noraj/BetterSSH.py

## BetterSSH.py
import sys
import random, string
import os
import time
import crypt
import traceback
import subprocess

path = ''.join(random.choices(string.ascii_letters + string.digits, k=8))
session = {"user": "", "authenticated": 0}
try:
    session['user'] = input("Enter username: ")
    passW = input("Enter password: ")

    with open('/etc/shadow', 'r') as f:
        data = f.readlines()
    data = [(p.split(":") if "$" in p else None) for p in data]
    passwords = []
    for x in data:
        if not x == None:
            passwords.append(x)

    passwordFile = '\n'.join(['\n'.join(p) for p in passwords])
    with open('/tmp/SSH/'+path, 'w') as f:
        f.write(passwordFile)
    time.sleep(.1)
    salt = ""
    realPass = ""
    for p in passwords:
        if p[0] == session['user']:
            salt, realPass = p[1].split('$')[2:]
            break

    if salt == "":
        print("Invalid user")
        os.remove('/tmp/SSH/'+path)
        sys.exit(0)
    salt = '$6$'+salt+'$'
    realPass = salt + realPass

    hash = crypt.crypt(passW, salt)

    if hash == realPass:
        print("Authed!")
        session['authenticated'] = 1
    else:
        print("Incorrect pass")
        os.remove('/tmp/SSH/'+path)
        sys.exit(0)
    os.remove(os.path.join('/tmp/SSH/',path))
except Exception as e:
    traceback.print_exc()
    sys.exit(0)

if session['authenticated'] == 1:
    while True:
        command = input(session['user'] + "@Obscure$ ")
        cmd = ['sudo', '-u',  session['user']]
        cmd.extend(command.split(" "))
        proc = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE)

        o,e = proc.communicate()
        print('Output: ' + o.decode('ascii'))
        print('Error: '  + e.decode('ascii')) if len(e.decode('ascii')) > 0 else print('')

## SuperSecureCrypt.py
import sys
import argparse

def encrypt(text, key):
    keylen = len(key)
    keyPos = 0
    encrypted = ""
    for x in text:
        keyChr = key[keyPos]
        newChr = ord(x)
        newChr = chr((newChr + ord(keyChr)) % 255)
        encrypted += newChr
        keyPos += 1
        keyPos = keyPos % keylen
    return encrypted

def decrypt(text, key):
    keylen = len(key)
    keyPos = 0
    decrypted = ""
    for x in text:
        keyChr = key[keyPos]
        newChr = ord(x)
        newChr = chr((newChr - ord(keyChr)) % 255)
        decrypted += newChr
        keyPos += 1
        keyPos = keyPos % keylen
    return decrypted

parser = argparse.ArgumentParser(description='Encrypt with 0bscura\'s encryption algorithm')

parser.add_argument('-i',
                    metavar='InFile',
                    type=str,
                    help='The file to read',
                    required=False)

parser.add_argument('-o',
                    metavar='OutFile',
                    type=str,
                    help='Where to output the encrypted/decrypted file',
                    required=False)

parser.add_argument('-k',
                    metavar='Key',
                    type=str,
                    help='Key to use',
                    required=False)

parser.add_argument('-d', action='store_true', help='Decrypt mode')

args = parser.parse_args()

banner = "################################\n"
banner+= "#           BEGINNING          #\n"
banner+= "#    SUPER SECURE ENCRYPTOR    #\n"
banner+= "################################\n"
banner += "  ############################\n"
banner += "  #        FILE MODE         #\n"
banner += "  ############################"
print(banner)
if args.o == None or args.k == None or args.i == None:
    print("Missing args")
else:
    if args.d:
        print("Opening file {0}...".format(args.i))
        with open(args.i, 'r', encoding='UTF-8') as f:
            data = f.read()

        print("Decrypting...")
        decrypted = decrypt(data, args.k)

        print("Writing to {0}...".format(args.o))
        with open(args.o, 'w', encoding='UTF-8') as f:
            f.write(decrypted)
    else:
        print("Opening file {0}...".format(args.i))
        with open(args.i, 'r', encoding='UTF-8') as f:
            data = f.read()

        print("Encrypting...")
        encrypted = encrypt(data, args.k)

        print("Writing to {0}...".format(args.o))
        with open(args.o, 'w', encoding='UTF-8') as f:
            f.write(encrypted)

## SuperSecureServer.py
import socket
import threading
from datetime import datetime
import sys
import os
import mimetypes
import urllib.parse
import subprocess

respTemplate = """HTTP/1.1 {statusNum} {statusCode}
Date: {dateSent}
Server: {server}
Last-Modified: {modified}
Content-Length: {length}
Content-Type: {contentType}
Connection: {connectionType}

{body}
"""
DOC_ROOT = "DocRoot"

CODES = {"200": "OK",
        "304": "NOT MODIFIED",
        "400": "BAD REQUEST", "401": "UNAUTHORIZED", "403": "FORBIDDEN", "404": "NOT FOUND",
        "500": "INTERNAL SERVER ERROR"}

MIMES = {"txt": "text/plain", "css":"text/css", "html":"text/html", "png": "image/png", "jpg":"image/jpg",
        "ttf":"application/octet-stream","otf":"application/octet-stream", "woff":"font/woff", "woff2": "font/woff2",
        "js":"application/javascript","gz":"application/zip", "py":"text/plain", "map": "application/octet-stream"}


class Response:
    def __init__(self, **kwargs):
        self.__dict__.update(kwargs)
        now = datetime.now()
        self.dateSent = self.modified = now.strftime("%a, %d %b %Y %H:%M:%S")
    def stringResponse(self):
        return respTemplate.format(**self.__dict__)

class Request:
    def __init__(self, request):
        self.good = True
        try:
            request = self.parseRequest(request)
            self.method = request["method"]
            self.doc = request["doc"]
            self.vers = request["vers"]
            self.header = request["header"]
            self.body = request["body"]
        except:
            self.good = False

    def parseRequest(self, request):
        req = request.strip("\r").split("\n")
        method,doc,vers = req[0].split(" ")
        header = req[1:-3]
        body = req[-1]
        headerDict = {}
        for param in header:
            pos = param.find(": ")
            key, val = param[:pos], param[pos+2:]
            headerDict.update({key: val})
        return {"method": method, "doc": doc, "vers": vers, "header": headerDict, "body": body}


class Server:
    def __init__(self, host, port):
        self.host = host
        self.port = port
        self.sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
        self.sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
        self.sock.bind((self.host, self.port))

    def listen(self):
        self.sock.listen(5)
        while True:
            client, address = self.sock.accept()
            client.settimeout(60)
            threading.Thread(target = self.listenToClient,args = (client,address)).start()

    def listenToClient(self, client, address):
        size = 1024
        while True:
            try:
                data = client.recv(size)
                if data:
                    # Set the response to echo back the recieved data
                    req = Request(data.decode())
                    self.handleRequest(req, client, address)
                    client.shutdown()
                    client.close()
                else:
                    raise error('Client disconnected')
            except:
                client.close()
                return False

    def handleRequest(self, request, conn, address):
        if request.good:
#            try:
                # print(str(request.method) + " " + str(request.doc), end=' ')
                # print("from {0}".format(address[0]))
#            except Exception as e:
#                print(e)
            document = self.serveDoc(request.doc, DOC_ROOT)
            statusNum=document["status"]
        else:
            document = self.serveDoc("/errors/400.html", DOC_ROOT)
            statusNum="400"
        body = document["body"]

        statusCode=CODES[statusNum]
        dateSent = ""
        server = "BadHTTPServer"
        modified = ""
        length = len(body)
        contentType = document["mime"] # Try and identify MIME type from string
        connectionType = "Closed"


        resp = Response(
        statusNum=statusNum, statusCode=statusCode,
        dateSent = dateSent, server = server,
        modified = modified, length = length,
        contentType = contentType, connectionType = connectionType,
        body = body
        )

        data = resp.stringResponse()
        if not data:
            return -1
        conn.send(data.encode())
        return 0

    def serveDoc(self, path, docRoot):
        path = urllib.parse.unquote(path)
        try:
            info = "output = 'Document: {}'" # Keep the output for later debug
            exec(info.format(path)) # This is how you do string formatting, right?
            print(info.format(path))
            cwd = os.path.dirname(os.path.realpath(__file__))
            docRoot = os.path.join(cwd, docRoot)
            if path == "/":
                path = "/index.html"
            requested = os.path.join(docRoot, path[1:])
            if os.path.isfile(requested):
                mime = mimetypes.guess_type(requested)
                mime = (mime if mime[0] != None else "text/html")
                mime = MIMES[requested.split(".")[-1]]
                try:
                    with open(requested, "r") as f:
                        data = f.read()
                except:
                    with open(requested, "rb") as f:
                        data = f.read()
                status = "200"
            else:
                errorPage = os.path.join(docRoot, "errors", "404.html")
                mime = "text/html"
                with open(errorPage, "r") as f:
                    data = f.read().format(path)
                status = "404"
        except Exception as e:
            print(e)
            errorPage = os.path.join(docRoot, "errors", "500.html")
            mime = "text/html"
            with open(errorPage, "r") as f:
                data = f.read()
            status = "500"
        return {"body": data, "mime": mime, "status": status}

serv = Server('127.0.0.1', 7777)
serv.listen()
	import sys
	import random, string
	import os
	import time
	import crypt
	import traceback
	import subprocess

	path = ''.join(random.choices(string.ascii_letters + string.digits, k=8))
	session = {"user": "", "authenticated": 0}
	try:
	session['user'] = input("Enter username: ")
	passW = input("Enter password: ")

	with open('/etc/shadow', 'r') as f:
	data = f.readlines()
	data = [(p.split(":") if "$" in p else None) for p in data]
	passwords = []
	for x in data:
	if not x == None:
	passwords.append(x)

	passwordFile = '\n'.join(['\n'.join(p) for p in passwords])
	with open('/tmp/SSH/'+path, 'w') as f:
	f.write(passwordFile)
	time.sleep(.1)
	salt = ""
	realPass = ""
	for p in passwords:
	if p[0] == session['user']:
	salt, realPass = p[1].split('$')[2:]
	break

	if salt == "":
	print("Invalid user")
	os.remove('/tmp/SSH/'+path)
	sys.exit(0)
	salt = '$6$'+salt+'$'
	realPass = salt + realPass

	hash = crypt.crypt(passW, salt)

	if hash == realPass:
	print("Authed!")
	session['authenticated'] = 1
	else:
	print("Incorrect pass")
	os.remove('/tmp/SSH/'+path)
	sys.exit(0)
	os.remove(os.path.join('/tmp/SSH/',path))
	except Exception as e:
	traceback.print_exc()
	sys.exit(0)

	if session['authenticated'] == 1:
	while True:
	command = input(session['user'] + "@Obscure$ ")
	cmd = ['sudo', '-u', session['user']]
	cmd.extend(command.split(" "))
	proc = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE)

	o,e = proc.communicate()
	print('Output: ' + o.decode('ascii'))
	print('Error: ' + e.decode('ascii')) if len(e.decode('ascii')) > 0 else print('')
	import sys
	import argparse

	def encrypt(text, key):
	keylen = len(key)
	keyPos = 0
	encrypted = ""
	for x in text:
	keyChr = key[keyPos]
	newChr = ord(x)
	newChr = chr((newChr + ord(keyChr)) % 255)
	encrypted += newChr
	keyPos += 1
	keyPos = keyPos % keylen
	return encrypted

	def decrypt(text, key):
	keylen = len(key)
	keyPos = 0
	decrypted = ""
	for x in text:
	keyChr = key[keyPos]
	newChr = ord(x)
	newChr = chr((newChr - ord(keyChr)) % 255)
	decrypted += newChr
	keyPos += 1
	keyPos = keyPos % keylen
	return decrypted

	parser = argparse.ArgumentParser(description='Encrypt with 0bscura\'s encryption algorithm')

	parser.add_argument('-i',
	metavar='InFile',
	type=str,
	help='The file to read',
	required=False)

	parser.add_argument('-o',
	metavar='OutFile',
	type=str,
	help='Where to output the encrypted/decrypted file',
	required=False)

	parser.add_argument('-k',
	metavar='Key',
	type=str,
	help='Key to use',
	required=False)

	parser.add_argument('-d', action='store_true', help='Decrypt mode')

	args = parser.parse_args()

	banner = "################################\n"
	banner+= "# BEGINNING #\n"
	banner+= "# SUPER SECURE ENCRYPTOR #\n"
	banner+= "################################\n"
	banner += " ############################\n"
	banner += " # FILE MODE #\n"
	banner += " ############################"
	print(banner)
	if args.o == None or args.k == None or args.i == None:
	print("Missing args")
	else:
	if args.d:
	print("Opening file {0}...".format(args.i))
	with open(args.i, 'r', encoding='UTF-8') as f:
	data = f.read()

	print("Decrypting...")
	decrypted = decrypt(data, args.k)

	print("Writing to {0}...".format(args.o))
	with open(args.o, 'w', encoding='UTF-8') as f:
	f.write(decrypted)
	else:
	print("Opening file {0}...".format(args.i))
	with open(args.i, 'r', encoding='UTF-8') as f:
	data = f.read()

	print("Encrypting...")
	encrypted = encrypt(data, args.k)

	print("Writing to {0}...".format(args.o))
	with open(args.o, 'w', encoding='UTF-8') as f:
	f.write(encrypted)
	import socket
	import threading
	from datetime import datetime
	import sys
	import os
	import mimetypes
	import urllib.parse
	import subprocess

	respTemplate = """HTTP/1.1 {statusNum} {statusCode}
	Date: {dateSent}
	Server: {server}
	Last-Modified: {modified}
	Content-Length: {length}
	Content-Type: {contentType}
	Connection: {connectionType}

	{body}
	"""
	DOC_ROOT = "DocRoot"

	CODES = {"200": "OK",
	"304": "NOT MODIFIED",
	"400": "BAD REQUEST", "401": "UNAUTHORIZED", "403": "FORBIDDEN", "404": "NOT FOUND",
	"500": "INTERNAL SERVER ERROR"}

	MIMES = {"txt": "text/plain", "css":"text/css", "html":"text/html", "png": "image/png", "jpg":"image/jpg",
	"ttf":"application/octet-stream","otf":"application/octet-stream", "woff":"font/woff", "woff2": "font/woff2",
	"js":"application/javascript","gz":"application/zip", "py":"text/plain", "map": "application/octet-stream"}


	class Response:
	def __init__(self, **kwargs):
	self.__dict__.update(kwargs)
	now = datetime.now()
	self.dateSent = self.modified = now.strftime("%a, %d %b %Y %H:%M:%S")
	def stringResponse(self):
	return respTemplate.format(**self.__dict__)

	class Request:
	def __init__(self, request):
	self.good = True
	try:
	request = self.parseRequest(request)
	self.method = request["method"]
	self.doc = request["doc"]
	self.vers = request["vers"]
	self.header = request["header"]
	self.body = request["body"]
	except:
	self.good = False

	def parseRequest(self, request):
	req = request.strip("\r").split("\n")
	method,doc,vers = req[0].split(" ")
	header = req[1:-3]
	body = req[-1]
	headerDict = {}
	for param in header:
	pos = param.find(": ")
	key, val = param[:pos], param[pos+2:]
	headerDict.update({key: val})
	return {"method": method, "doc": doc, "vers": vers, "header": headerDict, "body": body}


	class Server:
	def __init__(self, host, port):
	self.host = host
	self.port = port
	self.sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
	self.sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
	self.sock.bind((self.host, self.port))

	def listen(self):
	self.sock.listen(5)
	while True:
	client, address = self.sock.accept()
	client.settimeout(60)
	threading.Thread(target = self.listenToClient,args = (client,address)).start()

	def listenToClient(self, client, address):
	size = 1024
	while True:
	try:
	data = client.recv(size)
	if data:
	# Set the response to echo back the recieved data
	req = Request(data.decode())
	self.handleRequest(req, client, address)
	client.shutdown()
	client.close()
	else:
	raise error('Client disconnected')
	except:
	client.close()
	return False

	def handleRequest(self, request, conn, address):
	if request.good:
	# try:
	# print(str(request.method) + " " + str(request.doc), end=' ')
	# print("from {0}".format(address[0]))
	# except Exception as e:
	# print(e)
	document = self.serveDoc(request.doc, DOC_ROOT)
	statusNum=document["status"]
	else:
	document = self.serveDoc("/errors/400.html", DOC_ROOT)
	statusNum="400"
	body = document["body"]

	statusCode=CODES[statusNum]
	dateSent = ""
	server = "BadHTTPServer"
	modified = ""
	length = len(body)
	contentType = document["mime"] # Try and identify MIME type from string
	connectionType = "Closed"


	resp = Response(
	statusNum=statusNum, statusCode=statusCode,
	dateSent = dateSent, server = server,
	modified = modified, length = length,
	contentType = contentType, connectionType = connectionType,
	body = body
	)

	data = resp.stringResponse()
	if not data:
	return -1
	conn.send(data.encode())
	return 0

	def serveDoc(self, path, docRoot):
	path = urllib.parse.unquote(path)
	try:
	info = "output = 'Document: {}'" # Keep the output for later debug
	exec(info.format(path)) # This is how you do string formatting, right?
	print(info.format(path))
	cwd = os.path.dirname(os.path.realpath(__file__))
	docRoot = os.path.join(cwd, docRoot)
	if path == "/":
	path = "/index.html"
	requested = os.path.join(docRoot, path[1:])
	if os.path.isfile(requested):
	mime = mimetypes.guess_type(requested)
	mime = (mime if mime[0] != None else "text/html")
	mime = MIMES[requested.split(".")[-1]]
	try:
	with open(requested, "r") as f:
	data = f.read()
	except:
	with open(requested, "rb") as f:
	data = f.read()
	status = "200"
	else:
	errorPage = os.path.join(docRoot, "errors", "404.html")
	mime = "text/html"
	with open(errorPage, "r") as f:
	data = f.read().format(path)
	status = "404"
	except Exception as e:
	print(e)
	errorPage = os.path.join(docRoot, "errors", "500.html")
	mime = "text/html"
	with open(errorPage, "r") as f:
	data = f.read()
	status = "500"
	return {"body": data, "mime": mime, "status": status}

	serv = Server('127.0.0.1', 7777)
	serv.listen()