added barely functioning pop3 and smtp servers for debugging and sending/receiving emails.

Author: ShyftXero

Makefile

@@ -1,14 +1,16 @@
 build_linux: clean
-	docker run -v "$(pwd):/src/" cdrx/pyinstaller-linux "pyinstaller --clean --onedir --add-data ops:ops --add-data /home/shyft/stuff/miniconda3/lib/python3.9/site-packages/pyppeteer-0.2.5.dist-info:pyppeteer-0.2.5.dist-info casper_agent.py"
+	docker run -v "$(pwd):/src/" cdrx/pyinstaller-linux "pyinstaller --clean --onedir --add-data "ops;ops" --add-data /home/shyft/stuff/miniconda3/lib/python3.9/site-packages/pyppeteer-0.2.5.dist-info:pyppeteer-0.2.5.dist-info casper_agent.py"
 
 	cd dist
 	tar cvzf casper_agent_linux.tar.gz linux/
 	cd ..
 
 build_windows: clean
 	# https://github.com/cdrx/docker-pyinstaller
-	docker run -v "$(pwd):/src/" cdrx/pyinstaller-windows 'pyinstaller -y --onedir --add-data "ops;ops" --add-data "C:/python37/Lib/site-packages/pyppeteer-0.2.5.dist-info;pyppeteer-0.2.5.dist-info" casper_agent.py'
-
+	# docker run -v "$(pwd):/src/" cdrx/pyinstaller-windows 'pyinstaller -y --onedir --add-data "ops;ops" --add-data "C:\python37\Lib\site-packages\pyppeteer-0.2.5.dist-info;pyppeteer-0.2.5.dist-info" --add-data "config.toml;." casper_agent.py'
+	
+	
+	pyinstaller -y --onedir --add-data "ops;ops" --add-data "C:\Users\IEUser\miniconda3\Lib\site-packages\pyppeteer-0.2.5.dist-info;pyppeteer-0.2.5.dist-info" --add-data "config.toml;." casper_agent.py
 	cd dist
 	zip -r casper_agent_windows.zip windows/
 	cd ..

__init__.py

@@ -25,6 +25,7 @@
 import json
 import socket
 import smtplib
+import poplib
 import ssl
 import sys
 from typing import List
@@ -66,7 +67,7 @@
 
 @app.callback()
 def load_config(
-    config_file: Path = "config.toml",
+    config_file: Path = Path("config.toml"),
     debug: bool = True,
 ):
     global AGENT_UUID
@@ -330,12 +331,12 @@ def _send_email(**kwargs):
     if kwargs.get("encrypted", False):
         context = ssl.create_default_context()
 
-    with smtplib.SMTP(kwargs.get("smtp_server"), kwargs.get("smtp_port")) as s:
+    with smtplib.SMTP(kwargs.get("smtp_server",'localhost'), kwargs.get("smtp_port",1025)) as s:
 
         # s.login(kwargs.get('smtp_user'), kwargs.get('smtp_pass'))
 
         s.sendmail(
-            kwargs.get("sender"), kwargs.get("recipient_list"), kwargs.get("email_body")
+            kwargs.get("sender",''), kwargs.get("recipient_list",[]), kwargs.get("email_body",'')
         )
 
 
@@ -444,7 +445,10 @@ def send_email(
     except BaseException as e:
         print(e)
         if smtp_server == 'localhost' and smtp_port == 1025:
-            print('It looks like you are running the default smtp server settings. \ntry running "python smtp_debugging_server.py" or "python -m smtpd -c DebuggingServer -n localhost:1025"')
+            print('''It looks like you are running the default smtp server settings. 
+try running "cd email_server && python smtp_debugging_server.py" or "python -m smtpd -c DebuggingServer -n localhost:1025" both operate on 1025 for MTA features. 
+You'll probably want to run the POP3 server pop3_debugging_server.py in the same dir. operates on port 1110 by default for MDA features
+''')
         return False
 
 
@@ -548,12 +552,12 @@ def wander(
         return False
 
 
-def load_ops(ops_dir=OPS_DIR) -> list:
+def load_ops(ops_dir=OPS_DIR, op_filter="*") -> list:
     print(f"loading operations from {ops_dir}")
 
     ops = []
 
-    op_files = glob.glob(f"{ops_dir}/*.toml")
+    op_files = glob.glob(f"{ops_dir}/{op_filter}.toml")
 
     for op_file in op_files:
         with open(op_file) as f:
@@ -569,15 +573,17 @@ def load_ops(ops_dir=OPS_DIR) -> list:
 def operate(
     ops=[],
     no_ops: bool = False,
+    op_filter="*",
     new_ops=False,
-    ops_dir: Path = "./ops",
+    ops_dir: Path = Path("./ops"),
     beacon_only: bool = False,
     tags: List[str] = [],
+    
 ):
     """actually fire off the operations defined in the ops.toml files"""
 
     if ops == [] and new_ops == False:
-        ops = load_ops(ops_dir=ops_dir)
+        ops = load_ops(ops_dir=ops_dir, op_filter=op_filter)
     if no_ops == True:
         ops = []
 

casper_agent.py

@@ -0,0 +1,34 @@
+from datetime import datetime
+from pony.orm import *
+
+
+db = Database()
+db.bind(provider='sqlite', filename='mail.sqlite', create_db=True)
+
+
+class Account(db.Entity):
+    id = PrimaryKey(int, auto=True)
+    username = Optional(str)
+    password = Optional(str)
+    domain = Optional(str)
+    messages = Set('Message')
+
+
+class Message(db.Entity):
+    id = PrimaryKey(int, auto=True)
+    timestamp = Optional(datetime, default=lambda: datetime.now())
+    msg_from = Optional(str)
+    msg_to = Optional(str)
+    msg_subj = Optional(str)
+    msg_body = Optional(str)
+    account = Required(Account)
+
+
+db.generate_mapping(create_tables=True)
+with db_session:
+    if Account.get(username='shyft') == None:
+        shyft = Account(username='shyft', password='pass')
+        test =  Account(username='test', password='pass')
+        msg1 = Message(msg_to="shyft@mail.mil", msg_body='msg 1 3easdfasdf', account=shyft)
+        msg2 = Message(msg_to="shyft@mail.com",msg_body='msg 2 asldfj9oiwjef', account=shyft)
+        msg3 = Message(msg_to="test@mail.mil", msg_body='not for shyft asldfj9oiwjef', account=test)

email_server/email_db.py

@@ -0,0 +1,7 @@
+[[users]]
+    username = "shyft"
+    password = 'pass'
+   
+[[users]]
+    username = 'test'
+    password = 'test'

email_server/email_server_accounts.toml

@@ -0,0 +1,247 @@
+#!/usr/bin/env python3
+
+# https://www.vircom.com/blog/quick-guide-of-pop3-command-line-to-type-in-telnet/
+# https://electrictoolbox.com/pop3-commands/ for how pop is supposed to work...
+from pony.orm.core import db_decorator, get
+from rich import print
+import sys
+import socketserver
+# import glob
+# import toml
+
+import os
+
+import diskcache as dc
+
+import email_db as db
+
+
+# EMAILS = dict()
+
+# USERS = toml.load("email_user_accounts.toml")
+
+# USERS = {
+#     "shyft":    "pass",
+#     "test":     "test"
+# }
+
+# USERS = dc.Cache("maildb")
+
+
+# mail_store_path = './mail_store'
+# os.mkdir(mail_store_path)
+
+# USERS.set('shyft', {
+#         'password': 'pass',
+#         'messages': [
+#             'json data here',
+#             'another json message'
+#         ]
+#     }
+# )
+
+# keys are users
+# vals are lists of messages
+
+@db.db_session
+def get_user(username):
+    acct = db.Account.get(username=username)
+    if acct != None: 
+        return acct
+    return False
+
+@db.db_session
+def auth_user(username, password):
+    res= db.Account.get(username=username, password=password)
+    if res != None:
+        return True
+    return False
+
+@db.db_session
+def format_msg(m_id):
+    m = db.Message.get(id=m_id)
+    if m != None:
+        return f'''
+msg id:         {m.id}
+msg timestamp:  {m.timestamp}
+msg from:       {m.msg_from}
+msg to:         {m.msg_to}
+msg subject:    {m.msg_subj}
+msg body:
+{m.msg_body}
+'''
+    return f'invalid id {m_id}'
+
+@db.db_session
+def stat_msg(username):
+    ret = []
+    messages = db.select(m for m in db.Message if username in m.msg_to)
+    for m in messages:
+        ret.append((m.id, len(m.msg_body)))
+    # return ''.join(ret)
+    return ret
+
+@db.db_session
+def summary_msg(m_id):
+    m = db.Message.get(id=m_id)
+    return f'\n---\n{m.id}|{m.timestamp}|{m.msg_from}|{m.msg_to}|{m.msg_subj}|{m.msg_body}'
+    # return f'{m.id} {len(m.msg_body)}'
+
+@db.db_session
+def get_messages(username):
+    ret = []
+    messages = db.select(m for m in db.Message if username in m.msg_to)
+    for m in messages:
+        ret.append(summary_msg(m.id))
+    # return ''.join(ret)
+    return ret
+    # message_files = glob.glob(f'{mail_store_path}/{username}/*.mail')
+
+    # messages = []
+    # for file in message_files:
+    #     with open(file) as f:
+    #         messages.append(f.read())
+
+
+class MailHandler(socketserver.BaseRequestHandler):
+    """
+    The request handler class for our server.
+
+    It is instantiated once per connection to the server, and must
+    override the handle() method to implement communication to the
+    client.
+    """
+
+    def handle(self):
+        # self.request is the TCP socket connected to the client
+        self.request.sendall(f"+OK POP3 maily server v13.37 ready\n\n".encode())
+        self.user = b""
+        self.logged_in = False
+        self.messages = list()
+
+        while True:
+            try:
+                raw = self.request.recv(1024).decode()
+
+                self.data = raw.strip().split(" ")
+
+                # breakpoint()
+                # self.data = self.data.decode()
+                print(f"{self.client_address[0]} sent: {self.data}")
+
+                cmd = self.data[0]
+                payload = "".join(self.data[1:])
+                # print(f"payload : {payload}")
+
+                if cmd.lower() == "user":
+                    self.logged_in == False  # remove this line to be a ctf challenge. read other user emails...
+                    if get_user(payload):
+                        self.user = payload
+                        self.request.sendall(
+                            b"+OK Username accepted, password please\n"
+                        )
+                    else:
+                        self.request.sendall(b"-ERR invalid username\n")
+
+                elif cmd.lower() == "pass":
+                    print(f'login attempt for user {self.user} with password {payload}')
+                    if auth_user(self.user, payload):
+                        self.logged_in = True
+                        msg = b"+OK password accepted\n"
+                        print(f"user {self.user} {msg}")
+                        get_messages(self.user)
+                        self.request.sendall(msg)
+
+                elif cmd.lower() == "stat":
+                    msgs = stat_msg(self.user)
+                    self.messages = msgs
+                    status = f"logged in:{self.logged_in}\nuser: {self.user}\n"
+                    print(status)
+                    ret_msg = f"+OK {len(msgs)} {sum([len(m) for m in msgs])}\n".encode()
+                    # ret_msg = "+OK 1 1337\n".encode()
+                    print(ret_msg)
+                    self.request.sendall(ret_msg)
+
+                elif cmd.lower() == "list":
+                    if self.logged_in == True:
+                        self.messages = ''.join(get_messages(self.user))
+                       
+                        resp = f"+OK {len(self.messages)} messages\n"
+                        for msg in stat_msg(self.user):
+                            resp += f"{msg[0]} {msg[1]}\n"
+                        # resp += '\n'.join(stat_msg(self.user))
+                        resp += ".\n"
+                        self.request.sendall(resp.encode())
+                    else:
+                        self.request.sendall(b"-ERR Must be logged in..\n")
+
+                elif cmd.lower() == "retr":
+                    if self.logged_in == True:
+                        payload = int(payload)
+                        msg = '' 
+                        with db.db_session:
+                            msg = db.Message.get(id=payload)
+                            if msg != None:
+                                msg = format_msg(msg.id)
+                        if payload >= 0 and payload <= len(self.messages) and msg != None:
+                        
+                            self.request.sendall(
+                                f"+OK\n---BEGIN_MSG---\n{msg}\n---END_MSG---\n.\n".encode()
+                            )
+                        else:
+                            pass  # invalid index
+                    else:
+                        self.request.sendall(b"-ERR Must be logged in..\n")
+
+                elif cmd.lower() == "top":
+                    if self.logged_in == True:
+                        if int(payload) >= 0 and int(payload) <= len(self.messages):
+                            msg = self.messages[int(payload) - 1]
+                            self.request.sendall(
+                                f"+OK\n---BEGIN_MSG---\n{msg[:100]}\n---END_MSG---\n.\n".encode()
+                            )
+                        else:
+                            pass  # invalid index
+                    else:
+                        self.request.sendall(b"-ERR Must be logged in..\n")
+
+                elif cmd.lower() == "dele":
+                    if self.logged_in == True:
+                        m_id = int(payload)
+                        with db.db_session:
+                            msg = db.Message.get(id=m_id)
+                            if msg != None:
+                            # msg = self.messages.pop(int(payload) - 1)
+                                msg_str = format_msg(m_id)
+                                self.request.sendall(f"+OK Deleted msg {m_id}\n---BEGIN_MSG---\n{msg_str}\n---END_MSG---\n.\n".encode())
+                                msg.delete()
+                                print(f'deleted msg id {m_id}')
+                    else:
+                        self.request.sendall(b"-ERR Must be logged in..\n")
+                elif cmd.lower() == "quit":
+                    self.request.sendall(b"+OK BYE\n")
+                    break
+                else:
+                    self.request.sendall(b"-ERR Unknown command... try again\n")
+
+            except BrokenPipeError as e:
+                return
+            except BaseException as e:
+                print(e)
+
+
+if __name__ == "__main__":
+    HOST, PORT = "localhost", 1110
+
+    # Create the server, binding to localhost on port 9999
+    with socketserver.TCPServer((HOST, PORT), MailHandler) as server:
+        # Activate the server; this will keep running until you
+        # interrupt the program with Ctrl-C
+        print("Running on", HOST, PORT)
+        try:
+            server.allow_reuse_address = True
+            server.serve_forever()
+        except KeyboardInterrupt as e:
+            print("quitting... ")
+            server.server_close()
+            sys.exit(0)