Modified locations of server modules

resolved_file
Chris Truncer 2015-01-03 21:14:17 -05:00
parent eb2bfdb9d9
commit eafe26261c
7 changed files with 80 additions and 6 deletions

View File

@ -1,6 +1,7 @@
[1.3.2015]
Added...: SFTP Server module has been added to the framework!
Added...: SFTP Client module has been added to the framework.
Modified: Modified server web modules to have their required libraries in the "web" folder.
[12.27.2014]
Added...: Datatype module template has been added to the framework for creating datatype modules.

View File

@ -6,8 +6,8 @@ This is the code for the web server
import socket
import sys
from protocols.servers.serverlibs import base_handler
from protocols.servers.serverlibs import threaded_http
from protocols.servers.serverlibs.web import base_handler
from protocols.servers.serverlibs.web import threaded_http
from threading import Thread

View File

@ -8,8 +8,8 @@ import socket
import ssl
import sys
from common import helpers
from protocols.servers.serverlibs import base_handler
from protocols.servers.serverlibs import threaded_http
from protocols.servers.serverlibs.web import base_handler
from protocols.servers.serverlibs.web import threaded_http
from threading import Thread
@ -33,7 +33,7 @@ class Server:
def serve_on_port(self):
try:
cert_path = helpers.ea_path() +\
'/protocols/servers/serverlibs/server.pem'
'/protocols/servers/serverlibs/web/server.pem'
server = threaded_http.ThreadingHTTPServer(
("0.0.0.0", 443), base_handler.GetHandler)
server.socket = ssl.wrap_socket(

View File

@ -0,0 +1,67 @@
import os
import time
from BaseHTTPServer import BaseHTTPRequestHandler
from common import helpers
class GetHandler(BaseHTTPRequestHandler):
# Some of the http server code came from Dave Kennedy's AES shell
# over http - the server specific code
# should be performing GET requests Help from
# http://pymotw.com/2/BaseHTTPServer/
def do_GET(self):
# 404 since we aren't serving up any pages, only receiving data
self.send_response(404)
self.end_headers()
return
# handle post request
def do_POST(self):
# Gather the Posted URI from the agent/browser
# parsed_path = urlparse.urlparse(self.path)
uri_posted = self.path
uri_posted = uri_posted.replace("/", "")
#incoming_ip = self.client_address[0]
# current directory
exfil_directory = os.path.join(helpers.ea_path(), "data")
loot_path = exfil_directory + "/"
# Info for this from -
# http://stackoverflow.com/questions/13146064/simple-
# python-webserver-to-save-file
if uri_posted == "post_data.php":
self.send_response(200)
self.end_headers()
# Check to make sure the agent directory exists, and a loot
# directory for the agent. If not, make them
if not os.path.isdir(loot_path):
os.makedirs(loot_path)
# Get the date info
current_date = time.strftime("%m/%d/%Y")
current_time = time.strftime("%H:%M:%S")
screenshot_name = current_date.replace("/", "") +\
"_" + current_time.replace(":", "") + "web_data.txt"
# Read the length of the screenshot file being uploaded
screen_length = self.headers['content-length']
screen_data = self.rfile.read(int(screen_length))
# Write out the file
with open(loot_path + screenshot_name, 'w') as cc_data_file:
cc_data_file.write(screen_data)
# All other Post requests
else:
self.send_response(404)
self.end_headers()
print "Odd... someone else is trying to access this web server..."
print "Might want to check that out..."
return

View File

@ -0,0 +1,6 @@
from BaseHTTPServer import HTTPServer
from SocketServer import ThreadingMixIn
class ThreadingHTTPServer(ThreadingMixIn, HTTPServer):
pass

View File

@ -8,7 +8,7 @@ cd pyftpdlib
python setup.py install
cd ..
rm -rf pyftpdlib
cd ../protocols/servers/serverlibs
cd ../protocols/servers/serverlibs/web
clear
echo "[*] Generating SSL Certificate"
openssl req -new -x509 -keyout server.pem -out server.pem -days 365 -nodes