mirror of https://github.com/n1nj4sec/pupy.git
adding drop option to sessions command
This commit is contained in:
parent
ea7879ad6d
commit
d5a5a83575
|
@ -36,10 +36,8 @@ try:
|
|||
module_name=path.rsplit('/',2)[1]
|
||||
add_transport(module_name)
|
||||
except Exception as e:
|
||||
print e
|
||||
pass
|
||||
except Exception as e:
|
||||
print e
|
||||
import transports as trlib
|
||||
#imports for pupygen and the pupysh server
|
||||
for loader, module_name, is_pkg in pkgutil.iter_modules(trlib.__path__):
|
||||
|
|
|
@ -99,9 +99,9 @@ class PupyAsyncServer(object):
|
|||
def handle_new_conn(self, conn):
|
||||
try:
|
||||
conn._init_service()
|
||||
conn.serve_all()
|
||||
#while True:
|
||||
# conn.serve(0.01)
|
||||
#conn.serve_all()
|
||||
while True:
|
||||
conn.serve(0.01)
|
||||
except Exception as e:
|
||||
logging.error(e)
|
||||
|
||||
|
@ -139,7 +139,7 @@ class PupyAsyncTCPServer(PupyAsyncServer):
|
|||
continue
|
||||
try:
|
||||
s.bind(sa)
|
||||
s.listen(100)
|
||||
s.listen(5)
|
||||
except socket.error as msg:
|
||||
s.close()
|
||||
s = None
|
||||
|
@ -322,9 +322,9 @@ class PupyUDPServer(object):
|
|||
def handle_new_conn(self, conn):
|
||||
try:
|
||||
conn._init_service()
|
||||
conn.serve_all()
|
||||
#while True:
|
||||
# conn.serve(0.01)
|
||||
#conn.serve_all()
|
||||
while True:
|
||||
conn.serve(0.01)
|
||||
except Exception as e:
|
||||
logging.error(e)
|
||||
|
||||
|
|
|
@ -1,283 +0,0 @@
|
|||
# -*- coding: UTF8 -*-
|
||||
# Copyright (c) 2015, Nicolas VERDIER (contact@n1nj4.eu)
|
||||
# Pupy is under the BSD 3-Clause license. see the LICENSE file at the root of the project for the detailed licence terms
|
||||
|
||||
import os
|
||||
import logging
|
||||
from .lib.servers import PupyTCPServer, PupyAsyncTCPServer
|
||||
from .lib.clients import PupyTCPClient, PupySSLClient, PupyProxifiedTCPClient, PupyProxifiedSSLClient, PupyAsyncClient
|
||||
from .lib.transports.dummy import DummyPupyTransport
|
||||
from .lib.transports.b64 import B64Client, B64Server, B64Transport
|
||||
from .lib.transports.http import PupyHTTPClient, PupyHTTPServer
|
||||
from .lib.transports.xor import XOR
|
||||
from .lib.transports.aes import AES256, AES128
|
||||
from .lib.transports.rsa_aes import RSA_AESClient, RSA_AESServer
|
||||
import rsa
|
||||
try:
|
||||
from .lib.transports.obfs3.obfs3 import Obfs3Client, Obfs3Server
|
||||
obfs3_available=True
|
||||
except ImportError as e:
|
||||
#to make pupy works even without obfs3 dependencies
|
||||
logging.warning("%s. The obfs3 transport has been disabled."%e)
|
||||
obfs3_available=False
|
||||
|
||||
try:
|
||||
from .lib.transports.scramblesuit.scramblesuit import ScrambleSuitClient, ScrambleSuitServer
|
||||
scramblesuit_available=True
|
||||
except ImportError as e:
|
||||
#to make pupy works even without scramblesuit dependencies
|
||||
logging.warning("%s. The scramblesuit transport has been disabled."%e)
|
||||
scramblesuit_available=False
|
||||
from .lib.streams import *
|
||||
from .lib.launchers.simple import SimpleLauncher
|
||||
from .lib.launchers.auto_proxy import AutoProxyLauncher
|
||||
from .lib.launchers.bind import BindLauncher
|
||||
from .lib.base import chain_transports
|
||||
try:
|
||||
import ConfigParser as configparser
|
||||
except ImportError:
|
||||
import configparser
|
||||
from rpyc.utils.authenticators import SSLAuthenticator
|
||||
|
||||
ssl_auth=None
|
||||
|
||||
def ssl_authenticator():
|
||||
config = configparser.ConfigParser()
|
||||
config.read("pupy.conf")
|
||||
return SSLAuthenticator(config.get("pupyd","keyfile").replace("\\",os.sep).replace("/",os.sep), config.get("pupyd","certfile").replace("\\",os.sep).replace("/",os.sep), ciphers="SHA256+AES256:SHA1+AES256:@STRENGTH")
|
||||
|
||||
#scramblesuit password must be 20 char long
|
||||
scramblesuit_passwd="th!s_iS_pupy_sct_k3y"
|
||||
|
||||
DEFAULT_RSA_PUB_KEY="""
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIICCgKCAgEAu1AvqNawlgXdpT3s0/YoOSj3bSsGOd2UXrDKmEt3VkGvDVyxllwm
|
||||
9TctdCIS8X9ziOtpSH2yYcS1zwVD0qb/Dt6im6Z0jiaiizsZPqJL16SfmP7b41ub
|
||||
iCcM4a3gI1wRxt3HtBDgqPVZTqsKPsC3m6fiWfOQCy9CmLSBlwwE+9+elnUG4pvA
|
||||
XQn0KDdrnzo5qGLxFyj9/jLI4y+rhS9DlwgsmFd42MCaJ/CgceM7QChN0zjxxT23
|
||||
Y/RSR6wnYKasDbz7KoCa/QkYpvN4XqmvUZVQDI2y8F87ta/Cqo3UMEz5hNYt96LU
|
||||
KN2qXNVOeiCO57tFFriWnKk6cAFHgrGzwA23xKUYB9/YivaEMjrh7C3907B+I1bK
|
||||
t/BXOxdRwbTHkWQWrpxfUGs+5LJzwwsixzNJOifqgFyZTef6EyNTwSyr0oRslNk7
|
||||
JIrE1Lab5Ve26+M92pCrs/UOIxpSWSKRmJeWcyAiw3crYrzAxC9r654BnmCfeWtn
|
||||
MRAWmUrljx6aJSojTAbeY9aDDrYQRuQ7VevO+SHxYwOG/1Jq+qgznTN3zroUI97w
|
||||
5g1oVVJrthUrYQZYKboaiEZmQckxLU5ca9pAyXu/o4pa1ez4a14YbollG9bjSnbK
|
||||
+qRicAn26w5undwWlPX52DnrOw0v9sAqazfzG5rMH7mKWnSDvHPWOAsCAwEAAQ==
|
||||
-----END RSA PUBLIC KEY-----
|
||||
"""
|
||||
|
||||
transports={}
|
||||
launchers={}
|
||||
|
||||
transports["ssl"]={
|
||||
"info" : "TCP transport wrapped with SSL",
|
||||
"server" : PupyTCPServer,
|
||||
"client": PupySSLClient,
|
||||
"client_kwargs" : {},
|
||||
"authenticator" : ssl_authenticator,
|
||||
"stream": PupySocketStream ,
|
||||
"client_transport" : DummyPupyTransport,
|
||||
"server_transport" : DummyPupyTransport,
|
||||
"client_transport_kwargs": {},
|
||||
"server_transport_kwargs": {},
|
||||
}
|
||||
|
||||
|
||||
transports["http"]={
|
||||
"info" : "TCP transport using HTTP with RSA+AES",
|
||||
"server" : PupyTCPServer,
|
||||
"client": PupyTCPClient,
|
||||
"client_kwargs" : {},
|
||||
"authenticator" : None,
|
||||
"stream": PupySocketStream ,
|
||||
"client_transport" : chain_transports(
|
||||
PupyHTTPClient.custom(keep_alive=True),
|
||||
RSA_AESClient.custom(pubkey=DEFAULT_RSA_PUB_KEY, rsa_key_size=4096, aes_size=256),
|
||||
),
|
||||
"server_transport" : chain_transports(
|
||||
PupyHTTPServer,
|
||||
RSA_AESServer.custom(privkey_path="crypto/rsa_private_key.pem", rsa_key_size=4096, aes_size=256),
|
||||
),
|
||||
"client_transport_kwargs": {},
|
||||
"server_transport_kwargs": {},
|
||||
}
|
||||
|
||||
if obfs3_available:
|
||||
transports["obfs3"]={
|
||||
"info" : "TCP transport using obfsproxy's obfs3 transport with a extra rsa+aes layer",
|
||||
"server" : PupyTCPServer,
|
||||
"client": PupyTCPClient,
|
||||
"client_kwargs" : {},
|
||||
"authenticator" : None,
|
||||
"stream": PupySocketStream ,
|
||||
"client_transport" : chain_transports(
|
||||
Obfs3Client,
|
||||
RSA_AESClient.custom(pubkey=DEFAULT_RSA_PUB_KEY, rsa_key_size=4096, aes_size=256),
|
||||
),
|
||||
"server_transport" : chain_transports(
|
||||
Obfs3Server,
|
||||
RSA_AESServer.custom(privkey_path="crypto/rsa_private_key.pem", rsa_key_size=4096, aes_size=256),
|
||||
),
|
||||
"client_transport_kwargs": {},
|
||||
"server_transport_kwargs": {},
|
||||
}
|
||||
|
||||
if scramblesuit_available:
|
||||
transports["scramblesuit"]={
|
||||
"info" : "TCP transport using the obfsproxy's scramblesuit transport with a extra rsa+aes layer",
|
||||
"server" : PupyTCPServer,
|
||||
"client": PupyTCPClient,
|
||||
"client_kwargs" : {},
|
||||
"authenticator" : None,
|
||||
"stream": PupySocketStream ,
|
||||
"client_transport" : chain_transports(
|
||||
ScrambleSuitClient,
|
||||
RSA_AESClient.custom(pubkey=DEFAULT_RSA_PUB_KEY, rsa_key_size=4096, aes_size=256),
|
||||
),
|
||||
"server_transport" : chain_transports(
|
||||
ScrambleSuitServer,
|
||||
RSA_AESServer.custom(privkey_path="crypto/rsa_private_key.pem", rsa_key_size=4096, aes_size=256),
|
||||
),
|
||||
"client_transport_kwargs": {"password":scramblesuit_passwd},
|
||||
"server_transport_kwargs": {"password":scramblesuit_passwd},
|
||||
}
|
||||
|
||||
#
|
||||
# The following commented transports are unsafe ones or transports without any special interest compared to other above but can be useful for tests and examples
|
||||
#
|
||||
|
||||
#transports["tcp"]={
|
||||
# "info" : "Simple TCP transport transmitting in cleartext",
|
||||
# "server" : PupyTCPServer,
|
||||
# "client": PupyTCPClient,
|
||||
# "client_kwargs" : {},
|
||||
# "authenticator" : None,
|
||||
# "stream": PupySocketStream ,
|
||||
# "client_transport" : DummyPupyTransport,
|
||||
# "server_transport" : DummyPupyTransport,
|
||||
# "client_transport_kwargs": {},
|
||||
# "server_transport_kwargs": {},
|
||||
# }
|
||||
#transports["http_cleartext"]={ #TODO fill with empty requests/response between each request/response to have only a following of req/res and not unusual things like req/req/req/res/res/req ...
|
||||
# "info" : "TCP transport using HTTP with base64 encoded payloads (synchrone with Keep-Alive headers and one 3-way-handshake)",
|
||||
# "server" : PupyTCPServer,
|
||||
# "client": PupyTCPClient,
|
||||
# "client_kwargs" : {},
|
||||
# "authenticator" : None,
|
||||
# "stream": PupySocketStream ,
|
||||
# "client_transport" : PupyHTTPClient,
|
||||
# "server_transport" : PupyHTTPServer,
|
||||
# "client_transport_kwargs": {},
|
||||
# "server_transport_kwargs": {},
|
||||
# }
|
||||
#
|
||||
#transports["ssl_proxy"]={
|
||||
# "info" : "TCP transport wrapped with SSL and passing through a SOCKS4/SOCKS5/HTTP proxy",
|
||||
# "server" : PupyTCPServer,
|
||||
# "client": PupyProxifiedSSLClient,
|
||||
# "client_kwargs" : {'proxy_addr': None, 'proxy_port': None, 'proxy_type':'HTTP'},
|
||||
# "authenticator" : ssl_authenticator,
|
||||
# "stream": PupySocketStream ,
|
||||
# "client_transport" : DummyPupyTransport,
|
||||
# "server_transport" : DummyPupyTransport,
|
||||
# "client_transport_kwargs": {},
|
||||
# "server_transport_kwargs": {},
|
||||
# }
|
||||
#transports["ssl_aes"]={
|
||||
# "info" : "TCP transport wrapped with SSL and AES",
|
||||
# "server" : PupyTCPServer,
|
||||
# "client": PupySSLClient,
|
||||
# "client_kwargs" : {},
|
||||
# "authenticator" : ssl_authenticator,
|
||||
# "stream": PupySocketStream ,
|
||||
# "client_transport" : AES256.custom(iterations=10000),
|
||||
# "server_transport" : AES256.custom(iterations=10000),
|
||||
# "client_transport_kwargs": {"password" : "Pupy_d3f4uld_p4sS"},
|
||||
# "server_transport_kwargs": {"password" : "Pupy_d3f4uld_p4sS"},
|
||||
# }
|
||||
#transports["tcp_aes"]={
|
||||
# "info" : "TCP transport that encodes traffic using AES256 with a static password hashed with PBKDF2",
|
||||
# "server" : PupyTCPServer,
|
||||
# "client": PupyTCPClient,
|
||||
# "client_kwargs" : {},
|
||||
# "authenticator" : None,
|
||||
# "stream": PupySocketStream ,
|
||||
# "client_transport" : AES256,
|
||||
# "server_transport" : AES256,
|
||||
# "client_transport_kwargs": {"password": "pupy_t3st_p4s5word"},
|
||||
# "server_transport_kwargs": {"password": "pupy_t3st_p4s5word"},
|
||||
# }
|
||||
#
|
||||
#
|
||||
#transports["tcp_rsa_aes"]={
|
||||
# "info" : "TCP transport that encodes traffic using AES256 with a static password hashed with PBKDF2",
|
||||
# "server" : PupyTCPServer,
|
||||
# "client": PupyTCPClient,
|
||||
# "client_kwargs" : {},
|
||||
# "authenticator" : None,
|
||||
# "stream": PupySocketStream ,
|
||||
# "client_transport" : RSA_AESClient.custom(pubkey=DEFAULT_RSA_PUB_KEY, rsa_key_size=4096, aes_size=128),
|
||||
# "server_transport" : RSA_AESServer.custom(privkey_path="crypto/rsa_private_key.pem", rsa_key_size=4096, aes_size=128),
|
||||
# "client_transport_kwargs": {"password": "pupy_t3st_p4s5word"},
|
||||
# "server_transport_kwargs": {"password": "pupy_t3st_p4s5word"},
|
||||
# }
|
||||
#
|
||||
#transports["trololo"]={
|
||||
# "info" : "test wrapping",
|
||||
# "server" : PupyTCPServer,
|
||||
# "client": PupyTCPClient,
|
||||
# "client_kwargs" : {},
|
||||
# "authenticator" : None,
|
||||
# "stream": PupySocketStream ,
|
||||
# "client_transport" : chain_transports(
|
||||
# PupyHTTPClient.custom(method="POST", user_agent="Mozilla 5.0", keep_alive=True),
|
||||
# B64Transport,
|
||||
# PupyHTTPClient.custom(method="GET", user_agent="Mozilla-ception", keep_alive=True),
|
||||
# XOR.custom(xorkey="trololo"),
|
||||
# AES256.custom(password="plop2", iterations=10000),
|
||||
# RSA_AESClient.custom(pubkey_path="crypto/rsa_public_key.pem", rsa_key_size=4096, aes_size=256),
|
||||
# AES128.custom(password="plop1", iterations=10000),
|
||||
# ),
|
||||
# "server_transport" : chain_transports(
|
||||
# PupyHTTPServer.custom(response_code="418 I'm a teapot"),
|
||||
# B64Transport,
|
||||
# PupyHTTPServer,
|
||||
# XOR.custom(xorkey="trololo"),
|
||||
# AES256.custom(password="plop2", iterations=10000),
|
||||
# RSA_AESServer.custom(privkey_path="crypto/rsa_private_key.pem", rsa_key_size=4096, aes_size=256),
|
||||
# AES128.custom(password="plop1", iterations=10000),
|
||||
# ),
|
||||
# "client_transport_kwargs": {},
|
||||
# "server_transport_kwargs": {},
|
||||
# }
|
||||
#
|
||||
#transports["async_http_cleartext"]={
|
||||
# "info" : "TCP transport using HTTP with base64 encoded payloads (asynchrone with client pulling the server and multiple 3-way handshakes (slow))",
|
||||
# "server" : PupyAsyncTCPServer,
|
||||
# "client": PupyAsyncClient,
|
||||
# "client_kwargs" : {},
|
||||
# "authenticator" : None,
|
||||
# "stream": PupyAsyncTCPStream ,
|
||||
# "client_transport" : PupyHTTPClient.custom(keep_alive=False),
|
||||
# "server_transport" : PupyHTTPServer,
|
||||
# "client_transport_kwargs": {},
|
||||
# "server_transport_kwargs": {},
|
||||
# }
|
||||
#
|
||||
#transports["tcp_cleartext_proxy"]={
|
||||
# "info" : "TCP transport transmitting in cleartext and passing through a SOCKS4/SOCKS5/HTTP proxy",
|
||||
# "server" : PupyTCPServer,
|
||||
# "client": PupyProxifiedTCPClient,
|
||||
# "client_kwargs" : {'proxy_addr':'127.0.0.1', 'proxy_port':8080, 'proxy_type':'HTTP'},
|
||||
# "authenticator" : None,
|
||||
# "stream": PupySocketStream ,
|
||||
# "client_transport" : DummyPupyTransport,
|
||||
# "server_transport" : DummyPupyTransport,
|
||||
# "client_transport_kwargs": {},
|
||||
# "server_transport_kwargs": {},
|
||||
# }
|
||||
|
||||
launchers["connect"]=SimpleLauncher
|
||||
launchers["simple"]=SimpleLauncher # keeped for backward-compatibility with old windows templates
|
||||
launchers["auto_proxy"]=AutoProxyLauncher
|
||||
launchers["bind"]=BindLauncher
|
||||
|
|
@ -439,6 +439,7 @@ class PupyCmd(cmd.Cmd):
|
|||
arg_parser.add_argument('-g', '--global-reset', action='store_true', help="reset --interact to the default global behavior")
|
||||
arg_parser.add_argument('-l', dest='list', action='store_true', help='List all active sessions')
|
||||
arg_parser.add_argument('-k', dest='kill', metavar='<id>', type=int, help='Kill the selected session')
|
||||
arg_parser.add_argument('-d', dest='drop', metavar='<id>', type=int, help='Drop the connection (abruptly close the socket)')
|
||||
try:
|
||||
modargs=arg_parser.parse_args(shlex.split(arg))
|
||||
except PupyModuleExit:
|
||||
|
@ -457,6 +458,14 @@ class PupyCmd(cmd.Cmd):
|
|||
selected_client[0].conn.exit()
|
||||
except Exception:
|
||||
pass
|
||||
elif modargs.drop:
|
||||
selected_client = self.pupsrv.get_clients(modargs.drop)
|
||||
if selected_client:
|
||||
try:
|
||||
selected_client[0].conn._conn.close()
|
||||
except Exception:
|
||||
pass
|
||||
|
||||
elif modargs.list or not arg:
|
||||
client_list=self.pupsrv.get_clients_list()
|
||||
self.display(PupyCmd.table_format([x.desc for x in client_list], wl=["id", "user", "hostname", "platform", "release", "os_arch", "address"]))
|
||||
|
|
|
@ -329,6 +329,7 @@ class PupyServer(threading.Thread):
|
|||
launcher.arg_parser.print_usage()
|
||||
return
|
||||
stream=launcher.iterate().next()
|
||||
self.handler.display_info("Connecting ...")
|
||||
conn=rpyc.utils.factory.connect_stream(stream, PupyService.PupyBindService, {})
|
||||
bgsrv=rpyc.BgServingThread(conn)
|
||||
bgsrv.SLEEP_INTERVAL=0.001 # consume ressources but faster response ...
|
||||
|
|
Loading…
Reference in New Issue