From 0ff56091b1c71f680b53aea2bce2395fd5345007 Mon Sep 17 00:00:00 2001 From: sud0nick Date: Sun, 7 Jan 2018 23:16:42 -0500 Subject: [PATCH] Removed .gitignore files and changed code to create directories --- CursedScreech/api/module.php | 24 +++ CursedScreech/includes/forest/target.py | 250 ++++++++++++------------ CursedScreech/js/module.js | 18 +- Papers/api/module.php | 35 ++++ Papers/includes/download/.gitignore | Bin 6 -> 0 bytes Papers/includes/logs/.gitignore | Bin 6 -> 0 bytes Papers/includes/scripts/cfgHelper.py | 240 +++++++++++------------ Papers/includes/ssh/.gitignore | Bin 6 -> 0 bytes Papers/includes/ssl/.gitignore | Bin 6 -> 0 bytes Papers/js/module.js | 18 +- PortalAuth/README.md | 2 - PortalAuth/api/module.php | 16 ++ PortalAuth/js/module.js | 19 +- 13 files changed, 372 insertions(+), 250 deletions(-) delete mode 100644 Papers/includes/download/.gitignore delete mode 100644 Papers/includes/logs/.gitignore delete mode 100644 Papers/includes/ssh/.gitignore delete mode 100644 Papers/includes/ssl/.gitignore delete mode 100755 PortalAuth/README.md diff --git a/CursedScreech/api/module.php b/CursedScreech/api/module.php index de21987..4defeff 100755 --- a/CursedScreech/api/module.php +++ b/CursedScreech/api/module.php @@ -64,6 +64,9 @@ if (!empty($_FILES)) { class CursedScreech extends Module { public function route() { switch ($this->request->action) { + case 'init': + $this->init(); + break; case 'depends': $this->depends($this->request->task); break; @@ -140,6 +143,27 @@ class CursedScreech extends Module { } } + /* ============================ */ + /* INIT FUNCTIONS */ + /* ============================ */ + + private function init() { + if (!file_exists(__LOGS__)) { + if (!mkdir(__LOGS__, 0755, true)) { + $this->respond(false, "Failed to create logs directory"); + return false; + } + } + + if (!file_exists(__API_DL__)) { + if (!mkdir(__API_DL__, 0755, true)) { + $this->logError("Failed init", "Failed to initialize because the API download directory structure could not be created."); + $this->respond(false); + return false; + } + } + } + /* ============================ */ /* DEPENDS FUNCTIONS */ /* ============================ */ diff --git a/CursedScreech/includes/forest/target.py b/CursedScreech/includes/forest/target.py index 07900ba..9fc6fcc 100755 --- a/CursedScreech/includes/forest/target.py +++ b/CursedScreech/includes/forest/target.py @@ -1,126 +1,126 @@ -from ssl import * -from socket import * -import time -import os - -# Pull settings from file -settingsFile = "/pineapple/modules/CursedScreech/includes/forest/settings" -targetLogLocation = "/pineapple/modules/CursedScreech/includes/forest/targetlogs/" -activity_log = priv_key = pub_cer = client_key = client_serial = "" -settings = {} -with open(settingsFile, "r") as sFile: - for line in sFile: - params = line.strip("\n").split("=") - if params[0] == "activity_log": - activity_log = params[1] - elif params[0] == "kuro_key": - priv_key = params[1] + ".key" - pub_cer = params[1] + ".cer" - elif params[0] == "target_key": - client_key = params[1] + ".cer" - elif params[0] == "client_serial": - client_serial = params[1] - else: - pass - -def logActivity(msg): - with open(activity_log, "a") as log: - log.write(msg + "\n") - -def logReceivedData(data, file): - with open(targetLogLocation + file, "a+") as tLog: - tLog.write(data + "\n") - -class Target: - def __init__(self,addr=None,port=None): - self.addr = addr - self.port = int(port) - self.socket = None - self.msg = "" - self.recvData = "" - self.connected = False - self.lastSeen = time.time() - - def secureConnect(self): - print "[>] Connecting to " + self.sockName() - logActivity("[>] Connecting to " + self.sockName()) - - try: - sck = socket(AF_INET, SOCK_STREAM) - self.socket = wrap_socket(sck, ssl_version=PROTOCOL_SSLv23, keyfile=priv_key, certfile=pub_cer, cert_reqs=CERT_REQUIRED, ca_certs=client_key) - self.socket.settimeout(10) - self.socket.connect((self.addr,self.port)) - self.socket.settimeout(None) - - # Fetch the target's certificate to verify their identity - cert = self.socket.getpeercert() - if not cert['serialNumber'] == client_serial: - logActivity("[-] Certificate serial number doesn't match.") - self.disconnect() - else: - print "[+] Connected to " + self.sockName() + " via " + self.socket.version() - logActivity("[+] Connected to " + self.sockName() + " via " + self.socket.version()) - self.connected = True - - except error as sockerror: - logActivity("[!] Failed to connect to " + self.sockName()) - self.connected = False - - def send(self, data): - if self.isConnected(): - - if "sendfile;" in data: - dataParts = data.split(";") - filePath = dataParts[1] - storeDir = dataParts[2] - self.socket.sendall("sendfile;" + os.path.basename(filePath) + ";" + str(os.path.getsize(filePath)) + ";" + storeDir) - with open(filePath, "rb") as f: - self.socket.sendall(f.read()) - logActivity("[!] File sent to " + self.sockName()) - else: - self.socket.sendall(data.encode()) - logActivity("[!] Command sent to " + self.sockName()) - logReceivedData(data, self.addr) - - - def recv(self): - try: - d = self.socket.recv(4096) - self.recvData = d.decode() - - if not self.recvData: - self.disconnect() - return - - logReceivedData(self.recvData, self.addr) - logActivity("[+] Data received from: " + self.sockName()) - - except KeyboardInterrupt: - return - - except: - self.disconnect() - - def isConnected(self): - return self.connected - - def sockName(self): - return self.addr + ":" + str(self.port) - - def disconnect(self): - logActivity("[!] Closing connection to " + self.sockName()) - try: - self.socket.shutdown(SHUT_RDWR) - except: - pass - self.socket.close() - self.connected = False - - def setPort(self, port): - self.port = int(port) - - def isMissing(self, limit): - if time.time() - self.lastSeen > limit: - return True - else: +from ssl import * +from socket import * +import time +import os + +# Pull settings from file +settingsFile = "/pineapple/modules/CursedScreech/includes/forest/settings" +targetLogLocation = "/pineapple/modules/CursedScreech/includes/forest/targetlogs/" +activity_log = priv_key = pub_cer = client_key = client_serial = "" +settings = {} +with open(settingsFile, "r") as sFile: + for line in sFile: + params = line.strip("\n").split("=") + if params[0] == "activity_log": + activity_log = params[1] + elif params[0] == "kuro_key": + priv_key = params[1] + ".key" + pub_cer = params[1] + ".cer" + elif params[0] == "target_key": + client_key = params[1] + ".cer" + elif params[0] == "client_serial": + client_serial = params[1] + else: + pass + +def logActivity(msg): + with open(activity_log, "a") as log: + log.write(msg + "\n") + +def logReceivedData(data, file): + with open(targetLogLocation + file, "a+") as tLog: + tLog.write(data + "\n") + +class Target: + def __init__(self,addr=None,port=None): + self.addr = addr + self.port = int(port) + self.socket = None + self.msg = "" + self.recvData = "" + self.connected = False + self.lastSeen = time.time() + + def secureConnect(self): + print "[>] Connecting to " + self.sockName() + logActivity("[>] Connecting to " + self.sockName()) + + try: + sck = socket(AF_INET, SOCK_STREAM) + self.socket = wrap_socket(sck, ssl_version=PROTOCOL_SSLv23, keyfile=priv_key, certfile=pub_cer, cert_reqs=CERT_REQUIRED, ca_certs=client_key) + self.socket.settimeout(10) + self.socket.connect((self.addr,self.port)) + self.socket.settimeout(None) + + # Fetch the target's certificate to verify their identity + cert = self.socket.getpeercert() + if not cert['serialNumber'] == client_serial: + logActivity("[-] Certificate serial number doesn't match.") + self.disconnect() + else: + print "[+] Connected to " + self.sockName() + " via " + self.socket.version() + logActivity("[+] Connected to " + self.sockName() + " via " + self.socket.version()) + self.connected = True + + except error as sockerror: + logActivity("[!] Failed to connect to " + self.sockName()) + self.connected = False + + def send(self, data): + if self.isConnected(): + + if "sendfile;" in data: + dataParts = data.split(";") + filePath = dataParts[1] + storeDir = dataParts[2] + self.socket.sendall("sendfile;" + os.path.basename(filePath) + ";" + str(os.path.getsize(filePath)) + ";" + storeDir) + with open(filePath, "rb") as f: + self.socket.sendall(f.read()) + logActivity("[!] File sent to " + self.sockName()) + else: + self.socket.sendall(data.encode()) + logActivity("[!] Command sent to " + self.sockName()) + logReceivedData(data, self.addr) + + + def recv(self): + try: + d = self.socket.recv(4096) + self.recvData = d.decode() + + if not self.recvData: + self.disconnect() + return + + logReceivedData(self.recvData, self.addr) + logActivity("[+] Data received from: " + self.sockName()) + + except KeyboardInterrupt: + return + + except: + self.disconnect() + + def isConnected(self): + return self.connected + + def sockName(self): + return self.addr + ":" + str(self.port) + + def disconnect(self): + logActivity("[!] Closing connection to " + self.sockName()) + try: + self.socket.shutdown(SHUT_RDWR) + except: + pass + self.socket.close() + self.connected = False + + def setPort(self, port): + self.port = int(port) + + def isMissing(self, limit): + if time.time() - self.lastSeen > limit: + return True + else: return False \ No newline at end of file diff --git a/CursedScreech/js/module.js b/CursedScreech/js/module.js index 2349b2c..8f20077 100755 --- a/CursedScreech/js/module.js +++ b/CursedScreech/js/module.js @@ -683,7 +683,7 @@ registerController('CursedScreechController', ['$api', '$scope', '$sce', '$inter $http.post("/modules/CursedScreech/api/module.php", fd, { transformRequest: angular.identity, headers: {'Content-Type': undefined} - }).success(function(response) { + }).then(function(response) { for (var key in response) { if (response.hasOwnProperty(key)) { if (response.key == "Failed") { @@ -758,6 +758,22 @@ registerController('CursedScreechController', ['$api', '$scope', '$sce', '$inter $scope.stop = undefined; }); + $scope.init = (function(){ + $api.request({ + module: 'CursedScreech', + action: 'init' + },function(response){ + if (response.success == false) { + if (response.message != '') { + $scope.getLogs(); + } else { + alert(response.message); + } + } + }); + }); + + $scope.init(); $scope.loadAvailableInterfaces(); $scope.loadSettings(); $scope.loadEZCmds(); diff --git a/Papers/api/module.php b/Papers/api/module.php index 914d8fd..9f7f485 100755 --- a/Papers/api/module.php +++ b/Papers/api/module.php @@ -54,6 +54,9 @@ class Papers extends Module { public function route() { switch ($this->request->action) { + case 'init': + $this->init(); + break; case 'checkDepends': $this->checkDepends(); break; @@ -104,6 +107,38 @@ class Papers extends Module break; } } + private function init() { + if (!file_exists(__LOGS__)) { + if (!mkdir(__LOGS__, 0755, true)) { + $this->respond(false, "Failed to create logs directory"); + return false; + } + } + + if (!file_exists(__DOWNLOAD__)) { + if (!mkdir(__DOWNLOAD__, 0755, true)) { + Papers::logError("Failed init", "Failed to initialize because the 'download' directory structure could not be created"); + $this->respond(false); + return false; + } + } + + if (!file_exists(__SSLSTORE__)) { + if (!mkdir(__SSLSTORE__, 0755, true)) { + Papers::logError("Failed init", "Failed to initialize because the 'ssl store' directory structure could not be created"); + $this->respond(false); + return false; + } + } + + if (!file_exists(__SSHSTORE__)) { + if (!mkdir(__SSHSTORE__, 0755, true)) { + Papers::logError("Failed init", "Failed to initialize because the 'ssh store' directory structure could not be created"); + $this->respond(false); + return false; + } + } + } private function checkDepends() { $retData = array(); exec(__SCRIPTS__ . "checkDepends.sh", $retData); diff --git a/Papers/includes/download/.gitignore b/Papers/includes/download/.gitignore deleted file mode 100644 index 49cc8ef0e116cef009fe0bd72473a964bbd07f9b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 6 NcmezWkC%aq0RRg=0u=xN diff --git a/Papers/includes/logs/.gitignore b/Papers/includes/logs/.gitignore deleted file mode 100644 index 49cc8ef0e116cef009fe0bd72473a964bbd07f9b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 6 NcmezWkC%aq0RRg=0u=xN diff --git a/Papers/includes/scripts/cfgHelper.py b/Papers/includes/scripts/cfgHelper.py index 274b00b..fb48f51 100755 --- a/Papers/includes/scripts/cfgHelper.py +++ b/Papers/includes/scripts/cfgHelper.py @@ -1,121 +1,121 @@ -# Author: sud0nick -# Date: Apr 2016 - -from subprocess import call -import os - -class ConfigHelper: - - def __init__(self, sslDir = "/etc/nginx/ssl/"): - self.nginxConf = "/etc/nginx/nginx.conf" - self.lines = [f for f in open(self.nginxConf)] - self.ssl_dir = sslDir - self.serverBlockIndex = self.getServerBlockIndex() - self.currentSSLCerts = self.getCurrentSSLCerts() - - - def checkSSLCertsExist(self): - flags = [".key", ".cer"] - if os.path.isdir(self.ssl_dir): - for file in os.listdir(self.ssl_dir): - for flag in flags: - if flag in file: - flags.remove(flag) - if flags: - return False - else: - return True - - def getCurrentSSLCerts(self): - certs = [] - index = self.serverBlockIndex - for line in self.lines[index:]: - if "ssl_certificate" in line: - i = line.rfind("/") - certs.append(line[i+1:].strip(";\n")) - - return certs - - - def getServerBlockIndex(self): - index = 0 - for line in self.lines: - if ("listen" in line) and not ("80" in line or "443" in line): - return index - index = index + 1 - - return False - - - def checkSSLConfigStatus(self): - index = self.serverBlockIndex - for line in self.lines[index:]: - if "1471 ssl;" in line: - return True - - return False - - - def addSSLConfig(self, keyName): - - # Check if SSL has already been configured for port 1471 - if self.checkSSLConfigStatus(): - return True - - index = 0 - cert = keyName + ".cer" - key = keyName + ".key" - - with open(self.nginxConf, "w") as out: - for line in self.lines: - if index == self.serverBlockIndex: - line = "\t\tlisten\t1471 ssl;\n" - - if index > self.serverBlockIndex: - if "root /pineapple/;" in line: - self.lines.insert(index + 1, "\t\tssl_certificate /etc/nginx/ssl/" + cert + ";\n" - "\t\tssl_certificate_key /etc/nginx/ssl/" + key + ";\n" - "\t\tssl_protocols TLSv1 TLSv1.1 TLSv1.2;\n") - index = index + 1 - out.write(line) - call(["/etc/init.d/nginx", "reload"]) - - return True - - def replaceSSLConfig(self, newKey): - cert = newKey + ".cer" - key = newKey + ".key" - currentKey = self.currentSSLCerts[0].rsplit(".")[0] - index = 0 - - with open(self.nginxConf, "w") as out: - for line in self.lines: - if index > self.serverBlockIndex: - if (currentKey + ".cer") in line: - line = "\t\tssl_certificate /etc/nginx/ssl/" + cert + ";\n" - - if (currentKey + ".key") in line: - line = "\t\tssl_certificate_key /etc/nginx/ssl/" + key + ";\n" - - index = index + 1 - out.write(line) - - call(["/etc/init.d/nginx", "reload"]) - - - def removeSSLConfig(self): - index = 0 - with open(self.nginxConf, "w") as out: - for line in self.lines: - if index == self.serverBlockIndex: - line = "\t\tlisten\t1471;\n" - - if index > self.serverBlockIndex: - if "ssl_certificate" in line or "ssl_protocols" in line: - continue - - index = index + 1 - out.write(line) - - call(["/etc/init.d/nginx", "reload"]) +# Author: sud0nick +# Date: Apr 2016 + +from subprocess import call +import os + +class ConfigHelper: + + def __init__(self, sslDir = "/etc/nginx/ssl/"): + self.nginxConf = "/etc/nginx/nginx.conf" + self.lines = [f for f in open(self.nginxConf)] + self.ssl_dir = sslDir + self.serverBlockIndex = self.getServerBlockIndex() + self.currentSSLCerts = self.getCurrentSSLCerts() + + + def checkSSLCertsExist(self): + flags = [".key", ".cer"] + if os.path.isdir(self.ssl_dir): + for file in os.listdir(self.ssl_dir): + for flag in flags: + if flag in file: + flags.remove(flag) + if flags: + return False + else: + return True + + def getCurrentSSLCerts(self): + certs = [] + index = self.serverBlockIndex + for line in self.lines[index:]: + if "ssl_certificate" in line: + i = line.rfind("/") + certs.append(line[i+1:].strip(";\n")) + + return certs + + + def getServerBlockIndex(self): + index = 0 + for line in self.lines: + if ("listen" in line) and not ("80" in line or "443" in line): + return index + index = index + 1 + + return False + + + def checkSSLConfigStatus(self): + index = self.serverBlockIndex + for line in self.lines[index:]: + if "1471 ssl;" in line: + return True + + return False + + + def addSSLConfig(self, keyName): + + # Check if SSL has already been configured for port 1471 + if self.checkSSLConfigStatus(): + return True + + index = 0 + cert = keyName + ".cer" + key = keyName + ".key" + + with open(self.nginxConf, "w") as out: + for line in self.lines: + if index == self.serverBlockIndex: + line = "\t\tlisten\t1471 ssl;\n" + + if index > self.serverBlockIndex: + if "root /pineapple/;" in line: + self.lines.insert(index + 1, "\t\tssl_certificate /etc/nginx/ssl/" + cert + ";\n" + "\t\tssl_certificate_key /etc/nginx/ssl/" + key + ";\n" + "\t\tssl_protocols TLSv1 TLSv1.1 TLSv1.2;\n") + index = index + 1 + out.write(line) + call(["/etc/init.d/nginx", "reload"]) + + return True + + def replaceSSLConfig(self, newKey): + cert = newKey + ".cer" + key = newKey + ".key" + currentKey = self.currentSSLCerts[0].rsplit(".")[0] + index = 0 + + with open(self.nginxConf, "w") as out: + for line in self.lines: + if index > self.serverBlockIndex: + if (currentKey + ".cer") in line: + line = "\t\tssl_certificate /etc/nginx/ssl/" + cert + ";\n" + + if (currentKey + ".key") in line: + line = "\t\tssl_certificate_key /etc/nginx/ssl/" + key + ";\n" + + index = index + 1 + out.write(line) + + call(["/etc/init.d/nginx", "reload"]) + + + def removeSSLConfig(self): + index = 0 + with open(self.nginxConf, "w") as out: + for line in self.lines: + if index == self.serverBlockIndex: + line = "\t\tlisten\t1471;\n" + + if index > self.serverBlockIndex: + if "ssl_certificate" in line or "ssl_protocols" in line: + continue + + index = index + 1 + out.write(line) + + call(["/etc/init.d/nginx", "reload"]) \ No newline at end of file diff --git a/Papers/includes/ssh/.gitignore b/Papers/includes/ssh/.gitignore deleted file mode 100644 index 49cc8ef0e116cef009fe0bd72473a964bbd07f9b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 6 NcmezWkC%aq0RRg=0u=xN diff --git a/Papers/includes/ssl/.gitignore b/Papers/includes/ssl/.gitignore deleted file mode 100644 index 49cc8ef0e116cef009fe0bd72473a964bbd07f9b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 6 NcmezWkC%aq0RRg=0u=xN diff --git a/Papers/js/module.js b/Papers/js/module.js index 3d8d094..c1b8e50 100755 --- a/Papers/js/module.js +++ b/Papers/js/module.js @@ -404,7 +404,7 @@ registerController('PapersController', ['$api', '$scope', '$sce', '$http', funct $http.post("/modules/Papers/api/module.php", fd, { transformRequest: angular.identity, headers: {'Content-Type': undefined} - }).success(function(response) { + }).then(function(response) { for (var key in response) { if (response.hasOwnProperty(key)) { if (response.key == "Failed") { @@ -418,7 +418,23 @@ registerController('PapersController', ['$api', '$scope', '$sce', '$http', funct }); }); + $scope.init = (function(){ + $api.request({ + module: 'Papers', + action: 'init' + },function(response){ + if (response.success == false) { + if (response.message != '') { + $scope.getLogs(); + } else { + alert(response.message); + } + } + }); + }); + // Init + $scope.init(); $scope.checkDepends(); $scope.refresh(); }]) diff --git a/PortalAuth/README.md b/PortalAuth/README.md deleted file mode 100755 index 0c64461..0000000 --- a/PortalAuth/README.md +++ /dev/null @@ -1,2 +0,0 @@ -# PortalAuth -Captive portal cloner and payload distributor for the WiFi Pineapple NANO and TETRA diff --git a/PortalAuth/api/module.php b/PortalAuth/api/module.php index 2fcfd36..f1d04a6 100755 --- a/PortalAuth/api/module.php +++ b/PortalAuth/api/module.php @@ -94,6 +94,9 @@ class PortalAuth extends Module { public function route() { switch($this->request->action) { + case 'init': + $this->init(); + break; case 'depends': $this->depends($this->request->params); break; @@ -224,6 +227,19 @@ class PortalAuth extends Module } } + /* ============================ */ + /* INIT FUNCTIONS */ + /* ============================ */ + + private function init() { + if (!file_exists(__LOGS__)) { + if (!mkdir(__LOGS__, 0755, true)) { + $this->respond(false, "Failed to create logs directory"); + return false; + } + } + } + //============================// // DEPENDENCY FUNCTIONS // //============================// diff --git a/PortalAuth/js/module.js b/PortalAuth/js/module.js index 482880a..3eb7300 100755 --- a/PortalAuth/js/module.js +++ b/PortalAuth/js/module.js @@ -716,8 +716,25 @@ registerController('PortalAuthController', ['$api', '$scope', '$sce', '$interval $interval.cancel($scope.stop); $scope.stop = undefined; }); - + + // Init + $scope.init = (function(){ + $api.request({ + module: 'PortalAuth', + action: 'init' + },function(response){ + if (response.success == false) { + if (response.message != '') { + $scope.getLogs(); + } else { + alert(response.message); + } + } + }); + }); + // Init functions + $scope.init(); $scope.depends("-check"); $scope.isOnline(); $scope.checkTestServerConfig();