SHARE
TWEET

Untitled

a guest Aug 12th, 2016 260 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #/usr/bin/env python
  2.  
  3. from Crypto.Hash import MD5, SHA256
  4.  
  5. import base64
  6. import SocketServer
  7. import threading
  8.  
  9. msg = "Python Server - Utility Network Service v1.0\n\n"
  10.  
  11. class DB:
  12.  
  13.   def getHash(self, string):
  14.     h = SHA256.new()
  15.     h.update(string)
  16.     return h.hexdigest()
  17.  
  18.   def __init__(self):
  19.     self.userDB = {}
  20.     f = open('database.db', 'r')
  21.     items = f.read().split('\n')
  22.     f.close()
  23.     for item in items:
  24.       token = item.split(':')
  25.       username = token[0]
  26.       password = token[1]
  27.       self.userDB[username] = password
  28.     self.userDB["guest"] = self.getHash("guest")
  29.  
  30.   def auth(self, username, password):
  31.     if (username in self.userDB and self.getHash(password) == self.userDB[username]):
  32.       return username
  33.     else:
  34.       return None
  35.  
  36. class incoming(SocketServer.BaseRequestHandler):
  37.   def handle(self):
  38.     req = self.request
  39.     req.sendall(msg)
  40.     req.sendall("Username : ")
  41.     username = req.recv(64)[:-1]
  42.     req.sendall("Password : ")
  43.     password = req.recv(64)[:-1]
  44.  
  45.     db = DB()
  46.  
  47.     authUsername = db.auth(username, password)
  48.  
  49.     if (authUsername):
  50.       req.sendall("\nWelcome, " + username + "!\n")
  51.       req.sendall("Type 'help' to see available options\n\n")
  52.  
  53.       while True:
  54.         req.sendall("> ")
  55.         cmd = req.recv(8)[:-1]
  56.  
  57.         if (cmd == "help"):
  58.           req.sendall("Options\n")
  59.           req.sendall("  b64     - encode string to Base 64\n")
  60.           req.sendall("  md5     - calculate MD5 Hash\n")
  61.           req.sendall("  hex     - convert decimal to hex\n")
  62.           req.sendall("  getflag - only for administrator\n")
  63.           req.sendall("  exit    - exit from service\n")
  64.         elif (cmd == "b64"):
  65.           req.sendall("Base64 encoder - Insert string : ")
  66.           string = req.recv(512)[:-1]
  67.           req.sendall(base64.b64encode(string) + "\n")
  68.         elif (cmd == "md5"):
  69.           req.sendall("MD5 Hash Calculaction - Insert string : ")
  70.           string = req.recv(512)[:-1]
  71.           h = MD5.new()
  72.           h.update(string)
  73.           req.sendall(h.hexdigest() + "\n")
  74.         elif (cmd == "hex"):
  75.           try:
  76.             req.sendall("Dec to Hex Converter - Insert number : ")
  77.             number = req.recv(512)[:-1]
  78.             req.sendall(hex(eval(number)) + "\n")
  79.           except:
  80.             req.sendall("Please insert number\n")
  81.         elif (cmd == "getflag"):
  82.           if (authUsername == "admin"):
  83.             flag = open('PythonServer.flag').read()
  84.             req.sendall(flag)
  85.           else:
  86.             req.sendall("You must be an administrator to get the flag\n")
  87.         elif (cmd == "exit"):
  88.           req.sendall("Bye!\n")
  89.           break
  90.         else:
  91.           req.sendall("Unknown command\n");
  92.     else:
  93.       req.sendall("Login Failed\n")
  94.  
  95.     req.close()
  96.  
  97. class ReusableTCPServer(SocketServer.ForkingMixIn, SocketServer.TCPServer):
  98.   pass
  99.  
  100. SocketServer.TCPServer.allow_reuse_address = True
  101. server = ReusableTCPServer(("0.0.0.0", 13338), incoming)
  102. server.timeout = 60
  103. server.serve_forever()
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top