exploitfarm 0.2.3__tar.gz → 0.2.4__tar.gz

{exploitfarm-0.2.3 → exploitfarm-0.2.4}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: exploitfarm
-Version: 0.2.3
+Version: 0.2.4
 Summary: Exploit Farm client
 Home-page: https://github.com/pwnzer0tt1/exploitfarm
 Author: Pwnzer0tt1

{exploitfarm-0.2.3 → exploitfarm-0.2.4}/exploitfarm/__init__.py

@@ -1,5 +1,5 @@
 
-__version__ = "0.2.3"
+__version__ = "0.2.4"
 
 from exploitfarm.utils import try_tcp_connection
 from exploitfarm.model import ServiceDTO, AttackMode, SetupStatus

{exploitfarm-0.2.3 → exploitfarm-0.2.4}/exploitfarm/cmd/startxploit.py

@@ -284,7 +284,10 @@ class XploitRun(App):
         while True:
             if g.exit_event.is_set(): return
             log = g.print_queue.get()
-            logger.write(log)
+            if isinstance(log, str):
+                logger.write(escape(log))
+            else:
+                logger.write(log)
     
     def flag_graph_update(self):
         while True:

{exploitfarm-0.2.3 → exploitfarm-0.2.4}/exploitfarm/xploit.py

@@ -13,11 +13,12 @@ from math import ceil
 from exploitfarm.utils.config import ClientConfig, ExploitConfig
 from multiprocessing import Queue
 from datetime import datetime as dt, timedelta
-import datetime
+import datetime, io
 from exploitfarm.model import AttackExecutionStatus, AttackMode
 from rich import print
 from uuid import UUID
 from copy import deepcopy
+from rich.markup import escape
 
 os_windows = (os.name == 'nt')
 
@@ -31,7 +32,7 @@ class g:
     print_queue: Queue = None
     last_attack_time: dt = None
     config_update_event:Queue = Queue(100)
-    flag_storage:"FlagStorage" = None 
+    attack_storage:"AttackStorage" = None 
     instance_storage:"InstanceStorage" = None
     exit_event = None
     server_id = None
@@ -71,7 +72,7 @@ class InstanceStorage:
             self.n_completed += 1
             self.n_killed += was_killed
 
-class FlagStorage:
+class AttackStorage:
     """
     Thread-safe storage comprised of a set and a post queue.
 
@@ -114,7 +115,7 @@ class FlagStorage:
             
             self._queue.append(execution_submit)
 
-    def pick_flags(self):
+    def pick_attacks(self):
         with self._lock:
             return self._queue[:]
 
@@ -130,9 +131,15 @@ class FlagStorage:
 WARNING_RUNTIME = 5
 
 def qprint(*args):
-    for arg in args:
+    try:
+        for arg in args:
+            if isinstance(arg, str):
+                g.print_queue.put(escape(arg), block=False)
+            else:
+                g.print_queue.put(arg, block=False)
+    except (KeyboardInterrupt, ValueError):
+        traceback.print_exc()
         pass
-        g.print_queue.put(arg, block=False)
 
 class InvalidSploitError(Exception):
     pass
@@ -198,7 +205,7 @@ def repush_flags():
         if old_queue_data["server_id"] != g.server_id:
             raise Exception("Server ID mismatch")
         for ele in old_queue_data["queue"]:
-            g.flag_storage.add(ele["flags"], ele["target"], ele["start_time"], ele["end_time"], AttackExecutionStatus(ele["status"]), ele["error"])
+            g.attack_storage.add(ele["flags"], ele["target"], ele["start_time"], ele["end_time"], AttackExecutionStatus(ele["status"]), ele["error"])
     except Exception:
         if os.path.exists(".flag_queue.json"):
             os.remove(".flag_queue.json")
@@ -243,11 +250,11 @@ def update_server_config():
         qprint(f'Config update loop died: {repr(e)}')
         shutdown()
 
-def post_flags(flags):
+def post_attacks(attacks):
     try:
-        g.config.reqs.submit_flags(flags, exploit=g.exploit_config.uuid)
-        g.flag_storage.mark_as_sent(len(flags))
-        qprint(f'{sum([len(ele["flags"]) for ele in flags])} flags posted to the server')
+        g.config.reqs.submit_flags(attacks, exploit=g.exploit_config.uuid)
+        g.attack_storage.mark_as_sent(len(attacks))
+        qprint(f'{sum([len(ele["flags"]) for ele in attacks])} flags posted to the server')
         g.shared_memory["submitter_status"] = True
     except Exception as e:
         g.shared_memory["submitter_status"] = False
@@ -256,39 +263,54 @@ def post_flags(flags):
 def run_post_loop():
     try:
         for _ in once_in_a_period(g.submit_pool_timeout):
-            flags_to_post = g.flag_storage.pick_flags()[:50]
-            g.shared_memory["submitter_flags_in_queue"] = sum([len(ele["flags"]) for ele in flags_to_post])
-            if flags_to_post: post_flags(flags_to_post)
+            attack_to_post = g.attack_storage.pick_attacks()[:50] #50 is to avoid the backend goes in timeout
+            g.shared_memory["submitter_flags_in_queue"] = sum([len(ele["flags"]) for ele in attack_to_post])
+            if attack_to_post: post_attacks(attack_to_post)
     except Exception as e:
         g.shared_memory["submitter_status"] = False
         qprint(traceback.format_exc())
         qprint(f'Posting loop died: {repr(e)}')
 
-def process_sploit_filter(proc:subprocess.Popen, team: dict, start_time: dt, killed: bool):
+def process_sploit_filter(proc:subprocess.Popen, team: dict, start_time: dt, killed: bool, read_data:callable, final_output: bool = True):
     try:
         end_time = dt.now(datetime.timezone.utc)
-        output = proc.stdout.read()
+        output = read_data()
         
         if isinstance(output, bytes):
             output = output.decode('utf-8', errors='replace')
         
-        qprint(f"Output of the sploit of {team['host']} killed[{killed}] status[{proc.returncode}]: '{team.get('short_name') or team.get('name') or team.get('id')}' started: {start_time} ended: {end_time}\n{output}")
+        if final_output:
+            qprint(f"Output of the sploit of {team['host']} killed[{killed}] status[{proc.returncode}]: '{team.get('short_name') or team.get('name') or team.get('id')}' started: {start_time} ended: {end_time}\n{output}")
+        
+        if not final_output and killed:
+            qprint("☠️ xFarm killed the sploit due to timeout!")
+        
         config = deepcopy(g.shared_memory["config"])
         flag_format = re.compile(config["config"]["FLAG_REGEX"])
         flags = list(map(str, set(flag_format.findall(output))))
-         
+        
         if killed or proc.returncode != 0:
             if killed:
                 output = "THIS PROCESS HAS BEEN KILLED BY EXPLOITFARM DUE TO TIMEOUT\n-------- OUTPUT -------\n\n" + output
-            g.flag_storage.add(flags, team["id"], start_time, end_time, AttackExecutionStatus.crashed, output)
+            g.attack_storage.add(flags, team["id"], start_time, end_time, AttackExecutionStatus.crashed, output)
         elif flags:
-            g.flag_storage.add(flags, team["id"], start_time, end_time, AttackExecutionStatus.done, b'')
+            g.attack_storage.add(flags, team["id"], start_time, end_time, AttackExecutionStatus.done, b'')
         else:
-            g.flag_storage.add(flags, team["id"], start_time, end_time, AttackExecutionStatus.noflags, output)
+            g.attack_storage.add(flags, team["id"], start_time, end_time, AttackExecutionStatus.noflags, output)
     except Exception as e:
+        traceback.print_exc()
         qprint(f'Failed to process sploit output: {repr(e)}')
 
-def launch_sploit(team:dict, max_runtime:float):
+def read_and_print(stdout:io.BytesIO, buffer:io.BytesIO):
+    # Read stdout line by line in a separate thread
+    for line in iter(stdout.readline, b''):
+        qprint(line.decode('utf-8', errors='replace'))  # Print to main stdout in real-time
+        buffer.write(line)
+        buffer.flush()
+    buffer.write(stdout.read())
+    stdout.close()
+
+def launch_sploit(team:dict, max_runtime:float, stream_output:bool=False) -> tuple[subprocess.Popen, int, callable]:
     # For sploits written in Python, this env variable forces the interpreter to flush
     # stdout and stderr after each newline. Note that this is not default behavior
     # if the sploit's output is redirected to a pipe.
@@ -317,18 +339,33 @@ def launch_sploit(team:dict, max_runtime:float):
         kernel32.SetConsoleCtrlHandler(win_ignore_ctrl_c, True)
 
     proc = subprocess.Popen(command, stdout=subprocess.PIPE, stderr=subprocess.STDOUT, close_fds=need_close_fds, env=env, shell=True)
+    read_function = None
+    if stream_output:
+        pipe = proc.stdout
+        buffer = io.BytesIO()
+        thr = threading.Thread(target=read_and_print, args=(pipe, buffer))
+        thr.start()
+        def func():
+            thr.join()
+            return buffer.getvalue()
+        read_function = func
     if os_windows:
         kernel32.SetConsoleCtrlHandler(win_ignore_ctrl_c, False)
+        
+    if not read_function:
+        def func():
+            return proc.stdout.read()
+        read_function = func
 
-    return proc, g.instance_storage.register_start(proc)
+    return proc, g.instance_storage.register_start(proc), read_function
 
 
-def run_sploit(team:dict, max_runtime:float):
+def run_sploit(team:dict, max_runtime:float, stream_output:bool=False):
     start_time = dt.now(datetime.timezone.utc)
     if g.exit_event.is_set(): return
     try:
         g.shared_memory["team-"+str(team["id"])+"-executing"] = True
-        proc, instance_id = launch_sploit(team, max_runtime)
+        proc, instance_id, read_data = launch_sploit(team, max_runtime, stream_output)
     except Exception as e:
         if isinstance(e, FileNotFoundError):
             qprint(f'Sploit file or the interpreter for it not found: {repr(e)}')
@@ -352,8 +389,9 @@ def run_sploit(team:dict, max_runtime:float):
             need_kill = True
         with g.instance_storage.lock:
             proc.kill()
+        
         g.shared_memory["team-"+str(team["id"])+"-executing"] = False
-        process_sploit_filter(proc, team, start_time, need_kill)
+        process_sploit_filter(proc, team, start_time, need_kill, read_data, not stream_output)
         g.instance_storage.register_stop(instance_id, need_kill)
     except Exception as e:
         qprint(traceback.format_exc())
@@ -417,6 +455,7 @@ def xploit(path: str):
                     float(g.instance_storage.n_killed) / g.instance_storage.n_completed * 100))
             
             max_runtime = calc_runtime_timeout()
+            
             if max_runtime == WARNING_RUNTIME:
                 qprint(f"⚠️ WARNING: The runtime of the attack is too low: consider increasing the number thread pool size")
             g.shared_memory["runtime_timeout"] = max_runtime
@@ -455,7 +494,7 @@ def shutdown(restart:bool=False):
         g.restart_event.set()
     g.exit_event.set()
     try:
-        data = {"server_id": g.server_id, "queue":g.flag_storage.pick_flags()}
+        data = {"server_id": g.server_id, "queue":g.attack_storage.pick_attacks()}
         if data:
             with open(".flag_queue.json", "wb") as f:
                 f.write(orjson.dumps(data))
@@ -472,41 +511,44 @@ def xploit_one(config: ClientConfig, team: str, path: str, timeout: float = 30):
     os.chdir(path)
     try:
         g.config = config
+        try:
+            g.config.fetch_status()
+        except Exception as e:
+            qprint(f"[bold yellow]Can't get config from the server: {repr(e)}")
+            return
         try:
             g.shared_memory = {"config": g.config.status}
         except Exception as e:
-            print(f"[bold yellow]Can't get config from the server: {repr(e)}")
+            qprint(f"[bold yellow]Can't get config from the server: {repr(e)}")
             g.shared_memory = {}
         g.exploit_config = ExploitConfig.read(path)
         g.print_queue = Queue(100)
-        g.flag_storage = FlagStorage(config.client_id)
+        g.attack_storage = AttackStorage(config.client_id)
         g.instance_storage = InstanceStorage()
         g.exit_event = threading.Event()
         g.restart_event = threading.Event()
         threading.Thread(target=run_printer_queue).start()
-        run_sploit({"id":0, "host":team}, timeout)
+        run_sploit({"id":0, "host":team}, timeout, stream_output=True)
         try:
             while True:
-                flags_block = [ele["flags"] for ele in g.flag_storage.pick_flags()]
-                if len(flags_block) == 0:
+                attacks = g.attack_storage.pick_attacks()
+                if len(attacks) == 0:
                     break
-                for flags in flags_block:
-                    g.config.reqs.submit_flags({"flags":flags})
-                    g.flag_storage.mark_as_sent(len(flags))
-                    print(f"Submitted {len(flags)} flags as manual submissions.")
+                for attack in attacks:
+                    if len(attack["flags"]) > 0:
+                        g.config.reqs.submit_flags({"flags":attack["flags"]})
+                    g.attack_storage.mark_as_sent(1)
+                    if len(attack["flags"]) > 0:
+                        qprint(f"Submitted {len(attack["flags"])} flags as manual submissions.")
         except Exception as e:
-            print(f"[bold yellow]Can't submit flags due missing config")
-        
-        try:
-            while not g.print_queue.empty():
-                print(g.print_queue.get(block=False))
-        except Exception:
-            pass
+            qprint(f"[bold yellow]Can't submit flags due missing config")
     except KeyboardInterrupt:
         pass
     finally:
-        g.print_queue.close()
         shutdown()
+        for _ in once_in_a_period(0.1):
+            if g.print_queue.empty():
+                g.print_queue.close()
         
 
 
@@ -518,7 +560,7 @@ def start_xploit(config: ClientConfig, shared_dict:dict, print_queue: Queue, poo
     g.server_status_refresh_period = server_status_refresh_period
     g.exploit_config = ExploitConfig.read(path)
     g.print_queue = print_queue
-    g.flag_storage = FlagStorage(config.client_id)
+    g.attack_storage = AttackStorage(config.client_id)
     g.instance_storage = InstanceStorage()
     g.exit_event = exit_event if exit_event else threading.Event()
     g.restart_event = restart_event if restart_event else threading.Event()

{exploitfarm-0.2.3 → exploitfarm-0.2.4}/exploitfarm.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: exploitfarm
-Version: 0.2.3
+Version: 0.2.4
 Summary: Exploit Farm client
 Home-page: https://github.com/pwnzer0tt1/exploitfarm
 Author: Pwnzer0tt1

{exploitfarm-0.2.3 → exploitfarm-0.2.4}/setup.py

@@ -6,7 +6,7 @@ with open("README.md", "r", encoding="utf-8") as fh:
 with open('requirements.txt', 'r', encoding='utf-8') as f:
     required = [ele.strip() for ele in f.read().splitlines() if not ele.strip().startswith("#") and ele.strip() != ""]
 
-VERSION = "0.2.3"
+VERSION = "0.2.4"
 
 setuptools.setup(
     name="exploitfarm",

{exploitfarm-0.2.3 → exploitfarm-0.2.4}/xfarm

@@ -5,6 +5,7 @@ from rich import print
 from rich.markup import escape
 from rich.console import Console
 
+from typer import Abort
 from enum import Enum
 from exploitfarm.utils.reqs import get_url
 from exploitfarm.cmd.config import InitialConfiguration, inital_config_setup, ClientConfig
@@ -82,11 +83,11 @@ def reset():
 @app.command(help="Start the exploit")
 def start(
     path: str = typer.Argument(".", help="The path of the exploit"),
-    pool_size: PositiveInt = typer.Option(50, help="The number of workers to start"),
+    pool_size: PositiveInt = typer.Option(50, "-p", help="The number of workers to start"),
     submit_pool_timeout: PositiveInt = typer.Option(3, help="The timeout for the submit pool to wait for new attack results and send flags"),
     server_status_refresh_period: PositiveInt = typer.Option(5, help="The period to refresh the server status"),
     test: Optional[str] = typer.Option(None, help="Test the exploit"),
-    test_timeout: PositiveInt = typer.Option(10, help="The timeout for the test"),
+    test_timeout: PositiveInt = typer.Option(30, "-t", help="The timeout for the test"),
 ):
     path = os.path.abspath(path)
     from exploitfarm.xploit import start_xploit, shutdown, xploit_one
@@ -340,12 +341,16 @@ def init(
 
 
 @app.callback()
-def main(interactive: bool = typer.Option(True, help="Interactive configuration mode", envvar="XFARM_INTERACTIVE")):
-    g.interactive = interactive
+def main(no_interactive: bool = typer.Option(False, "--no-interactive", "-I", help="Interactive configuration mode", envvar="XFARM_INTERACTIVE")):
+    g.interactive = not no_interactive
 
 if __name__ == "__main__":
     try:
         app()
+    except KeyboardInterrupt:
+        print("[bold yellow]Operation cancelled[/]")
+    except Abort:
+        print("[bold yellow]Operation cancelled[/]")
     except ReqsError as e:
         print("[bold red]The server returned an error: {e}[/]")
     except RequestsTimeout as e: