Home Explore Help
Sign In
epsylon
/
xsser
Watch 1
Star 0
Fork 0
Files Issues 0 Pull Requests 0
Tree: c0ba7110b4
Branches Tags
xsser
/
core
/
twsupport.py

twsupport.py 6.5 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169 
  1. #!/usr/bin/env python
    2. 

  2. # -*- coding: utf-8 -*-"
    3. 

  3. # vim: set expandtab tabstop=4 shiftwidth=4:
    4. 

  4. """
    5. 

  5. This file is part of the XSSer project, https://xsser.03c8.net
    6. 

  6. 

  7. Copyright (c) 2010/2021 | psy <epsylon@riseup.net>
    8. 

  8. 

  9. xsser is free software; you can redistribute it and/or modify it under
    10. 

  10. the terms of the GNU General Public License as published by the Free
    11. 

  11. Software Foundation version 3 of the License.
    12. 

  12. 

  13. xsser is distributed in the hope that it will be useful, but WITHOUT ANY
    14. 

  14. WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
    15. 

  15. FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
    16. 

  16. details.
    17. 

  17. 

  18. You should have received a copy of the GNU General Public License along
    19. 

  19. with xsser; if not, write to the Free Software Foundation, Inc., 51
    20. 

  20. Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
    21. 

  21. """
    22. 

  22. import sys
    23. 

  23. from twisted.internet.protocol import Protocol
    24. 

  24. from twisted.internet.protocol import Factory
    25. 

  25. from twisted.internet import reactor
    26. 

  26. from core.main import xsser
    27. 

  27. import cgi
    28. 

  28. import traceback
    29. 

  29. try:
    30. 

  30.     from orbited.start import main as orbited_main
    31. 

  31. except:
    32. 

  32.     print("no orbited so not enabling rt swarm port")
    33. 

  33.     orbited_main = None
    34. 

  34.     traceback.print_exc()
    35. 

  35. 

  36. print("\nXSSer v1.8[4]: 'The HiV€'\n")
    37. 

  37. print("Daemon(s): ready!", "//" , "Interfaz: ready!\n")
    38. 

  38. print("Connect to http://127.0.0.1:19084/static/ via Web or Telnet to manage your swarm\n")
    39. 

  39. print("Listening...")
    40. 

  40. 

  41. from twisted.web import resource, error, script, server
    42. 

  42. from orbited import __version__ as version
    43. 

  43. 

  44. class XSSerResource(resource.Resource):
    45. 

  45.     def __init__(self, name, parent):
    46. 

  46.         self.name = str(name)
    47. 

  47.         self.parent = parent
    48. 

  48.     def render_GET(self, request):
    49. 

  49.         if hasattr(self.parent, "do_"+self.name):
    50. 

  50.             response = getattr(self.parent, "do_"+self.name)(request)
    51. 

  51.         else:
    52. 

  52.             response = "<h2>The swarm is not ready to "+self.name+"</h2>"
    53. 

  53.         return response
    54. 

  54.     def render_POST(self, request):
    55. 

  55.         return self.render_GET(request)
    56. 

  56. 

  57. class XSSerCheckerResource(resource.Resource):
    58. 

  58.     def __init__(self, name, parent):
    59. 

  59.         self.name = str(name)
    60. 

  60.         self.parent = parent
    61. 

  61.     def render_GET(self, request):
    62. 

  62.         print("SUCCESS!!", request)
    63. 

  63.         self.parent.xsser.final_attack_callback(request)
    64. 

  64.         response = "thx for use XSSer (https://xsser.03c8.net) !!"
    65. 

  65.         return response
    66. 

  66.     def render_POST(self, request):
    67. 

  67.         return self.render_GET(request)
    68. 

  68. 

  69. class XSSerMainResource(script.ResourceScriptDirectory):
    70. 

  70.     def __init__(self, name, xsser):
    71. 

  71.         script.ResourceScriptDirectory.__init__(self, name)
    72. 

  72.         self.xsser = xsser
    73. 

  73.     def render(self, request):
    74. 

  74.         response = "<h2>XSSer.system</h2>"
    75. 

  75.         response += " version: "+version
    76. 

  76.         app = self.xsser()
    77. 

  77.         options = app.create_options(["-d","http://Bla.com"])
    78. 

  78.         app.set_options(options)
    79. 

  79.         response += "<br><br>&gt; <a href='/static'>Static</a>"
    80. 

  80.         response += "<br>&gt; <a href='/system/monitor'>Orbited.system.monitor</a><br><br>"
    81. 

  81.         response += "<h2>Options</h2>"
    82. 

  82.         for opt in app.options.__dict__:
    83. 

  83.             if not hasattr(app.options.__dict__[opt], "__call__"):
    84. 

  84.                 response += "<b>"+str(opt) + "</b> " + str(app.options.__dict__[opt]) + "<br/>"
    85. 

  85.         return response
    86. 

  86.     def do_attack(self, request):
    87. 

  87.         response = "<h2>Let's go attack</h2>"
    88. 

  88.         return response
    89. 

  89.     def do_success(self, request):
    90. 

  90.         response = "not implemented!"
    91. 

  91.         if False:
    92. 

  92.             print("SUCCESS!!", data.split('HTTP')[0].split('/')[-1])
    93. 

  93.             self.factory.xsser.final_attack_callback(data.split('HTTP')[0].split('/')[-1].strip())
    94. 

  94.             self.sendHTTP("thx for use XSSer (https://xsser.03c8.net) !!\n")
    95. 

  95.         return response
    96. 

  96.     def do_evangelion(self, request):
    97. 

  97.         response = "Start Swarm Attack"
    98. 

  98.         reactor.callInThread(self.xsser.run)
    99. 

  99.         return response
    100. 

  100.     def getChild(self, path, request):
    101. 

  101.         return XSSerResource(path, self)
    102. 

  102. 

  103. class XSSerProtocol(Protocol):
    104. 

  104.     transport = None
    105. 

  105.     factory = None
    106. 

  106.     def connectionMade(self):
    107. 

  107.         self.factory._clients.append(self)
    108. 

  108.         print("new client connected...")
    109. 

  109.     def connectionLost(self, reason):
    110. 

  110.         self.factory._clients.remove(self)
    111. 

  111.     def sendHTTP(self, data):
    112. 

  112.         self.transport.write("HTTP/1.0 200 Found\n")
    113. 

  113.         self.transport.write("Content-Type: text/html; charset=UTF-8\n\n")
    114. 

  114.         self.transport.write(data)
    115. 

  115.     def dataReceived(self, data):
    116. 

  116.         print("Mosquito network ready ;)",data)
    117. 

  117.         if (data.startswith("GET") and "evangelion" in data) or "evangelion" in data:
    118. 

  118.             print("EVAngelion swarm mode!\n")
    119. 

  119.             self.sendHTTP("Start Swarm Attack\n")
    120. 

  120.             app = xsser()
    121. 

  121.             app.set_reporter(self.factory)
    122. 

  122.             self.factory.xsser = app
    123. 

  123.             data = data.split('\n')[0]
    124. 

  124.             options = data.replace('GET ', '').split()[1:]
    125. 

  125.             print('OPTIONS',options)
    126. 

  126.             if len(options) > 1:
    127. 

  127.                 reactor.callInThread(self.factory.xsser.run, options)
    128. 

  128.             else:
    129. 

  129.                 reactor.callInThread(self.factory.xsser.run)
    130. 

  130.         elif "evangelion" in data:
    131. 

  131.             self.sendHTTP("Start Swarm Attack\n")
    132. 

  132.             reactor.callInThread(self.factory.xsser.run)
    133. 

  133.         elif data.startswith("GET /success"):
    134. 

  134.             print("SUCCESS!!", data.split('HTTP')[0].split('/')[-1])
    135. 

  135.             self.factory.xsser.final_attack_callback(data.split('HTTP')[0].split('/')[-1].strip())
    136. 

  136.             self.sendHTTP("thx for use XSSer (https://xsser.03c8.net) !!\n")
    137. 

  137.             self.transport.loseConnection()
    138. 

  138.         elif data.startswith("GET"):
    139. 

  139.             self.sendHTTP("XSSer Web Interface <a href='evangelion'>Try it!</a>\n")
    140. 

  140.         elif data.startswith("close"):
    141. 

  141.             reactor.stop()
    142. 

  142.         else:
    143. 

  143.             self.transport.write("1")
    144. 

  144. 

  145. class ServerFactory(Factory):
    146. 

  146.     protocol = XSSerProtocol
    147. 

  147.     _clients = []
    148. 

  148.     def __init__(self, xsser):
    149. 

  149.         self.xsser = xsser
    150. 

  150.     def post(self, data):
    151. 

  151.         for c in self._clients:
    152. 

  152.             c.transport.write(cgi.escape(data)+'<br/>')
    153. 

  153. 

  154. if __name__ == '__main__':
    155. 

  155.     if orbited_main:
    156. 

  156.         print("orbited!")
    157. 

  157.         root = orbited_main()
    158. 

  158.         import orbited.transports.base
    159. 

  159.         from orbited import cometsession
    160. 

  160.         tcpresource = resource.Resource()
    161. 

  161.         reactor.listenWith(cometsession.Port, factory=ServerFactory(xsser),
    162. 

  162.                            resource=root, childName='xssertcp')
    163. 

  163.         root.putChild("xsser", XSSerMainResource("xsser", xsser))
    164. 

  164.         root.putChild("checker", XSSerCheckerResource("checker", xsser))                        
    165. 

  165.     else:
    166. 

  166.         factory = ServerFactory(None)
    167. 

  167.         reactor.listenTCP(19084, factory)
    168. 

  168.     reactor.run()
    169. 

  169.