class PayloadType(p.Model): ptype = p.CharField(null=False, unique=True) # name of the payload type operator = p.ForeignKeyField(Operator, null=False) creation_time = p.DateTimeField(null=False, default=datetime.datetime.utcnow) file_extension = p.CharField(null=True) # if this type requires another payload to be already created wrapper = p.BooleanField(default=False, null=False) # which payload is this one wrapping wrapped_payload_type = p.ForeignKeyField(p.DeferredRelation('PayloadType'), null=True) # allow the ability to specify a template for people tha want to extend the payload type with more commands command_template = p.TextField(null=False, default="") class Meta: database = apfell_db def to_json(self): r = {} for k in self._data.keys(): try: if k == 'operator': r[k] = getattr(self, k).username elif k == 'wrapped_payload_type': r[k] = getattr(self, k).ptype else: r[k] = getattr(self, k) except: r[k] = json.dumps(getattr(self, k)) r['creation_time'] = r['creation_time'].strftime('%m/%d/%Y %H:%M:%S') return r def __str__(self): return str(self.to_json())
class Payload(p.Model): # this is actually a sha256 from other information about the payload uuid = p.TextField(unique=True, null=False) # tag a payload with information like spearphish, custom bypass, lat mov, etc (indicates "how") tag = p.TextField(null=True) # creator of the payload, cannot be null! must be attributed to somebody (indicates "who") operator = p.ForeignKeyField(Operator, null=False) creation_time = p.DateTimeField(default=datetime.datetime.utcnow, null=False) # (indicates "when") # this is fine because this is an instance of a payload, so it's tied to one PayloadType payload_type = p.ForeignKeyField(PayloadType, null=False) # this will signify if a current callback made / spawned a new callback that's checking in # this helps track how we're getting callbacks (which payloads/tags/parents/operators) pcallback = p.ForeignKeyField(p.DeferredRelation('Callback'), null=True) location = p.CharField(null=True) # location on disk of the payload c2_profile = p.ForeignKeyField(C2Profile, null=False) # identify which C2 profile is being used operation = p.ForeignKeyField(Operation, null=False) wrapped_payload = p.ForeignKeyField(p.DeferredRelation('Payload'), null=True) deleted = p.BooleanField(null=False, default=False) class Meta: database = apfell_db def to_json(self): r = {} for k in self._data.keys(): try: if k == 'operator': r[k] = getattr(self, k).username elif k == 'pcallback': r[k] = getattr(self, k).id elif k == 'c2_profile': r[k] = getattr(self, k).name elif k == 'payload_type': r[k] = getattr(self, k).ptype elif k == 'operation': r[k] = getattr(self, k).name elif k == 'wrapped_payload': r[k] = getattr(self, k).uuid else: r[k] = getattr(self, k) except: r[k] = json.dumps(getattr(self, k)) r['creation_time'] = r['creation_time'].strftime('%m/%d/%Y %H:%M:%S') return r def __str__(self): return str(self.to_json())
class Callback(p.Model): init_callback = p.DateTimeField(default=datetime.datetime.utcnow, null=False) last_checkin = p.DateTimeField(default=datetime.datetime.utcnow, null=False) user = p.CharField(null=False) host = p.CharField(null=False) pid = p.IntegerField(null=False) ip = p.CharField(max_length=100, null=False) description = p.TextField(null=True) operator = p.ForeignKeyField(Operator, null=False) active = p.BooleanField(default=True, null=False) # keep track of the parent callback from this one pcallback = p.ForeignKeyField(p.DeferredRelation('Callback'), null=True) registered_payload = p.ForeignKeyField(Payload, null=False) # what payload is associated with this callback integrity_level = p.IntegerField(null=True, default=2) # keep track of a callback's integrity level, check default integrity level numbers though and what they correspond to. Might be different for windows/mac/linuxl operation = p.ForeignKeyField(Operation, null=False) # the following information comes from the c2 profile if it wants to provide some form of encryption encryption_type = p.CharField(null=True) # the kind of encryption on this callback (aes, xor, rc4, etc) decryption_key = p.TextField(null=True) # base64 of the key to use to decrypt traffic encryption_key = p.TextField(null=True) # base64 of the key to use to encrypt traffic class Meta: database = apfell_db def to_json(self): r = {} for k in self._data.keys(): try: if k == 'pcallback': r[k] = getattr(self, k).id elif k == 'operator': r[k] = getattr(self, k).username elif k == 'registered_payload' and getattr(self, k) is not None and getattr(self, k) != "null": r[k] = getattr(self, k).uuid r['payload_type'] = getattr(self, k).payload_type.ptype r['c2_profile'] = getattr(self, k).c2_profile.name r['payload_description'] = getattr(self, k).tag elif k == 'operation': r[k] = getattr(self, k).name elif k == 'encryption_key' or k == 'decryption_key' or k == 'encryption_type': pass # we don't need to include these things all over the place, explicitly ask for them for more control else: r[k] = getattr(self, k) except: r[k] = json.dumps(getattr(self, k)) r['init_callback'] = r['init_callback'].strftime('%m/%d/%Y %H:%M:%S') r['last_checkin'] = r['last_checkin'].strftime('%m/%d/%Y %H:%M:%S') return r def __str__(self): return str(self.to_json())
class Callback(p.Model): init_callback = p.DateTimeField(default=datetime.datetime.now, null=False) last_checkin = p.DateTimeField(default=datetime.datetime.now, null=False) user = p.CharField(null=False) host = p.CharField(null=False) pid = p.IntegerField(null=False) ip = p.CharField(max_length=100, null=False) description = p.CharField(max_length=1024, null=True) operator = p.ForeignKeyField(Operator, null=False) active = p.BooleanField(default=True, null=False) # keep track of the parent callback from this one pcallback = p.ForeignKeyField(p.DeferredRelation('Callback'), null=True) registered_payload = p.ForeignKeyField( Payload, null=False) # what payload is associated with this callback integrity_level = p.IntegerField( null=True, default=2 ) # keep track of a callback's integrity level, check default integrity level numbers though and what they correspond to. Might be different for windows/mac/linuxl operation = p.ForeignKeyField(Operation, null=False) class Meta: unique_together = ['host', 'pid'] database = apfell_db def to_json(self): r = {} for k in self._data.keys(): try: if k == 'pcallback': r[k] = getattr(self, k).id elif k == 'operator': r[k] = getattr(self, k).username elif k == 'registered_payload': r[k] = getattr(self, k).uuid r['payload_type'] = getattr(self, k).payload_type.ptype elif k == 'operation': r[k] = getattr(self, k).name else: r[k] = getattr(self, k) except: r[k] = json.dumps(getattr(self, k)) r['init_callback'] = r['init_callback'].strftime('%m/%d/%Y %H:%M:%S') r['last_checkin'] = r['last_checkin'].strftime('%m/%d/%Y %H:%M:%S') return r def __str__(self): return str(self.to_json())
class Operator(p.Model): username = p.CharField(max_length=64, unique=True, null=False) password = p.CharField(max_length=1024, null=False) admin = p.BooleanField(null=True, default=False) creation_time = p.DateTimeField(default=datetime.datetime.utcnow, null=False) last_login = p.DateTimeField(default=None, null=True) # option to simply de-activate an account instead of delete it so you keep all your relational data intact active = p.BooleanField(null=False, default=True) current_operation = p.ForeignKeyField(p.DeferredRelation('Operation'), null=True) class Meta: ordering = [ '-id', ] database = apfell_db def to_json(self): r = {} for k in self._data.keys(): try: if k == 'current_operation': r[k] = getattr(self, k).name elif k != 'password': r[k] = getattr(self, k) except: r[k] = json.dumps(getattr(self, k)) r['creation_time'] = r['creation_time'].strftime('%m/%d/%Y %H:%M:%S') if 'last_login' in r and r['last_login'] is not None: r['last_login'] = r['last_login'].strftime('%m/%d/%Y %H:%M:%S') else: r['last_login'] = "" # just indicate that account created, but they never logged in return r def __str__(self): return str(self.to_json()) async def check_password(self, password): temp_pass = await crypto.hash_SHA512(password) return self.password.lower() == temp_pass.lower() async def hash_password(self, password): return await crypto.hash_SHA512(password)
class Payload(p.Model): # this is actually a sha256 from other information about the payload uuid = p.CharField(unique=True, null=True) # tag a payload with information like spearphish, custom bypass, lat mov, etc (indicates "how") tag = p.CharField(null=True) # creator of the payload, cannot be null! must be attributed to somebody (indicates "who") operator = p.ForeignKeyField(Operator, null=False) creation_time = p.DateTimeField(default=datetime.datetime.now, null=False) # (indicates "when") payload_type = p.CharField(null=False) # this will signify if a current callback made / spawned a new callback that's checking in # this helps track how we're getting callbacks (which payloads/tags/parents/operators) pcallback = p.ForeignKeyField(p.DeferredRelation('Callback'), null=True) callback_host = p.CharField(null=False) callback_port = p.IntegerField(null=False) obfuscation = p.BooleanField(null=False) callback_interval = p.IntegerField(null=False) use_ssl = p.BooleanField(null=False) location = p.CharField(null=True) # location on disk of the payload class Meta: database = apfell_db async def create_uuid(self, info): hash = await crypto.hash_SHA256(info) return hash def to_json(self): r = {} for k in self._data.keys(): try: if k == 'operator': r[k] = getattr(self, k).username elif k == 'pcallback': r[k] = getattr(self, k).id else: r[k] = getattr(self, k) except: r[k] = json.dumps(getattr(self, k)) r['creation_time'] = r['creation_time'].strftime('%m/%d/%Y %H:%M:%S') return r def __str__(self): return str(self.to_json())
class Operator(p.Model): default_dark_config = json.dumps({ "background-color": "#303030", "text-color": "#66b3ff", "hover": "#b3b3b3", "highlight": "#b3b3b3", "autocomplete": "#303030", "highlight-text": "black", "timestamp": "#b3ffff", "operator": "#ffb3b3", "display": "#d9b3ff", "new-callback-color": "dark", "new-callback-hue": "purple", "well-bg": "#000000", "primary-pane": "#001f4d", "primary-pane-text-color": "#ccffff", "primary-button": "#001f4d", "primary-button-text-color": "white", "primary-button-hover": "#0000cc", "primary-button-hover-text-color": "white", "info-pane": "#330066", "info-pane-text-color": "#e6ccff", "info-button": "#330066", "info-button-text-color": "#f3e6ff", "info-button-hover": "#5900b3", "info-button-hover-text-color": "#f3e6ff", "success-pane": "#003300", "success-pane-text-color": "#b3ffb3", "success-button": "#004d00", "success-button-text-color": "white", "success-button-hover": "#006600", "success-button-hover-text-color": "white", "danger-pane": "#800000", "danger-pane-text-color": "white", "danger-button": "#4d0000", "danger-button-text-color": "white", "danger-button-hover": "#800000", "danger-button-hover-text-color": "white", "warning-pane": "#330000", "warning-pane-text-color": "#e6ccff", "warning-button": "#804300", "warning-button-text-color": "white", "warning-button-hover": "#b35900", "warning-button-hover-text-color": "white", "table-headers": "#000000", "operation-color": "white", "interact-button-color": "#330066", "interact-button-text": "#FFFFFF", "interact-button-dropdown": "#6666FF", "success_highlight": "#303030", "failure_highlight": "#660000", "top-caret": "white" }) default_config = json.dumps({ "background-color": "#f4f4f4", "text-color": "#000000", "hover": "#cce6ff", "highlight": "#cce6ff", "autocomplete": "#e6f3ff", "highlight-text": "blue", "timestamp": "blue", "operator": "#b366ff", "display": "red", "new-callback-color": "light", "new-callback-hue": "", "well-bg": "#E5E5E5", "primary-pane": "", "primary-pane-text-color": "", "primary-button": "", "primary-button-text-color": "", "primary-button-hover": "", "primary-button-hover-text-color": "", "info-pane": "", "info-pane-text-color": "", "info-button": "", "info-button-text-color": "", "info-button-hover": "", "info-button-hover-text-color": "", "success-pane": "", "success-pane-text-color": "", "success-button": "", "success-button-text-color": "", "success-button-hover": "", "success-button-hover-text-color": "", "danger-pane": "", "danger-pane-text-color": "", "danger-button": "", "danger-button-text-color": "", "danger-button-hover": "", "danger-button-hover-text-color": "", "warning-pane": "", "warning-pane-text-color": "", "warning-button": "", "warning-button-text-color": "", "warning-button-hover": "", "warning-button-hover-text-color": "", "table-headers": "#F1F1F1", "operation-color": "green", "interact-button-color": "", "interact-button-text": "", "interact-button-dropdown": "", "success_highlight": "#d5fdd5", "failure_highlight": "#f68d8d", "top-caret": "white" }) username = p.TextField(unique=True, null=False) password = p.TextField(null=False) admin = p.BooleanField(null=True, default=False) creation_time = p.DateTimeField(default=datetime.datetime.utcnow, null=False) last_login = p.DateTimeField(default=None, null=True) # option to simply de-activate an account instead of delete it so you keep all your relational data intact active = p.BooleanField(null=False, default=True) current_operation = p.ForeignKeyField(p.DeferredRelation('Operation'), null=True) ui_config = p.TextField(null=False, default=default_config) class Meta: ordering = [ '-id', ] database = apfell_db def to_json(self): r = {} for k in self._data.keys(): try: if k == 'current_operation': r[k] = getattr(self, k).name elif k != 'password' and 'default' not in k: r[k] = getattr(self, k) except: r[k] = json.dumps(getattr(self, k)) r['creation_time'] = r['creation_time'].strftime('%m/%d/%Y %H:%M:%S') if 'last_login' in r and r['last_login'] is not None: r['last_login'] = r['last_login'].strftime('%m/%d/%Y %H:%M:%S') else: r['last_login'] = "" # just indicate that account created, but they never logged in return r def __str__(self): return str(self.to_json()) async def check_password(self, password): temp_pass = await crypto.hash_SHA512(password) return self.password.lower() == temp_pass.lower() async def hash_password(self, password): return await crypto.hash_SHA512(password)
def DeferredForeignKey(*args): pw.ForeignKeyField(pw.DeferredRelation(*args))
# overplaying protection last_played = peewee.DateTimeField() credit_count = peewee.IntegerField() # automatic playlist listener_count = peewee.IntegerField(default=0) skip_vote_count = peewee.IntegerField(default=0) has_failed = peewee.BooleanField(default=False) # song may be duplicated using multiple sources duplicate = peewee.ForeignKeyField('self', null=True) # we will need this to resolve a foreign key loop DeferredUser = peewee.DeferredRelation() DeferredLink = peewee.DeferredRelation() # Table for storing playlists, as many as user wants class Playlist(DdmBotSchema): id = peewee.PrimaryKeyField() # playlist is owned by a user user = peewee.ForeignKeyField(DeferredUser) # for an identifier, we choose a "nice enough" name name = peewee.CharField() # the first song of the playlist head = peewee.ForeignKeyField(DeferredLink, null=True, default=None) # playlist may be set to repeat itself, this is default except to implicit one repeat = peewee.BooleanField(default=True)
class SomeModel(pw.Model): some_model2 = pw.ForeignKeyField(pw.DeferredRelation('SomeModel2')) class Meta: database = self.db
NOT_FREE = 0 STUDY_HALL = 1 LUNCH = 2 FREE_PERIOD = 3 class location(Enum): LIBRARY = 1 class _Model(p.Model): class Meta: database = db deferred_log = p.DeferredRelation() class Student(_Model): sid = p.BigIntegerField(primary_key=True) grade = p.SmallIntegerField() last_log = p.ForeignKeyField(deferred_log, null=True) def __repr__(self): return 'Student(sid={}, grade={}, last_log={})'.format( self.sid, self.grade, self.last_log.id) class FreePeriod(_Model): student = p.ForeignKeyField(Student, related_name='free_periods') period = p.SmallIntegerField()