infosecn1nja
/
Egress-Assess
mirror of https://github.com/infosecn1nja/Egress-Assess.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Modified locations of server modules

resolved_file
Chris Truncer 2015-01-03 21:14:17 -05:00
parent eb2bfdb9d9
commit eafe26261c
7 changed files with 80 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG
View File

@ -1,6 +1,7 @@
[1.3.2015] [1.3.2015]
Added...: SFTP Server module has been added to the framework! Added...: SFTP Server module has been added to the framework!
Added...: SFTP Client module has been added to the framework. Added...: SFTP Client module has been added to the framework.
Modified: Modified server web modules to have their required libraries in the "web" folder.
[12.27.2014] [12.27.2014]
Added...: Datatype module template has been added to the framework for creating datatype modules. Added...: Datatype module template has been added to the framework for creating datatype modules.

4
protocols/servers/http_server.py
View File

@ -6,8 +6,8 @@ This is the code for the web server
import socket import socket
import sys import sys
from protocols.servers.serverlibs import base_handler from protocols.servers.serverlibs.web import base_handler
from protocols.servers.serverlibs import threaded_http from protocols.servers.serverlibs.web import threaded_http
from threading import Thread from threading import Thread

6
protocols/servers/https_server.py
View File

@ -8,8 +8,8 @@ import socket
import ssl import ssl
import sys import sys
from common import helpers from common import helpers
from protocols.servers.serverlibs import base_handler from protocols.servers.serverlibs.web import base_handler
from protocols.servers.serverlibs import threaded_http from protocols.servers.serverlibs.web import threaded_http
from threading import Thread from threading import Thread
@ -33,7 +33,7 @@ class Server:
def serve_on_port(self): def serve_on_port(self):
try: try:
cert_path = helpers.ea_path() +\ cert_path = helpers.ea_path() +\
'/protocols/servers/serverlibs/server.pem' '/protocols/servers/serverlibs/web/server.pem'
server = threaded_http.ThreadingHTTPServer( server = threaded_http.ThreadingHTTPServer(
("0.0.0.0", 443), base_handler.GetHandler) ("0.0.0.0", 443), base_handler.GetHandler)
server.socket = ssl.wrap_socket( server.socket = ssl.wrap_socket(

0
protocols/servers/serverlibs/web/__init__.py Normal file
View File

67
protocols/servers/serverlibs/web/base_handler.py Normal file
View File

@ -0,0 +1,67 @@
import os
import time
from BaseHTTPServer import BaseHTTPRequestHandler
from common import helpers
class GetHandler(BaseHTTPRequestHandler):
# Some of the http server code came from Dave Kennedy's AES shell
# over http - the server specific code
# should be performing GET requests Help from
# http://pymotw.com/2/BaseHTTPServer/
def do_GET(self):
# 404 since we aren't serving up any pages, only receiving data
self.send_response(404)
self.end_headers()
return
# handle post request
def do_POST(self):
# Gather the Posted URI from the agent/browser
# parsed_path = urlparse.urlparse(self.path)
uri_posted = self.path
uri_posted = uri_posted.replace("/", "")
#incoming_ip = self.client_address[0]
# current directory
exfil_directory = os.path.join(helpers.ea_path(), "data")
loot_path = exfil_directory + "/"
# Info for this from -
# http://stackoverflow.com/questions/13146064/simple-
# python-webserver-to-save-file
if uri_posted == "post_data.php":
self.send_response(200)
self.end_headers()
# Check to make sure the agent directory exists, and a loot
# directory for the agent. If not, make them
if not os.path.isdir(loot_path):
os.makedirs(loot_path)
# Get the date info
current_date = time.strftime("%m/%d/%Y")
current_time = time.strftime("%H:%M:%S")
screenshot_name = current_date.replace("/", "") +\
"_" + current_time.replace(":", "") + "web_data.txt"
# Read the length of the screenshot file being uploaded
screen_length = self.headers['content-length']
screen_data = self.rfile.read(int(screen_length))
# Write out the file
with open(loot_path + screenshot_name, 'w') as cc_data_file:
cc_data_file.write(screen_data)
# All other Post requests
else:
self.send_response(404)
self.end_headers()
print "Odd... someone else is trying to access this web server..."
print "Might want to check that out..."
return

6
protocols/servers/serverlibs/web/threaded_http.py Normal file
View File

@ -0,0 +1,6 @@
from BaseHTTPServer import HTTPServer
from SocketServer import ThreadingMixIn
class ThreadingHTTPServer(ThreadingMixIn, HTTPServer):
pass

2
setup/setup.sh
View File

@ -8,7 +8,7 @@ cd pyftpdlib
python setup.py install python setup.py install
cd .. cd ..
rm -rf pyftpdlib rm -rf pyftpdlib
cd ../protocols/servers/serverlibs cd ../protocols/servers/serverlibs/web
clear clear
echo "[*] Generating SSL Certificate" echo "[*] Generating SSL Certificate"
openssl req -new -x509 -keyout server.pem -out server.pem -days 365 -nodes openssl req -new -x509 -keyout server.pem -out server.pem -days 365 -nodes