Permalink
Cannot retrieve contributors at this time
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
exfiltratR/src/ex_alice.py
Go to fileThis commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
executable file
84 lines (67 sloc)
2.72 KB
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import exf | |
| import pathlib | |
| import filename_sanitizer | |
| import base64 | |
| import re | |
| def splitQuery(q): | |
| """This function will take data and put it into a dictionary | |
| Args: | |
| None are required for this function | |
| Returns: | |
| Dictionary: Completed dictionary with keys and pairs """ | |
| if len(q) == 0: print("No data received.") # Stop error if no data | |
| else: | |
| try: | |
| content = dict(subString.split("=") for subString in q.split("&")) # Split string query into dictionary | |
| except: | |
| print("Sorry... Data was in the incorrect format") # Catch error if query data is incorrect format | |
| for i in content: | |
| value = content[i] | |
| if ("-" or "." in value): # If decimal or dash in string... | |
| numberType.is_float(value) # Check to see if it's a float number | |
| if numberType.is_float(value) == True: value=float(value) # Convert to str >> float | |
| elif numberType.is_integer(value) == True: value=int(value) # Convert to str >> int | |
| return content | |
| def handleRequest(data, outDir): | |
| """ Handles a request, saving any given data into outDir """ | |
| #Use pathlib to find the last name in the path | |
| requestedPath=pathlib.Path(data["path"]) | |
| #Use the filename sanitizer to strip out anything dangerous | |
| sanitizedPath= filename_sanitizer.sanitize_path_fragment(requestedPath.name,target_file_systems={'ext', 'ntfs_win32'},replacement="_") | |
| #Now add the filename to the end of the ourput firectory | |
| path=pathlib.Path(outDir)/sanitizedPath | |
| #Did we get a GET request? | |
| if data["command"]=="GET": | |
| #Divide up the parameters | |
| q=splitQuery(data["query"]) | |
| #If there is some content... | |
| if "content" in q: | |
| print(f"Saving {q['content']} to {path}") | |
| with path.open("ba") as f: | |
| #Content is appended to a file. Needs to be decoded... | |
| got=q["content"] | |
| print("got:",got) | |
| raw=base64.b16decode(got) | |
| f.write(raw) | |
| else: | |
| print("No data") | |
| elif data["command"]=="POST": | |
| q = splitQuery(data["query"]) | |
| if "content" in q: | |
| post=q["content"] | |
| else: | |
| print("No data") | |
| else: | |
| print("Unsupported request command") | |
| #Advanced task: Switch to using POST requests. Content of the | |
| #request is data, parameters can be used to change from append | |
| #to overwrite, or request a file contents to be sent back | |
| return | |
| if __name__=="__main__": | |
| h=exf.HTTPCatcher(31337) | |
| h.enableSSL() | |
| while not h.quit: | |
| data=h.serve() | |
| if data!=None: | |
| handleRequest(data, "./output") |