def __init__(self, parent, **kwargs):
super(WirelessModeController, self).__init__()
self.parent = parent
# self.setHidden(True) # hide widget on home
self.conf = SettingsINI.getInstance()
# append controller in DefaultWidget
self.parent.getDefault.addController(self)
class SettingsDHCPResource(Resource):
config = SettingsINI.getInstance()
key_name = "dhcp"
@token_required
def get(self, attribute=None):
if attribute:
if not attribute in self.config.get_all_childname(self.key_name):
return exception(
"Cannot found that attribute {} on {}!".format(
key, self.key_name),
code=400,
)
return jsonify(
{attribute: self.config.get(self.key_name, attribute)})
data = {}
for key in self.config.get_all_childname(self.key_name):
data[key] = self.config.get(self.key_name, key)
return jsonify(data)
@token_required
def post(self):
data = request.get_json(force=True)
for key, value in data.items():
if not key in self.config.get_all_childname(self.key_name):
return jsonify({
"message":
"Cannot found that attribute {} on {}!".format(
key, self.key_name)
})
self.config.set(self.key_name, key, value)
return jsonify(data)
def __init__(self, parse_args=None):
self.parse_args = parse_args
Cmd.__init__(self)
self.conf = SettingsINI.getInstance()
self.set_prompt()
self.initialize_core()
self.setOptions()
class getFileLogResource(Resource):
config = SettingsINI.getInstance()
args = "page"
limit_view = 10
def chunk(self, it, size):
it = iter(it)
return iter(lambda: tuple(islice(it, size)), ())
@token_required
def get(self, filename=None):
if not os.path.isfile("{}/{}.log".format(C.LOG_BASE, filename)):
return exception("Cannot found that file log {}".format(filename),
code=400)
for args in request.args:
if not args in self.args:
return exception(
"Cannot found parameters {} on request ".format(args),
code=400)
table = []
page = int(request.args.get("page"))
with open("{}/{}.log".format(C.LOG_BASE, filename), "r") as f:
for line in f:
table.append(json.loads(line))
data_splited = list(self.chunk(table, self.limit_view))
if page <= (len(data_splited) - 1):
return jsonify({
"data": {
"items": data_splited[page],
"limit_view": self.limit_view,
"total_pages": (len(table) // self.limit_view) + 1,
"current_page": page,
"total_count": len(table),
}
})
return jsonify({
"data": {
"items": [],
"limt_view": self.limit_view,
"total_pages": (len(table) // self.limit_view) + 1,
"current_page": page,
"total_count": len(table),
}
})
@token_required
def post(self):
data = request.get_json(force=True)
for key, value in data.items():
if not key in self.config.get_all_childname(self.key_name):
return exception(
"Cannot found that attribute {} on {}!".format(
key, self.key_name),
code=400,
)
self.config.set(self.key_name, key, value)
return jsonify(data)
class MitmPluginsResource(Resource):
config = SettingsINI.getInstance()
key_name = "mitm_modules"
def __init__(self):
self.root = PumpkinShell.getInstance()
super(MitmPluginsResource, self).__init__()
@token_required
def get(self):
mitm_plugins = self.root.mitm_controller.getInfo(excluded=("Config"))
for item in mitm_plugins:
mitm_plugins[item]["Activate"] = self.config.get(
self.key_name, mitm_plugins[item]["ID"], format=bool)
return jsonify({"plugins": mitm_plugins})
class ProxiesAllInfoResource(Resource):
config = SettingsINI.getInstance()
key_name = "proxy_plugins"
def __init__(self):
self.root = PumpkinShell.getInstance()
super(ProxiesAllInfoResource, self).__init__()
@token_required
def get(self):
proxy_plugins = self.root.proxy_controller.getInfo(excluded=("Config"))
for item in proxy_plugins:
proxy_plugins[item]["Activate"] = self.config.get(
self.key_name, proxy_plugins[item]["ID"], format=bool)
return jsonify({"proxies": proxy_plugins})
class LoginResource(Resource):
conf = SettingsINI.getInstance()
def get(self):
auth = request.authorization
if not auth or not auth.username or not auth.password:
return make_response(
"Could not verify",
401,
{"WWW-Authenticate": 'Basic realm="Login required!"'},
)
admin_password = generate_password_hash(self.conf.get(
"rest_api_settings", "PASSWORD"),
method="sha256")
admin_name = self.conf.get("rest_api_settings", "USERNAME")
admin_SECRET_KEY = self.conf.get("rest_api_settings", "SECRET_KEY")
if auth.username != admin_name:
return make_response(
"Could not verify",
401,
{"WWW-Authenticate": 'Basic realm="Login required!"'},
)
admin_public_id = self.conf.get("rest_api_settings", "public_id")
if check_password_hash(admin_password, auth.password):
token = jwt.encode(
{
"public_id":
admin_public_id,
"exp":
datetime.datetime.utcnow() +
datetime.timedelta(minutes=30),
},
admin_SECRET_KEY,
)
return jsonify({"token": token.decode("UTF-8")})
return make_response(
"Could not verify",
401,
{"WWW-Authenticate": 'Basic realm="Login required!"'},
)
class ProxysPluginsResource(Resource):
config = SettingsINI.getInstance()
key_name = "proxy_plugins"
def __init__(self):
self.root = PumpkinShell.getInstance()
super(ProxysPluginsResource, self).__init__()
@token_required
def get(self):
proxy_plugins = self.root.proxy_controller.getInfo()
list_plugins = []
for item in proxy_plugins:
proxy_plugins[item]["Activate"] = self.config.get(
self.key_name, proxy_plugins[item]["ID"], format=bool)
if proxy_plugins[item].get("Config"):
del proxy_plugins[item]["Config"]
list_plugins.append(proxy_plugins[item])
return jsonify({"proxys": list_plugins})
def decorated(*args, **kwargs):
token = None
if "x-access-token" in request.headers:
token = request.headers["x-access-token"]
if not token:
return jsonify({"message": "Token is missing!"})
conf = SettingsINI.getInstance()
try:
app_secret_key = conf.get("rest_api_settings", "SECRET_KEY")
data = jwt.decode(token, app_secret_key)
app_public_id = conf.get("rest_api_settings", "public_id")
if app_public_id != data["public_id"]:
return jsonify({"message": "Token is invalid!"})
except:
return jsonify({"message": "Token is invalid!"})
return f(*args, **kwargs)
class PluginsInfoResource(Resource):
config = SettingsINI.getInstance()
key_name = "mitm_modules"
def __init__(self):
self.root = PumpkinShell.getInstance()
super(PluginsInfoResource, self).__init__()
@token_required
def get(self, plugin_name=None):
if plugin_name:
if not plugin_name in self.config.get_all_childname(self.key_name):
return exception(
"Cannot found that attribute {} on {}!".format(
plugin_name, self.key_name),
code=400,
)
proxy_plugins = self.root.mitm_controller.getInfo(excluded=("Config"))
for item in proxy_plugins:
proxy_plugins[item]["Activate"] = self.config.get(
self.key_name, proxy_plugins[item]["ID"], format=bool)
return jsonify(proxy_plugins.get(plugin_name))
def init_app(app):
conf = SettingsINI.getInstance()
conf.set("rest_api_settings", "public_id", str(uuid.uuid4()))
def main():
app = QtCore.QCoreApplication(sys.argv)
conf = SettingsINI.getInstance()
# settings default values that change on
conf.set("accesspoint", "status_ap", False)
parser = argparse.ArgumentParser(
description="WiFi-Pumpkin - pure line-oriented command"
)
parser.add_argument(
"-i", dest="interface", help="set interface for create AP", default=""
)
parser.add_argument(
"-s", dest="session", help="set session for continue attack", default=None
)
parser.add_argument(
"-p",
"--pulp",
dest="pulp",
help="interactive sessions can be scripted with .pulp file",
default="",
)
parser.add_argument(
"-x",
"--xpulp",
dest="xpulp",
help='interactive sessions can be string with ";" as the separator',
default="",
)
parser.add_argument(
"-m",
"--wireless-mode",
dest="wireless_mode",
help="set wireless mode settings",
default=None,
)
parser.add_argument(
"--no-colors",
dest="nocolors",
help="disable terminal colors and effects.",
action="store_true",
default=False,
)
parser.add_argument(
"-v",
"--version",
action="version",
dest="version",
version="%(prog)s v{}".format(__version__),
)
parse_args = parser.parse_args()
parser_args_func(parse_args)
# check is rootuser
if not getuid() == 0:
sys.exit("[!] Wp3 must be run as root.")
_author = "{}".format(setcolor(__author__, color="yellow"))
_version = setcolor(__version__, color="yellow")
_codename = setcolor(__codename__, color="ciano")
banner(_codename)
print("by: {} - P0cL4bs Team | version: {} ".format(_author, _version))
prompt = PumpkinShell(parse_args)
prompt.cmdloop("Starting prompt...")
sys.exit(app.exec_())
def init_app(app, config):
conf = SettingsINI.getInstance()
secret_key = secretkey_generate()
conf.set("rest_api_settings", "SECRET_KEY", secret_key)
app.config.update(TESTING=False, SECRET_KEY=secret_key)
def main():
app = QtCore.QCoreApplication(sys.argv)
config = SettingsINI.getInstance()
# settings default values that change on
config.set("accesspoint", "status_ap", False)
parser = argparse.ArgumentParser(
description=
"wifipumpkin3 - Powerful framework for rogue access point attack.")
parser.add_argument("-i",
dest="interface",
help="set interface for create AP",
default="")
parser.add_argument("-s",
dest="session",
help="set session for continue attack",
default=None)
parser.add_argument(
"-p",
"--pulp",
dest="pulp",
help="interactive sessions can be scripted with .pulp file",
default="",
)
parser.add_argument(
"-x",
"--xpulp",
dest="xpulp",
help='interactive sessions can be string with ";" as the separator',
default="",
)
parser.add_argument(
"-m",
"--wireless-mode",
dest="wireless_mode",
help="set wireless mode settings",
default=None,
)
parser.add_argument(
"--no-colors",
dest="nocolors",
help="disable terminal colors and effects.",
action="store_true",
default=False,
)
parser.add_argument(
"--rest",
dest="restmode",
help="Run the Wp3 RESTful API.",
action="store_true",
default=False,
)
parser.add_argument(
"--restport",
dest="restport",
help="Port to run the Wp3 RESTful API on. default is 1337",
default=1337,
)
parser.add_argument(
"--username",
dest="username",
help=
"Start the RESTful API with the specified username instead of pulling from wp3.db",
default="wp3admin",
)
parser.add_argument(
"--password",
dest="password",
help=
"Start the RESTful API with the specified password instead of pulling from wp3.db",
default=None,
)
parser.add_argument(
"-v",
"--version",
action="version",
dest="version",
version="%(prog)s v{} branch: {}".format(__version__, __branch__),
)
parse_args = parser.parse_args()
parser_args_func(parse_args, config)
# check is rootuser
if not getuid() == 0:
sys.exit("[!] Wp3 must be run as root.")
wp3_header()
prompt = PumpkinShell(parse_args)
prompt.cmdloop("Starting prompt...")
sys.exit(app.exec_())
def __init__(self, parse_args=None, root=None):
self.parse_args = parse_args
self.root = root
self.conf = SettingsINI.getInstance()
Cmd.__init__(self)