twsupport.py 6.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169
  1. #!/usr/bin/env python
  2. # -*- coding: utf-8 -*-"
  3. # vim: set expandtab tabstop=4 shiftwidth=4:
  4. """
  5. This file is part of the XSSer project, https://xsser.03c8.net
  6. Copyright (c) 2010/2020 | psy <epsylon@riseup.net>
  7. xsser is free software; you can redistribute it and/or modify it under
  8. the terms of the GNU General Public License as published by the Free
  9. Software Foundation version 3 of the License.
  10. xsser is distributed in the hope that it will be useful, but WITHOUT ANY
  11. WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
  12. FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
  13. details.
  14. You should have received a copy of the GNU General Public License along
  15. with xsser; if not, write to the Free Software Foundation, Inc., 51
  16. Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
  17. """
  18. import sys
  19. from twisted.internet.protocol import Protocol
  20. from twisted.internet.protocol import Factory
  21. from twisted.internet import reactor
  22. from core.main import xsser
  23. import cgi
  24. import traceback
  25. try:
  26. from orbited.start import main as orbited_main
  27. except:
  28. print("no orbited so not enabling rt swarm port")
  29. orbited_main = None
  30. traceback.print_exc()
  31. print("\nXSSer v1.8[3]: 'The HiV€'\n")
  32. print("Daemon(s): ready!", "//" , "Interfaz: ready!\n")
  33. print("Connect to http://127.0.0.1:19084/static/ via Web or Telnet to manage your swarm\n")
  34. print("Listening...")
  35. from twisted.web import resource, error, script, server
  36. from orbited import __version__ as version
  37. class XSSerResource(resource.Resource):
  38. def __init__(self, name, parent):
  39. self.name = str(name)
  40. self.parent = parent
  41. def render_GET(self, request):
  42. if hasattr(self.parent, "do_"+self.name):
  43. response = getattr(self.parent, "do_"+self.name)(request)
  44. else:
  45. response = "<h2>The swarm is not ready to "+self.name+"</h2>"
  46. return response
  47. def render_POST(self, request):
  48. return self.render_GET(request)
  49. class XSSerCheckerResource(resource.Resource):
  50. def __init__(self, name, parent):
  51. self.name = str(name)
  52. self.parent = parent
  53. def render_GET(self, request):
  54. print("SUCCESS!!", request)
  55. self.parent.xsser.final_attack_callback(request)
  56. response = "thx for use XSSer (https://xsser.03c8.net) !!"
  57. return response
  58. def render_POST(self, request):
  59. return self.render_GET(request)
  60. class XSSerMainResource(script.ResourceScriptDirectory):
  61. def __init__(self, name, xsser):
  62. script.ResourceScriptDirectory.__init__(self, name)
  63. self.xsser = xsser
  64. def render(self, request):
  65. response = "<h2>XSSer.system</h2>"
  66. response += " version: "+version
  67. app = self.xsser()
  68. options = app.create_options(["-d","http://Bla.com"])
  69. app.set_options(options)
  70. response += "<br><br>&gt; <a href='/static'>Static</a>"
  71. response += "<br>&gt; <a href='/system/monitor'>Orbited.system.monitor</a><br><br>"
  72. response += "<h2>Options</h2>"
  73. for opt in app.options.__dict__:
  74. if not hasattr(app.options.__dict__[opt], "__call__"):
  75. response += "<b>"+str(opt) + "</b> " + str(app.options.__dict__[opt]) + "<br/>"
  76. return response
  77. def do_attack(self, request):
  78. response = "<h2>Let's go attack</h2>"
  79. return response
  80. def do_success(self, request):
  81. response = "not implemented!"
  82. if False:
  83. print("SUCCESS!!", data.split('HTTP')[0].split('/')[-1])
  84. self.factory.xsser.final_attack_callback(data.split('HTTP')[0].split('/')[-1].strip())
  85. self.sendHTTP("thx for use XSSer (https://xsser.03c8.net) !!\n")
  86. return response
  87. def do_evangelion(self, request):
  88. response = "Start Swarm Attack"
  89. reactor.callInThread(self.xsser.run)
  90. return response
  91. def getChild(self, path, request):
  92. return XSSerResource(path, self)
  93. class XSSerProtocol(Protocol):
  94. transport = None
  95. factory = None
  96. def connectionMade(self):
  97. self.factory._clients.append(self)
  98. print("new client connected...")
  99. def connectionLost(self, reason):
  100. self.factory._clients.remove(self)
  101. def sendHTTP(self, data):
  102. self.transport.write("HTTP/1.0 200 Found\n")
  103. self.transport.write("Content-Type: text/html; charset=UTF-8\n\n")
  104. self.transport.write(data)
  105. def dataReceived(self, data):
  106. print("Mosquito network ready ;)",data)
  107. if (data.startswith("GET") and "evangelion" in data) or "evangelion" in data:
  108. print("EVAngelion swarm mode!\n")
  109. self.sendHTTP("Start Swarm Attack\n")
  110. app = xsser()
  111. app.set_reporter(self.factory)
  112. self.factory.xsser = app
  113. data = data.split('\n')[0]
  114. options = data.replace('GET ', '').split()[1:]
  115. print('OPTIONS',options)
  116. if len(options) > 1:
  117. reactor.callInThread(self.factory.xsser.run, options)
  118. else:
  119. reactor.callInThread(self.factory.xsser.run)
  120. elif "evangelion" in data:
  121. self.sendHTTP("Start Swarm Attack\n")
  122. reactor.callInThread(self.factory.xsser.run)
  123. elif data.startswith("GET /success"):
  124. print("SUCCESS!!", data.split('HTTP')[0].split('/')[-1])
  125. self.factory.xsser.final_attack_callback(data.split('HTTP')[0].split('/')[-1].strip())
  126. self.sendHTTP("thx for use XSSer (https://xsser.03c8.net) !!\n")
  127. self.transport.loseConnection()
  128. elif data.startswith("GET"):
  129. self.sendHTTP("XSSer Web Interface <a href='evangelion'>Try it!</a>\n")
  130. elif data.startswith("close"):
  131. reactor.stop()
  132. else:
  133. self.transport.write("1")
  134. class ServerFactory(Factory):
  135. protocol = XSSerProtocol
  136. _clients = []
  137. def __init__(self, xsser):
  138. self.xsser = xsser
  139. def post(self, data):
  140. for c in self._clients:
  141. c.transport.write(cgi.escape(data)+'<br/>')
  142. if __name__ == '__main__':
  143. if orbited_main:
  144. print("orbited!")
  145. root = orbited_main()
  146. import orbited.transports.base
  147. from orbited import cometsession
  148. tcpresource = resource.Resource()
  149. reactor.listenWith(cometsession.Port, factory=ServerFactory(xsser),
  150. resource=root, childName='xssertcp')
  151. root.putChild("xsser", XSSerMainResource("xsser", xsser))
  152. root.putChild("checker", XSSerCheckerResource("checker", xsser))
  153. else:
  154. factory = ServerFactory(None)
  155. reactor.listenTCP(19084, factory)
  156. reactor.run()