forked from EmpireProject/Empire
-
-
Notifications
You must be signed in to change notification settings - Fork 574
/
defaults.py
101 lines (79 loc) · 2.84 KB
/
defaults.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
import hashlib
import logging
import os
import random
import string
from passlib import pwd
from passlib.context import CryptContext
from empire.server.core.config import empire_config
from empire.server.core.db import models
database_config = empire_config.database.defaults
pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
log = logging.getLogger(__name__)
def get_default_hashed_password():
password = database_config.password
return pwd_context.hash(password)
def get_default_user():
return models.User(
username=database_config.username,
hashed_password=get_default_hashed_password(),
enabled=True,
admin=True,
)
def get_default_config():
return models.Config(
staging_key=get_staging_key(),
ip_whitelist=database_config.ip_whitelist,
ip_blacklist=database_config.ip_blacklist,
autorun_command="",
autorun_data="",
rootuser=True,
jwt_secret_key=pwd.genword(length=32, charset="hex"),
)
def get_default_keyword_obfuscation():
keyword_obfuscation_list = database_config.keyword_obfuscation
obfuscated_keywords = []
for value in keyword_obfuscation_list:
obfuscated_keywords.append(
models.Keyword(
keyword=value,
replacement="".join(
random.choice(string.ascii_uppercase + string.digits)
for _ in range(5)
),
)
)
return obfuscated_keywords
def get_default_obfuscation_config():
obfuscation_config_list = database_config.obfuscation
obfuscation_configs = []
for config in obfuscation_config_list:
obfuscation_configs.append(
models.ObfuscationConfig(
language=config.language,
command=config.command,
module=config.module,
enabled=config.enabled,
preobfuscatable=config.preobfuscatable,
)
)
return obfuscation_configs
def get_staging_key():
# Staging Key is set up via environmental variable or config.yaml. By setting RANDOM a randomly selected password
# will automatically be selected.
staging_key = os.getenv("STAGING_KEY") or database_config.staging_key
punctuation = "!#%&()*+,-./:;<=>?@[]^_{|}~"
if staging_key == "BLANK":
choice = input(
"\n [>] Enter server negotiation password, enter for random generation: "
)
if choice not in ("", "RANDOM"):
return hashlib.md5(choice.encode("utf-8")).hexdigest()
return None
if staging_key == "RANDOM":
log.info("Generating random staging key")
return "".join(
random.sample(string.ascii_letters + string.digits + punctuation, 32)
)
log.info("Using configured staging key: {staging_key}")
return staging_key