def return_interface(cls): with open('interface.html', 'r') as interface: html = interface.read() html = html.replace('{{waf_state}}', database.get('state', 'WAF')) if database.get('state', 'WAF') == 'on': action = 'stop' else: action = 'start' html = html.replace('{{waf_action}}', action) return 200, html
def startup_modules(cls): for module_name in cls.modules: if cls.modules[module_name].enable: if hasattr(cls.modules[module_name].obj, 'startup_entrypoint'): os.chdir(cls.modules[module_name].path) cls.modules[module_name].obj.startup_entrypoint() os.chdir(database.get('base_directory'))
def return_html(self, status, content, cookie_to_set=None): if not isinstance(status, int): status = 500 self.send_response(status) self.send_header('Content-type', 'text/html; charset=UTF-8') if cookie_to_set != None: cookie_data = cookie_to_set.split('=') cookie = http.cookies.SimpleCookie() cookie[cookie_data[0]] = cookie_data[1] self.send_header("Set-Cookie", cookie.output(header='', sep='')) self.end_headers() content = content.replace('{{title}}', 'Firedoor v4.0 - {}'.format(database.get('server'))) content = content.replace('{{server_name}}', database.get('server')) content = content.replace('{{firedoor_version}}', 'v'+str(database.get('firedoor_version'))) self.wfile.write(content.encode('utf-8')) return
def do_POST(self): parameters = self.parse_GET() post = self.parse_POST() if len(parameters) == 0 and len(post) > 0: if 'action' in post: if post['action'] == 'login' and 'password' in post: if hashlib.sha512(post['password'].encode('utf-8')).hexdigest() == database.get('password'): token = os.urandom(32).hex() sessions[token] = {} sessions[token]['timestamp'] = time.time() session_cookie = 'session={}'.format(token) self.return_html(200, '<script>document.location = "/";</script>', session_cookie) else: event = {} event['type'] = 'report_ip' event['data'] = {} event['data']['ip'] = self.client_address[0] event['data']['level'] = 35 event['data']['comment'] = 'Firedoor login attempt' modules_manager.broadcast_event(event) self.return_html(200, self.return_loginpage().replace('<!---->', 'Access denied')) return self.return_html(200, self.return_loginpage()) elif self.check_auth(): status, content = modules_manager.run_web_module(self, parameters[0], parameters[1:], post) self.return_html(status, content) else: self.return_html(200, 'Access denied')
def check_auth(self): if self.read_cookie('session') in sessions: session_token = self.read_cookie('session') if sessions[session_token]['timestamp'] > (time.time() - database.get('session_timeout')): return True else: del sessions[session_token] return False
def __init__(self, directory, module_name, required=False): if os.path.isdir(directory + '/' + module_name): self.name = module_name self.required = required self.path = database.get( 'base_directory') + '/' + directory + '/' + module_name sys.path.insert(0, self.path) module = __import__(module_name) self.obj = getattr(module, module_name) self.enable = self.is_enable()
def run_on(): print('\n') print('/-----------------------------------\\') print('| Starting Firedoor on port {} |'.format( str(database.get('web_interface_port')).rjust(5, ' '))) print('\\-----------------------------------/') print('\n') server_address = ('', database.get('web_interface_port')) httpd = HTTPServer(server_address, request_handler) if database.get('TLS'): if os.path.exists(database.get('cert_path')) and os.path.exists( database.get('key_path')): httpd.socket = ssl.wrap_socket(httpd.socket, keyfile=database.get('key_path'), certfile=database.get('cert_path'), server_side=True) httpd.serve_forever()
def run_web_module(cls, request_handler, module_name, get, post): if module_name in cls.modules: if cls.modules[module_name].enable: if hasattr(cls.modules[module_name].obj, 'web_entrypoint'): os.chdir(cls.modules[module_name].path) client_ip = request_handler.client_address[0] status, content = cls.modules[ module_name].obj.web_entrypoint(client_ip, get, post) os.chdir(database.get('base_directory')) return status, content else: msg = 'Module "{}" does not have web interface'.format( module_name) return 404, msg else: msg = 'Module "{}" disabled'.format(module_name) return 404, msg else: msg = 'Module "{}" does no exist'.format(module_name) return 404, msg
def startup_entrypoint(cls): if database.get('state', 'WAF') == 'on': cls.start() print('ok')