
os_cmd: Plaintext operating system os command. Command parameters must
be appended with a commas. e.g. 'ls,-la'
'''
import requests
session = HTMLSession()
CMD = os_cmd
AUTH_TOKEN = auth_token
BASE_URL = 'http://127.0.0.1:8000/'
RSA_KEY_PATH = rsa_key_path
timestamp = datetime.datetime.now(timezone('UTC')).isoformat()
# Sign os command
rsa_key = get_crypto_key(RSA_KEY_PATH)
signaure_json_str = json.dumps({
'cmd_list': CMD,
'timestamp': timestamp,
})
signature = get_cmd_sign(rsa_key, signaure_json_str)
b64_signature = base64.b64encode(signature).decode('utf-8')
req = requests.Request('POST',
f'{BASE_URL}jobs/', {
'Authorization': f'Token {AUTH_TOKEN}',
},
json={
'cmd_list': CMD,
'signature': b64_signature,
'timestamp': timestamp,
})
prep_req = session.prepare_request(req)
res = session.send(prep_req)
return res
class TwitterScrap:
def __init__(self):
self.session = HTMLSession()
self.x_guest_token = None
self.headers = {"User-Agent": USER_AGENT}
def get_profile(self, username):
profile = Profile()
profile.profile_url = f"https://twitter.com/{username}/"
self.__get_token(profile.profile_url)
self.headers["x-guest-token"] = self.x_guest_token
self.headers[
"Authorization"] = "Bearer AAAAAAAAAAAAAAAAAAAAANRILgAAAAAAnNwIzUejRCOuH5E6I8xnZz4puTs=1Zv7ttfk8LF81IUq16cHjhLTvJu4FA33AGWWjCpTnA"
self.headers["Referer"] = profile.profile_url
params = {
'variables':
json.dumps({
'screen_name': username,
'withHighlightedLabel': True
},
separators=(',', ':'))
}
prepared_request = self.session.prepare_request(
requests.Request(
"GET",
"https://api.twitter.com/graphql/-xfUfZsnR_zqjFd-IfrN5A/UserByScreenName",
headers=self.headers,
params=urllib.parse.urlencode(params,
quote_via=urllib.parse.quote)))
res = self.session.send(prepared_request,
allow_redirects=True,
timeout=15)
profile.parse_profile(res.json())
return profile
def get_tweets(self,
profile: Profile,
include_replies=False,
include_rt=False,
count=40):
prepared_request = self.session.prepare_request(
requests.Request(
"GET",
f"https://twitter.com/i/api/2/timeline/profile/{profile.id}.json",
headers=self.headers,
params=urllib.parse.urlencode(get_params(
profile.id, include_replies, count),
quote_via=urllib.parse.quote)))
res = self.session.send(prepared_request,
allow_redirects=True,
timeout=10)
if res.status_code != 200:
raise Exception(
f"Could not get tweets, status_code {res.status_code}")
data = res.json()
tweets = parse_tweets(data, include_rt, profile.id)
return tweets
def __get_token(self, url):
if self.x_guest_token == None:
request = self.session.prepare_request(
requests.Request("GET", url, headers=self.headers))
res = self.session.send(request, allow_redirects=True, timeout=20)
possible_token = re.search(
r'decodeURIComponent\("gt=(\d+); Max-Age=10800;', res.text)
if possible_token:
self.x_guest_token = possible_token.group(1)
self.session.cookies.set("gt",
self.x_guest_token,
domain='.twitter.com',
path='/',
secure=True,
expires=time.time() + 10800)
else:
raise Exception(
f"Could not retrieve guest token, status_code {res.status_code}"
)
else:
return
