Home Explore Help
Sign In
epsylon
/
xsser
Watch 1
Star 0
Fork 0
Files Issues 0 Pull Requests 0
Tree: 96caedcaf1
Branches Tags
xsser
/
xsser
/
core
/
twsupport.py

twsupport.py 6.5 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171 
  1. #!/usr/bin/env python
    2. 

  2. # -*- coding: utf-8 -*-"
    3. 

  3. # vim: set expandtab tabstop=4 shiftwidth=4:
    4. 

  4. """
    5. 

  5. $Id$
    6. 

  6. 

  7. This file is part of the xsser project, http://xsser.03c8.net
    8. 

  8. 

  9. Copyright (c) 2011/2016 psy <epsylon@riseup.net>
    10. 

  10. 

  11. xsser is free software; you can redistribute it and/or modify it under
    12. 

  12. the terms of the GNU General Public License as published by the Free
    13. 

  13. Software Foundation version 3 of the License.
    14. 

  14. 

  15. xsser is distributed in the hope that it will be useful, but WITHOUT ANY
    16. 

  16. WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
    17. 

  17. FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
    18. 

  18. details.
    19. 

  19. 

  20. You should have received a copy of the GNU General Public License along
    21. 

  21. with xsser; if not, write to the Free Software Foundation, Inc., 51
    22. 

  22. Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
    23. 

  23. """
    24. 

  24. import sys
    25. 

  25. from twisted.internet.protocol import Protocol
    26. 

  26. from twisted.internet.protocol import Factory
    27. 

  27. from twisted.internet import reactor
    28. 

  28. from core.main import xsser
    29. 

  29. import cgi
    30. 

  30. import traceback
    31. 

  31. try:
    32. 

  32.     from orbited.start import main as orbited_main
    33. 

  33. except:
    34. 

  34.     print "no orbited so not enabling rt swarm port"
    35. 

  35.     orbited_main = None
    36. 

  36.     traceback.print_exc()
    37. 

  37. 

  38. print "\nXSSer v1.7b: The Mosquito 'Zika Swarm'\n"
    39. 

  39. print "Daemon(s): ready!", "//" , "Interfaz: ready!\n"
    40. 

  40. print "Connect to http://127.0.0.1:19084/static/ via Web or Telnet to manage your swarm\n"
    41. 

  41. print "Listening..."
    42. 

  42. 

  43. from twisted.web import resource, error, script, server
    44. 

  44. from orbited import __version__ as version
    45. 

  45. 

  46. class XSSerResource(resource.Resource):
    47. 

  47.     def __init__(self, name, parent):
    48. 

  48.         self.name = str(name)
    49. 

  49.         self.parent = parent
    50. 

  50.     def render_GET(self, request):
    51. 

  51.         if hasattr(self.parent, "do_"+self.name):
    52. 

  52.             response = getattr(self.parent, "do_"+self.name)(request)
    53. 

  53.         else:
    54. 

  54.             response = "<h2>The swarm is not ready to "+self.name+"</h2>"
    55. 

  55.         return response
    56. 

  56.     def render_POST(self, request):
    57. 

  57.         return self.render_GET(request)
    58. 

  58. 

  59. class XSSerCheckerResource(resource.Resource):
    60. 

  60.     def __init__(self, name, parent):
    61. 

  61.         self.name = str(name)
    62. 

  62.         self.parent = parent
    63. 

  63.     def render_GET(self, request):
    64. 

  64.         print "SUCCESS!!", request
    65. 

  65.         self.parent.xsser.final_attack_callback(request)
    66. 

  66.         response = "thx for use XSSer (http://xsser.03c8.net) !!"
    67. 

  67.         return response
    68. 

  68.     def render_POST(self, request):
    69. 

  69.         return self.render_GET(request)
    70. 

  70. 

  71. class XSSerMainResource(script.ResourceScriptDirectory):
    72. 

  72.     def __init__(self, name, xsser):
    73. 

  73.         script.ResourceScriptDirectory.__init__(self, name)
    74. 

  74.         self.xsser = xsser
    75. 

  75.     def render(self, request):
    76. 

  76.         response = "<h2>XSSer.system</h2>"
    77. 

  77.         response += " version: "+version
    78. 

  78.         app = self.xsser()
    79. 

  79.         options = app.create_options(["-d","http://Bla.com"])
    80. 

  80.         app.set_options(options)
    81. 

  81.         response += "<br><br>&gt; <a href='/static'>Static</a>"
    82. 

  82.         response += "<br>&gt; <a href='/system/monitor'>Orbited.system.monitor</a><br><br>"
    83. 

  83.         response += "<h2>Options</h2>"
    84. 

  84.         for opt in app.options.__dict__:
    85. 

  85.             if not hasattr(app.options.__dict__[opt], "__call__"):
    86. 

  86.                 response += "<b>"+str(opt) + "</b> " + str(app.options.__dict__[opt]) + "<br/>"
    87. 

  87.         return response
    88. 

  88.     def do_attack(self, request):
    89. 

  89.         response = "<h2>Let's go attack</h2>"
    90. 

  90.         return response
    91. 

  91.     def do_success(self, request):
    92. 

  92.         response = "not implemented!"
    93. 

  93.         if False:
    94. 

  94.             print "SUCCESS!!", data.split('HTTP')[0].split('/')[-1]
    95. 

  95.             self.factory.xsser.final_attack_callback(data.split('HTTP')[0].split('/')[-1].strip())
    96. 

  96.             self.sendHTTP("thx for use XSSer (http://xsser.03c8.net) !!\n")
    97. 

  97.         return response
    98. 

  98.     def do_evangelion(self, request):
    99. 

  99.         response = "Start Swarm Attack"
    100. 

  100.         reactor.callInThread(self.xsser.run)
    101. 

  101.         return response
    102. 

  102.     def getChild(self, path, request):
    103. 

  103.         return XSSerResource(path, self)
    104. 

  104. 

  105. class XSSerProtocol(Protocol):
    106. 

  106.     transport = None
    107. 

  107.     factory = None
    108. 

  108.     def connectionMade(self):
    109. 

  109.         self.factory._clients.append(self)
    110. 

  110.         print "new client connected..."
    111. 

  111.     def connectionLost(self, reason):
    112. 

  112.         self.factory._clients.remove(self)
    113. 

  113.     def sendHTTP(self, data):
    114. 

  114.         self.transport.write("HTTP/1.0 200 Found\n")
    115. 

  115.         self.transport.write("Content-Type: text/html; charset=UTF-8\n\n")
    116. 

  116.         self.transport.write(data)
    117. 

  117.     def dataReceived(self, data):
    118. 

  118.         print "Mosquito network ready ;)",data
    119. 

  119.         if (data.startswith("GET") and "evangelion" in data) or "evangelion" in data:
    120. 

  120.             print "EVAngelion swarm mode!\n"
    121. 

  121.             self.sendHTTP("Start Swarm Attack\n")
    122. 

  122.             app = xsser()
    123. 

  123.             app.set_reporter(self.factory)
    124. 

  124.             self.factory.xsser = app
    125. 

  125.             data = data.split('\n')[0]
    126. 

  126.             options = data.replace('GET ', '').split()[1:]
    127. 

  127.             print 'OPTIONS',options
    128. 

  128.             if len(options) > 1:
    129. 

  129.                 reactor.callInThread(self.factory.xsser.run, options)
    130. 

  130.             else:
    131. 

  131.                 reactor.callInThread(self.factory.xsser.run)
    132. 

  132.         elif "evangelion" in data:
    133. 

  133.             self.sendHTTP("Start Swarm Attack\n")
    134. 

  134.             reactor.callInThread(self.factory.xsser.run)
    135. 

  135.         elif data.startswith("GET /success"):
    136. 

  136.             print "SUCCESS!!", data.split('HTTP')[0].split('/')[-1]
    137. 

  137.             self.factory.xsser.final_attack_callback(data.split('HTTP')[0].split('/')[-1].strip())
    138. 

  138.             self.sendHTTP("thx for use XSSer (http://xsser.03c8.net) !!\n")
    139. 

  139.             self.transport.loseConnection()
    140. 

  140.         elif data.startswith("GET"):
    141. 

  141.             self.sendHTTP("XSSer Web Interface <a href='evangelion'>Try it!</a>\n")
    142. 

  142.         elif data.startswith("close"):
    143. 

  143.             reactor.stop()
    144. 

  144.         else:
    145. 

  145.             self.transport.write("1")
    146. 

  146. 

  147. class ServerFactory(Factory):
    148. 

  148.     protocol = XSSerProtocol
    149. 

  149.     _clients = []
    150. 

  150.     def __init__(self, xsser):
    151. 

  151.         self.xsser = xsser
    152. 

  152.     def post(self, data):
    153. 

  153.         for c in self._clients:
    154. 

  154.             c.transport.write(cgi.escape(data)+'<br/>')
    155. 

  155. 

  156. if __name__ == '__main__':
    157. 

  157.     if orbited_main:
    158. 

  158.         print "orbited!"
    159. 

  159.         root = orbited_main()
    160. 

  160.         import orbited.transports.base
    161. 

  161.         from orbited import cometsession
    162. 

  162.         tcpresource = resource.Resource()
    163. 

  163.         reactor.listenWith(cometsession.Port, factory=ServerFactory(xsser),
    164. 

  164.                            resource=root, childName='xssertcp')
    165. 

  165.         root.putChild("xsser", XSSerMainResource("xsser", xsser))
    166. 

  166.         root.putChild("checker", XSSerCheckerResource("checker", xsser))                        
    167. 

  167.     else:
    168. 

  168.         factory = ServerFactory(None)
    169. 

  169.         reactor.listenTCP(19084, factory)
    170. 

  170.     reactor.run()
    171. 

  171.