1.2.11. server
¶
This module contains the functionality that provides the application’s low-level HTTP server logic.
1.2.11.1. Classes¶
-
class
KingPhisherRequestHandler
(request, client_address, server, **kwargs)[source]¶ Bases:
advancedhttpserver.RequestHandler
-
campaign_id
[source]¶ The campaign id that is associated with the current request’s visitor. This is retrieved by looking up the
message_id
value in the database. If no campaign is associated, this value is None.
Check for the presence of a basic auth Authorization header and if the credentials contained within in are valid.
Returns: Whether or not the credentials are valid. Return type: bool
-
config
= None[source]¶ A reference to the main server instance
KingPhisherServer.config
.
-
get_client_ip
()[source]¶ Intelligently get the IP address of the HTTP client, optionally accounting for proxies that may be in use.
Returns: The clients IP address. Return type: str
-
get_query_creds
(check_query=True)[source]¶ Get credentials that have been submitted in the request. For credentials to be returned at least a username must have been specified. The returned username will be None or a non-empty string. The returned password will be None if the parameter was not found or a string which maybe empty. This functions checks the query data for credentials first if check_query is True, and then checks the contents of an Authorization header.
Parameters: check_query (bool) – Whether or not to check the query data in addition to an Authorization header. Returns: The submitted credentials. Return type: CredentialCollection
-
get_template_vars_client
()[source]¶ Build a dictionary of variables for a client with an associated campaign.
Returns: The client specific template variables. Return type: dict
-
issue_alert
(campaign_id, table, count)[source]¶ Send a campaign alert for the specified table.
Parameters:
-
message_id
[source]¶ The message id that is associated with the current request’s visitor. This is retrieved by looking at an ‘id’ parameter in the query and then by checking the
visit_id
value in the database. If no message id is associated, this value is None. The resulting value will be either a confirmed valid value, or the value of the configurations server.secret_id for testing purposes.
-
on_init
()[source]¶ This method is meant to be over ridden by custom classes. It is called as part of the __init__ method and provides an opportunity for the handler maps to be populated with entries or the config to be customized.
-
respond_file
(file_path, attachment=False, query=None)[source]¶ Respond to the client by serving a file, either directly or as an attachment.
Parameters:
-
respond_redirect
(location='/')[source]¶ Respond to the client with a 301 message and redirect them with a Location header.
Parameters: location (str) – The new location to redirect the client to.
-
-
class
KingPhisherServer
(config, plugin_manager, handler_klass, *args, **kwargs)[source]¶ Bases:
advancedhttpserver.AdvancedHTTPServer
The main HTTP and RPC server for King Phisher.
-
__init__
(config, plugin_manager, handler_klass, *args, **kwargs)[source]¶ Parameters: config ( smoke_zephyr.configuration.Configuration
) – Configuration to retrieve settings from.
-
add_sni_cert
(hostname, ssl_certfile=None, ssl_keyfile=None, ssl_version=None)[source]¶ Add an SSL certificate for a specific hostname as supported by SSL’s Server Name Indicator (SNI) extension. See RFC 3546 for more details on SSL extensions. In order to use this method, the server instance must have been initialized with at least one address configured for SSL.
Warning
This method will raise a
RuntimeError
if either the SNI extension is not available in thessl
module or if SSL was not enabled at initialization time through the use of arguments to__init__()
.New in version 2.0.0.
Parameters:
-
headers
= None[source]¶ A
OrderedDict
containing additional headers specified from the server configuration to include in responses.
-
job_manager
= None[source]¶ A
JobManager
instance for scheduling tasks.
-
remove_sni_cert
(hostname)[source]¶ Remove the SSL Server Name Indicator (SNI) certificate configuration for the specified hostname.
Warning
This method will raise a
RuntimeError
if either the SNI extension is not available in thessl
module or if SSL was not enabled at initialization time through the use of arguments to__init__()
.New in version 2.2.0.
Parameters: hostname (str) – The hostname to delete the SNI configuration for.
-