def list_sessions(): uuid_msfjobid = {} msfjobs = Job.list_msfrpc_jobs() if msfjobs is not None: for jobid in msfjobs: datastore = msfjobs[jobid].get("datastore") if datastore is not None: uuid_msfjobid[msfjobs[jobid]["uuid"]] = {"job_id": int(jobid), "PAYLOAD": datastore.get("PAYLOAD"), "LPORT": datastore.get("LPORT"), "LHOST": datastore.get("LHOST"), "RHOST": datastore.get("RHOST")} sessions_available_count = 0 sessions = [] infos = RpcClient.call(Method.SessionList, timeout=3) if infos is None: return sessions if infos.get('error'): logger.warning(infos.get('error_string')) return sessions sessionhosts = [] for key in infos.keys(): info = infos.get(key) if info is not None: one_session = {} try: one_session['id'] = int(key) except Exception as E: logger.warning(E) continue # 处理linux的no-user问题 if str(info.get('info')).split(' @ ')[0] == "no-user": info['info'] = info.get('info')[10:] one_session['type'] = info.get('type') one_session['session_host'] = info.get('session_host') one_session['tunnel_local'] = info.get('tunnel_local') one_session['tunnel_peer'] = info.get('tunnel_peer') one_session['tunnel_peer_ip'] = info.get('tunnel_peer').split(":")[0] one_session['tunnel_peer_locate'] = Geoip.get_city(info.get('tunnel_peer').split(":")[0]) one_session['via_exploit'] = info.get('via_exploit') one_session['exploit_uuid'] = info.get('exploit_uuid') if uuid_msfjobid.get(info.get('exploit_uuid')) is None: one_session['job_info'] = {"job_id": -1, "PAYLOAD": None, "LPORT": None, "LHOST": None, "RHOST": None} else: one_session['job_info'] = uuid_msfjobid.get(info.get('exploit_uuid')) one_session['via_payload'] = info.get('via_payload') one_session['tunnel_peer_ip'] = info.get('tunnel_peer').split(":")[0] one_session['tunnel_peer_locate'] = Geoip.get_city(info.get('tunnel_peer').split(":")[0]) one_session['uuid'] = info.get('uuid') one_session['platform'] = info.get('platform') one_session['last_checkin'] = info.get('last_checkin') // 5 * 5 one_session['fromnow'] = (int(time.time()) - info.get('last_checkin')) // 5 * 5 one_session['info'] = info.get('info') one_session['arch'] = info.get('arch') try: one_session['user'] = str(info.get('info')).split(' @ ')[0] one_session['computer'] = str(info.get('info')).split(' @ ')[1] except Exception as _: one_session['user'] = "******" one_session['computer'] = "Initializing" one_session['advanced_info'] = {"sysinfo": {}, "username": "******"} one_session['os'] = None one_session['load_powershell'] = False one_session['load_python'] = False one_session['routes'] = [] one_session['isadmin'] = False one_session['available'] = False # 是否初始化完成 sessions.append(one_session) continue one_session['load_powershell'] = info.get('load_powershell') one_session['load_python'] = info.get('load_python') one_session['advanced_info'] = info.get('advanced_info') try: one_session['os'] = info.get('advanced_info').get("sysinfo").get("OS") one_session['os_short'] = info.get('advanced_info').get("sysinfo").get("OS").split("(")[0] except Exception as _: one_session['os'] = None one_session['os_short'] = None try: one_session['isadmin'] = info.get('advanced_info').get("sysinfo").get("IsAdmin") if info.get('platform').lower().startswith('linux'): if "uid=0" in one_session['info'].lower(): one_session['isadmin'] = True except Exception as _: one_session['isadmin'] = None routestrlist = info.get('routes') one_session['routes'] = [] try: if isinstance(routestrlist, list): for routestr in routestrlist: routestr.split('/') tmpdict = {"subnet": routestr.split('/')[0], 'netmask': routestr.split('/')[1]} one_session['routes'].append(tmpdict) except Exception as E: logger.error(E) one_session['available'] = True sessions.append(one_session) # session监控统计信息 sessionhosts.append(info.get('session_host')) sessions_available_count += 1 def split_ip(ip): try: result = tuple(int(part) for part in ip.split('.')) except Exception as E: logger.exception(E) return 0, 0, 0 return result def session_host_key(item): return split_ip(item.get("session_host")) sessions = sorted(sessions, key=session_host_key) # session监控功能 if Xcache.get_sessionmonitor_conf().get("flag"): if Xcache.get_session_count() < sessions_available_count: Notice.send_sms(f"当前Session数量: {sessions_available_count} IP列表: {','.join(sessionhosts)}") Notice.send_info(f"当前Session数量: {sessions_available_count}") if Xcache.get_session_count() != sessions_available_count: Xcache.set_session_count(sessions_available_count) return sessions
def create(kind=None, tag=None, setting=None): """创建系统配置""" if isinstance(setting, str): setting = json.loads(setting) if kind == "telegram": token = setting.get("token") chat_id = setting.get("chat_id") proxy = setting.get("proxy") if tag == "check": # 获取chat_id user_chat_id_list = Telegram.get_alive_chat_id(token, proxy) context = data_return(201, Setting_MSG.get(201), user_chat_id_list) return context else: if Settings._check_telegram_aliveable(token, chat_id, proxy) is not True: data = { "token": token, "chat_id": chat_id, "proxy": proxy, "alive": False } Xcache.set_telegram_conf(data) context = data_return(303, Setting_MSG.get(303), data) return context else: Notice.send_success("设置Telegram通知成功") data = { "token": token, "chat_id": chat_id, "proxy": proxy, "alive": True } Xcache.set_telegram_conf(data) context = data_return(202, Setting_MSG.get(202), data) return context elif kind == "dingding": access_token = setting.get("access_token") keyword = setting.get("keyword") if Settings._check_dingding_aliveable(access_token, keyword) is not True: data = { "access_token": access_token, "keyword": keyword, "alive": False } Xcache.set_dingding_conf(data) context = data_return(304, Setting_MSG.get(304), data) return context else: Notice.send_success("设置DingDing通知成功") data = { "access_token": access_token, "keyword": keyword, "alive": True } Xcache.set_dingding_conf(data) context = data_return(203, Setting_MSG.get(203), data) return context elif kind == "serverchan": sendkey = setting.get("sendkey") if Settings._check_serverchan_aliveable(sendkey) is not True: data = {"sendkey": sendkey, "alive": False} Xcache.set_serverchan_conf(data) context = data_return(305, Setting_MSG.get(305), data) return context else: Notice.send_success("设置Server酱通知成功") data = {"sendkey": sendkey, "alive": True} Xcache.set_serverchan_conf(data) context = data_return(207, Setting_MSG.get(207), data) return context elif kind == "FOFA": email = setting.get("email") key = setting.get("key") client = FOFAClient() client.set_email_and_key(email, key) if client.is_alive() is not True: data = {"email": email, "key": key, "alive": False} Xcache.set_fofa_conf(data) context = data_return(306, Setting_MSG.get(306), data) return context else: Notice.send_success("设置FOFA API 成功") data = {"email": email, "key": key, "alive": True} Xcache.set_fofa_conf(data) context = data_return(206, Setting_MSG.get(206), data) return context elif kind == "sessionmonitor": flag = setting.get("flag") Xcache.set_sessionmonitor_conf({"flag": flag}) if flag: msg = "Session监控功能已打开" Notice.send_success(msg) Notice.send_sms(msg) else: msg = "Session监控功能已关闭" Notice.send_info(msg) Notice.send_sms(msg) context = data_return(204, Setting_MSG.get(204), {"flag": flag}) return context elif kind == "lhost": Xcache.set_lhost_config(setting) Notice.send_success(f"设置回连地址成功,当前回连地址: {setting.get('lhost')}") context = data_return(205, Setting_MSG.get(205), setting) return context else: context = data_return(301, Setting_MSG.get(301), {}) return context