exploitfarm 1.7.0__tar.gz → 1.7.2__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/PKG-INFO +1 -1
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/exploitfarm/__init__.py +1 -1
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/exploitfarm/models/exploit.py +1 -1
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/exploitfarm/utils/config.py +53 -11
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/exploitfarm/xfarm.py +7 -10
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/exploitfarm/xploit.py +1 -1
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/exploitfarm.egg-info/PKG-INFO +1 -1
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/setup.py +1 -1
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/MANIFEST.in +0 -0
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/README.md +0 -0
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/exploitfarm/__main__.py +0 -0
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/exploitfarm/_init_exposed.py +0 -0
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/exploitfarm/models/__init__.py +0 -0
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/exploitfarm/models/client.py +0 -0
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/exploitfarm/models/dbtypes.py +0 -0
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/exploitfarm/models/enums.py +0 -0
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/exploitfarm/models/exploit_template.py +0 -0
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/exploitfarm/models/flags.py +0 -0
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/exploitfarm/models/groups.py +0 -0
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/exploitfarm/models/response.py +0 -0
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/exploitfarm/models/service.py +0 -0
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/exploitfarm/models/submitter.py +0 -0
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/exploitfarm/models/teams.py +0 -0
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/exploitfarm/tui/__init__.py +0 -0
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/exploitfarm/tui/config.py +0 -0
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/exploitfarm/tui/exploitdownload.py +0 -0
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/exploitfarm/tui/exploitinit.py +0 -0
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/exploitfarm/tui/group_prejoin.py +0 -0
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/exploitfarm/tui/group_select.py +0 -0
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/exploitfarm/tui/login.py +0 -0
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/exploitfarm/tui/shared_attack_group.py +0 -0
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/exploitfarm/tui/startxploit.py +0 -0
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/exploitfarm/tui/template.py +0 -0
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/exploitfarm/utils/__init__.py +0 -0
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/exploitfarm/utils/cmd.py +0 -0
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/exploitfarm/utils/exploit.py +0 -0
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/exploitfarm/utils/reqs.py +0 -0
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/exploitfarm/utils/templates.py +0 -0
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/exploitfarm/utils/windows_close_fix.py +0 -0
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/exploitfarm.egg-info/SOURCES.txt +0 -0
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/exploitfarm.egg-info/dependency_links.txt +0 -0
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/exploitfarm.egg-info/requires.txt +0 -0
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/exploitfarm.egg-info/top_level.txt +0 -0
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/requirements.txt +0 -0
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/setup.cfg +0 -0
- {exploitfarm-1.7.0 → exploitfarm-1.7.2}/xfarm +0 -0
|
@@ -17,7 +17,7 @@ class ExploitDTO(BaseModel):
|
|
|
17
17
|
last_update: AwareDatetime|None = None
|
|
18
18
|
created_at: AwareDatetime
|
|
19
19
|
service: ServiceID = Field(validation_alias=AliasChoices('service_id'))
|
|
20
|
-
created_by: ClientID = Field(validation_alias=AliasChoices('created_by_id'))
|
|
20
|
+
created_by: ClientID|None = Field(default=None, validation_alias=AliasChoices('created_by_id'))
|
|
21
21
|
last_execution_by: ClientID|None = None
|
|
22
22
|
last_execution_group_by: AttackGroupID|None = None
|
|
23
23
|
last_source: ExploitSourceID|None = None
|
|
@@ -3,7 +3,7 @@ import toml
|
|
|
3
3
|
import string
|
|
4
4
|
import socketio
|
|
5
5
|
import traceback
|
|
6
|
-
from pydantic import BaseModel, Field, validate_call
|
|
6
|
+
from pydantic import BaseModel, Field, validate_call, PrivateAttr
|
|
7
7
|
from uuid import UUID, uuid4
|
|
8
8
|
from exploitfarm.utils import DEFAULT_SERVER_PORT, create_lock
|
|
9
9
|
from typing_extensions import Self
|
|
@@ -166,6 +166,44 @@ class ExploitConfig(BaseModel):
|
|
|
166
166
|
__exploit_lock = None
|
|
167
167
|
__folder = "."
|
|
168
168
|
|
|
169
|
+
_remote_fetched: bool = PrivateAttr(default=False)
|
|
170
|
+
_fetched_name: str | None = PrivateAttr(default=None)
|
|
171
|
+
_fetched_service: UUID | None = PrivateAttr(default=None)
|
|
172
|
+
_fetched_language: Language | None = PrivateAttr(default=None)
|
|
173
|
+
|
|
174
|
+
def _fetch_remote_data(self):
|
|
175
|
+
if self._remote_fetched:
|
|
176
|
+
return
|
|
177
|
+
self._remote_fetched = True
|
|
178
|
+
|
|
179
|
+
try:
|
|
180
|
+
from exploitfarm.xfarm import g
|
|
181
|
+
if getattr(g, "config", None) is None or not getattr(g, "config").status.get("loggined"):
|
|
182
|
+
return
|
|
183
|
+
|
|
184
|
+
exploit_info = next((e for e in g.config.reqs.exploits() if e["id"] == str(self.uuid)), None)
|
|
185
|
+
if exploit_info:
|
|
186
|
+
self._fetched_name = exploit_info["name"]
|
|
187
|
+
self._fetched_service = UUID(exploit_info["service"])
|
|
188
|
+
self._fetched_language = Language(exploit_info["language"])
|
|
189
|
+
except Exception:
|
|
190
|
+
pass
|
|
191
|
+
|
|
192
|
+
def __getattribute__(self, item: str):
|
|
193
|
+
if item in ("name", "service", "language"):
|
|
194
|
+
val = super().__getattribute__(item)
|
|
195
|
+
if val is not None:
|
|
196
|
+
return val
|
|
197
|
+
|
|
198
|
+
fetched_val = getattr(self, f"_fetched_{item}", None)
|
|
199
|
+
if fetched_val is not None:
|
|
200
|
+
return fetched_val
|
|
201
|
+
|
|
202
|
+
self._fetch_remote_data()
|
|
203
|
+
return getattr(self, f"_fetched_{item}", None)
|
|
204
|
+
|
|
205
|
+
return super().__getattribute__(item)
|
|
206
|
+
|
|
169
207
|
@classmethod
|
|
170
208
|
@validate_call()
|
|
171
209
|
def new(
|
|
@@ -227,25 +265,29 @@ class ExploitConfig(BaseModel):
|
|
|
227
265
|
f.write(self.model_dump_toml())
|
|
228
266
|
|
|
229
267
|
def publish_exploit(self, config: ClientConfig):
|
|
268
|
+
raw_name = self.__dict__.get("name")
|
|
269
|
+
raw_service = self.__dict__.get("service")
|
|
270
|
+
raw_language = self.__dict__.get("language")
|
|
271
|
+
|
|
230
272
|
data_to_edit = {}
|
|
231
|
-
if
|
|
232
|
-
data_to_edit["name"] =
|
|
233
|
-
if
|
|
234
|
-
data_to_edit["service"] =
|
|
235
|
-
if
|
|
236
|
-
data_to_edit["language"] =
|
|
273
|
+
if raw_name is not None:
|
|
274
|
+
data_to_edit["name"] = raw_name
|
|
275
|
+
if raw_service is not None:
|
|
276
|
+
data_to_edit["service"] = raw_service
|
|
277
|
+
if raw_language is not None:
|
|
278
|
+
data_to_edit["language"] = raw_language.value
|
|
237
279
|
|
|
238
280
|
if not data_to_edit:
|
|
239
281
|
return
|
|
240
282
|
|
|
241
|
-
if
|
|
283
|
+
if raw_name is not None and raw_service is not None:
|
|
242
284
|
config.reqs.new_exploit(
|
|
243
285
|
{
|
|
244
286
|
"id": self.uuid,
|
|
245
|
-
"name":
|
|
246
|
-
"language":
|
|
287
|
+
"name": raw_name,
|
|
288
|
+
"language": raw_language.value if raw_language else Language.other.value,
|
|
247
289
|
"status": ExploitStatus.disabled.value,
|
|
248
|
-
"service":
|
|
290
|
+
"service": raw_service,
|
|
249
291
|
"created_by": config.client_id,
|
|
250
292
|
}
|
|
251
293
|
)
|
|
@@ -290,6 +290,13 @@ def start(
|
|
|
290
290
|
traceback.print_exc()
|
|
291
291
|
print(f"[bold red]Error reading exploit configuration from {path}: {e}[/]")
|
|
292
292
|
close_cli()
|
|
293
|
+
|
|
294
|
+
|
|
295
|
+
|
|
296
|
+
if not exploit_config.name or not exploit_config.service:
|
|
297
|
+
print("[bold red]This exploit has missing configuration and has never been uploaded to the server![/]")
|
|
298
|
+
print("[bold yellow]Please run 'xfarm exploit edit' to give it a name and associate a service before starting it.[/]")
|
|
299
|
+
close_cli()
|
|
293
300
|
# Auto push exploit (if not in test mode)
|
|
294
301
|
if not no_auto_push and not test:
|
|
295
302
|
try:
|
|
@@ -1232,16 +1239,6 @@ def init(
|
|
|
1232
1239
|
name = expl_conf.name
|
|
1233
1240
|
service = expl_conf.service
|
|
1234
1241
|
language = expl_conf.language
|
|
1235
|
-
|
|
1236
|
-
if connection and (not name or not service or not language):
|
|
1237
|
-
try:
|
|
1238
|
-
exploit_info = next((e for e in g.config.reqs.exploits() if e["id"] == str(expl_conf.uuid)), None)
|
|
1239
|
-
if exploit_info:
|
|
1240
|
-
name = name or exploit_info["name"]
|
|
1241
|
-
service = service or UUID(exploit_info["service"])
|
|
1242
|
-
language = language or Language(exploit_info["language"])
|
|
1243
|
-
except Exception:
|
|
1244
|
-
pass
|
|
1245
1242
|
else:
|
|
1246
1243
|
print(
|
|
1247
1244
|
"[bold red]Exploit configuration not found! | Tip: use 'xfarm exploit init' to inizialize an exploit source project![/]"
|
|
@@ -1089,7 +1089,7 @@ def xploit_one(exec_info: AttackStartConfig, team: str, timeout: float = 30):
|
|
|
1089
1089
|
f"Submitted {flags} flags ({dups} duplicates) as manual submissions."
|
|
1090
1090
|
)
|
|
1091
1091
|
except Exception:
|
|
1092
|
-
qprint("Can't submit flags
|
|
1092
|
+
qprint("Can't submit flags, can't connect to backend\n")
|
|
1093
1093
|
except KeyboardInterrupt:
|
|
1094
1094
|
pass
|
|
1095
1095
|
finally:
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|