def handle_deaddrop_visit(self, query):
self.send_response(200)
self.end_headers()
data = self.get_query('token')
if not data:
self.logger.warning('dead drop request received with no \'token\' parameter')
return
try:
data = base64.b64decode('base64')
except binascii.Error:
self.logger.error('dead drop request received with invalid \'token\' data')
return
data = xor.xor_decode(data)
try:
data = json.loads(data)
except ValueError:
self.logger.error('dead drop request received with invalid \'token\' data')
return
session = db_manager.Session()
deployment = db_manager.get_row_by_id(session, db_models.DeaddropDeployment, data.get('deaddrop_id'))
if not deployment:
session.close()
self.logger.error('dead drop request received for an unknown campaign')
return
local_username = data.get('local_username')
local_hostname = data.get('local_hostname')
if local_username == None or local_hostname == None:
session.close()
self.logger.error('dead drop request received with missing data')
return
local_ip_addresses = data.get('local_ip_addresses')
if isinstance(local_ip_addresses, (list, tuple)):
local_ip_addresses = ' '.join(local_ip_addresses)
query = session.query(db_models.DeaddropConnection)
query = query.filter_by(id=deployment.id, local_username=local_username, local_hostname=local_hostname)
connection = query.first()
if connection:
connection.visit_count += 1
else:
connection = db_models.Connection(campaign_id=deployment.campaign_id, deployment_id=deployment.id)
connection.visitor_ip = self.client_address
connection.local_username = local_username
connection.local_hostname = local_hostname
connection.local_ip_addresses = local_ip_addresses
session.add(connection)
session.commit()
query = session.query(db_models.DeaddropConnection)
query = query.filter_by(campaign_id=deployment.campaign_id)
visit_count = query.count()
session.close()
if visit_count > 0 and ((visit_count in [1, 3, 5]) or ((visit_count % 10) == 0)):
alert_text = "{0} deaddrop connections reached for campaign: {{campaign_name}}".format(visit_count)
self.server.job_manager.job_run(self.issue_alert, (alert_text, campaign_id))
return
def handle_deaddrop_visit(self, query):
self.send_response(200)
self.end_headers()
data = self.get_query_parameter('token')
if not data:
self.logger.warning('dead drop request received with no \'token\' parameter')
return
try:
data = data.decode('base64')
except binascii.Error:
self.logger.error('dead drop request received with invalid \'token\' data')
return
data = xor.xor_decode(data)
try:
data = json.loads(data)
except ValueError:
self.logger.error('dead drop request received with invalid \'token\' data')
return
deployment_id = data.get('deaddrop_id')
with self.get_cursor() as cursor:
cursor.execute('SELECT campaign_id FROM deaddrop_deployments WHERE id = ?', (deployment_id,))
campaign_id = cursor.fetchone()
if not campaign_id:
return
campaign_id = campaign_id[0]
local_username = data.get('local_username')
local_hostname = data.get('local_hostname')
if campaign_id == None or local_username == None or local_hostname == None:
return
local_ip_addresses = data.get('local_ip_addresses')
if isinstance(local_ip_addresses, (list, tuple)):
local_ip_addresses = ' '.join(local_ip_addresses)
with self.get_cursor() as cursor:
cursor.execute('SELECT id FROM deaddrop_connections WHERE deployment_id = ? AND local_username = ? AND local_hostname = ?', (deployment_id, local_username, local_hostname))
drop_id = cursor.fetchone()
if drop_id:
drop_id = drop_id[0]
cursor.execute('UPDATE deaddrop_connections SET visit_count = visit_count + 1, last_visit = CURRENT_TIMESTAMP WHERE id = ?', (drop_id,))
return
values = (deployment_id, campaign_id, self.client_address[0], local_username, local_hostname, local_ip_addresses)
cursor.execute('INSERT INTO deaddrop_connections (deployment_id, campaign_id, visitor_ip, local_username, local_hostname, local_ip_addresses) VALUES (?, ?, ?, ?, ?, ?)', values)
visit_count = self.query_count('SELECT COUNT(id) FROM deaddrop_connections WHERE campaign_id = ?', (campaign_id,))
if visit_count > 0 and ((visit_count in [1, 3, 5]) or ((visit_count % 10) == 0)):
alert_text = "{0} deaddrop connections reached for campaign: {{campaign_name}}".format(visit_count)
self.server.job_manager.job_run(self.issue_alert, (alert_text, campaign_id))
return
def handle_deaddrop_visit(self, query):
self.send_response(200)
self.end_headers()
data = self.get_query('token')
if not data:
self.logger.warning(
'dead drop request received with no \'token\' parameter')
return
try:
data = base64.b64decode(data)
except (binascii.Error, TypeError):
self.logger.error(
'dead drop request received with invalid \'token\' data')
return
data = xor.xor_decode(data)
try:
data = json.loads(data)
except ValueError:
self.logger.error(
'dead drop request received with invalid \'token\' data')
return
session = db_manager.Session()
deployment = db_manager.get_row_by_id(session,
db_models.DeaddropDeployment,
data.get('deaddrop_id'))
if not deployment:
session.close()
self.logger.error(
'dead drop request received for an unknown campaign')
return
if deployment.campaign.has_expired:
session.close()
self.logger.info(
'dead drop request received for an expired campaign')
return
local_username = data.get('local_username')
local_hostname = data.get('local_hostname')
if local_username is None or local_hostname is None:
session.close()
self.logger.error('dead drop request received with missing data')
return
local_ip_addresses = data.get('local_ip_addresses')
if isinstance(local_ip_addresses, (list, tuple)):
local_ip_addresses = ' '.join(local_ip_addresses)
query = session.query(db_models.DeaddropConnection)
query = query.filter_by(deployment_id=deployment.id,
local_username=local_username,
local_hostname=local_hostname)
connection = query.first()
if connection:
connection.visit_count += 1
new_connection = False
else:
connection = db_models.DeaddropConnection(
campaign_id=deployment.campaign_id,
deployment_id=deployment.id)
connection.visitor_ip = self.get_client_ip()
connection.local_username = local_username
connection.local_hostname = local_hostname
connection.local_ip_addresses = local_ip_addresses
session.add(connection)
new_connection = True
session.commit()
query = session.query(db_models.DeaddropConnection)
query = query.filter_by(campaign_id=deployment.campaign_id)
visit_count = query.count()
session.close()
if new_connection and visit_count > 0 and (
(visit_count in [1, 3, 5]) or ((visit_count % 10) == 0)):
alert_text = "{0} deaddrop connections reached for campaign: {{campaign_name}}".format(
visit_count)
self.server.job_manager.job_run(
self.issue_alert, (alert_text, deployment.campaign_id))
return
def handle_deaddrop_visit(self, query):
self.send_response(200)
self.end_headers()
data = self.get_query('token')
if not data:
self.logger.warning('dead drop request received with no \'token\' parameter')
return
try:
data = base64.b64decode(data)
except (binascii.Error, TypeError):
self.logger.error('dead drop request received with invalid \'token\' data')
return
data = xor.xor_decode(data)
try:
data = json.loads(data)
except ValueError:
self.logger.error('dead drop request received with invalid \'token\' data')
return
deaddrop_id = data.get('deaddrop_id')
if deaddrop_id is None:
self.logger.error('dead drop request received with no \'deaddrop_id\' key')
return
elif deaddrop_id == self.config.get('server.secret_id'):
# this allows us to test the logic to this point at least
self.logger.debug('dead drop request received with the test id')
return
self.semaphore_acquire()
deployment = db_manager.get_row_by_id(self._session, db_models.DeaddropDeployment, deaddrop_id)
if not deployment:
self.semaphore_release()
self.logger.error('dead drop request received for an unknown campaign')
return
if deployment.campaign.has_expired:
self.semaphore_release()
self.logger.info('dead drop request received for an expired campaign')
return
local_username = data.get('local_username')
local_hostname = data.get('local_hostname')
if local_username is None or local_hostname is None:
self.semaphore_release()
self.logger.error('dead drop request received with missing data')
return
local_ip_addresses = data.get('local_ip_addresses')
if isinstance(local_ip_addresses, (list, tuple)):
local_ip_addresses = ' '.join(local_ip_addresses)
query = self._session.query(db_models.DeaddropConnection)
query = query.filter_by(deployment_id=deployment.id, local_username=local_username, local_hostname=local_hostname)
connection = query.first()
if connection:
connection.count += 1
connection.last_seen = db_models.current_timestamp()
new_connection = False
else:
connection = db_models.DeaddropConnection(campaign_id=deployment.campaign_id, deployment_id=deployment.id)
connection.ip = self.get_client_ip()
connection.local_username = local_username
connection.local_hostname = local_hostname
connection.local_ip_addresses = local_ip_addresses
self._session.add(connection)
new_connection = True
self._session.commit()
query = self._session.query(db_models.DeaddropConnection)
query = query.filter_by(campaign_id=deployment.campaign_id)
visit_count = query.count()
self.semaphore_release()
if new_connection and visit_count > 0 and ((visit_count in [1, 3, 5]) or ((visit_count % 10) == 0)):
self.server.job_manager.job_run(self.issue_alert, (deployment.campaign_id, 'deaddrop_connections', visit_count))
return
def handle_deaddrop_visit(self, query):
self.send_response(200)
self.end_headers()
data = self.get_query("token")
if not data:
self.logger.warning("dead drop request received with no 'token' parameter")
return
try:
data = base64.b64decode(data)
except (binascii.Error, TypeError):
self.logger.error("dead drop request received with invalid 'token' data")
return
data = xor.xor_decode(data)
try:
data = json.loads(data)
except ValueError:
self.logger.error("dead drop request received with invalid 'token' data")
return
session = db_manager.Session()
deployment = db_manager.get_row_by_id(session, db_models.DeaddropDeployment, data.get("deaddrop_id"))
if not deployment:
session.close()
self.logger.error("dead drop request received for an unknown campaign")
return
if deployment.campaign.has_expired:
session.close()
self.logger.info("dead drop request received for an expired campaign")
return
local_username = data.get("local_username")
local_hostname = data.get("local_hostname")
if local_username is None or local_hostname is None:
session.close()
self.logger.error("dead drop request received with missing data")
return
local_ip_addresses = data.get("local_ip_addresses")
if isinstance(local_ip_addresses, (list, tuple)):
local_ip_addresses = " ".join(local_ip_addresses)
query = session.query(db_models.DeaddropConnection)
query = query.filter_by(
deployment_id=deployment.id, local_username=local_username, local_hostname=local_hostname
)
connection = query.first()
if connection:
connection.visit_count += 1
new_connection = False
else:
connection = db_models.DeaddropConnection(campaign_id=deployment.campaign_id, deployment_id=deployment.id)
connection.visitor_ip = self.get_client_ip()
connection.local_username = local_username
connection.local_hostname = local_hostname
connection.local_ip_addresses = local_ip_addresses
session.add(connection)
new_connection = True
session.commit()
query = session.query(db_models.DeaddropConnection)
query = query.filter_by(campaign_id=deployment.campaign_id)
visit_count = query.count()
session.close()
if new_connection and visit_count > 0 and ((visit_count in [1, 3, 5]) or ((visit_count % 10) == 0)):
alert_text = "{0} deaddrop connections reached for campaign: {{campaign_name}}".format(visit_count)
self.server.job_manager.job_run(self.issue_alert, (alert_text, deployment.campaign_id))
return
def handle_deaddrop_visit(self, query):
self.send_response(200)
self.end_headers()
data = self.get_query('token')
if not data:
self.logger.warning('dead drop request received with no \'token\' parameter')
return
try:
data = base64.b64decode(data)
except (binascii.Error, TypeError):
self.logger.error('dead drop request received with invalid \'token\' data')
return
data = xor.xor_decode(data)
try:
data = json.loads(data)
except ValueError:
self.logger.error('dead drop request received with invalid \'token\' data')
return
self.semaphore_acquire()
session = db_manager.Session()
deployment = db_manager.get_row_by_id(session, db_models.DeaddropDeployment, data.get('deaddrop_id'))
if not deployment:
session.close()
self.semaphore_release()
self.logger.error('dead drop request received for an unknown campaign')
return
if deployment.campaign.has_expired:
session.close()
self.semaphore_release()
self.logger.info('dead drop request received for an expired campaign')
return
local_username = data.get('local_username')
local_hostname = data.get('local_hostname')
if local_username is None or local_hostname is None:
session.close()
self.semaphore_release()
self.logger.error('dead drop request received with missing data')
return
local_ip_addresses = data.get('local_ip_addresses')
if isinstance(local_ip_addresses, (list, tuple)):
local_ip_addresses = ' '.join(local_ip_addresses)
query = session.query(db_models.DeaddropConnection)
query = query.filter_by(deployment_id=deployment.id, local_username=local_username, local_hostname=local_hostname)
connection = query.first()
if connection:
connection.count += 1
connection.last_seen = db_models.current_timestamp()
new_connection = False
else:
connection = db_models.DeaddropConnection(campaign_id=deployment.campaign_id, deployment_id=deployment.id)
connection.ip = self.get_client_ip()
connection.local_username = local_username
connection.local_hostname = local_hostname
connection.local_ip_addresses = local_ip_addresses
session.add(connection)
new_connection = True
session.commit()
query = session.query(db_models.DeaddropConnection)
query = query.filter_by(campaign_id=deployment.campaign_id)
visit_count = query.count()
session.close()
self.semaphore_release()
if new_connection and visit_count > 0 and ((visit_count in [1, 3, 5]) or ((visit_count % 10) == 0)):
self.server.job_manager.job_run(self.issue_alert, (deployment.campaign_id, 'deaddrop_connections', visit_count))
return