1.2.11. server

This module contains the functionality that provides the application’s low-level HTTP server logic.

1.2.11.1. Classes

class KingPhisherRequestHandler(request, client_address, server, **kwargs)

Bases: advancedhttpserver.RequestHandler

adjust_path()

Adjust the path attribute based on multiple factors.

campaign_id

The campaign id that is associated with the current request’s visitor. This is retrieved by looking up the message_id value in the database. If no campaign is associated, this value is None.

check_authorization()

Check for the presence of a basic auth Authorization header and if the credentials contained within in are valid.

Returns:Whether or not the credentials are valid. Return type:bool

config = None

A reference to the main server instance KingPhisherServer.config.

end_headers(*args, **kwargs)

Send the blank line ending the MIME headers.

get_client_ip()

Intelligently get the IP address of the HTTP client, optionally accounting for proxies that may be in use.

Returns:The clients IP address. Return type:str

get_query_creds(check_query=True)

Get credentials that have been submitted in the request. For credentials to be returned at least a username must have been specified. The returned username will be None or a non-empty string. The returned password will be None if the parameter was not found or a string which maybe empty. This functions checks the query data for credentials first if check_query is True, and then checks the contents of an Authorization header.

Parameters:check_query (bool) – Whether or not to check the query data in addition to an Authorization header. Returns:The submitted credentials. Return type:CredentialCollection

get_template_vars_client()

Build a dictionary of variables for a client with an associated campaign.

Returns:The client specific template variables. Return type:dict

issue_alert(campaign_id, table, count)

Send a campaign alert for the specified table.

Parameters:

• campaign_id (int) – The campaign subscribers to send the alert to.
• table (str) – The type of event to use as the sender when it is forwarded.
• count (int) – The number associated with the event alert.

message_id

The message id that is associated with the current request’s visitor. This is retrieved by looking at an ‘id’ parameter in the query and then by checking the visit_id value in the database. If no message id is associated, this value is None. The resulting value will be either a confirmed valid value, or the value of the configurations server.secret_id for testing purposes.

on_init()

This method is meant to be over ridden by custom classes. It is called as part of the __init__ method and provides an opportunity for the handler maps to be populated with entries or the config to be customized.

path = None

The resource path of the current HTTP request.

respond_file(file_path, attachment=False, query=None)

Respond to the client by serving a file, either directly or as an attachment.

Parameters:

• file_path (str) – The path to the file to serve, this does not need to be in the web root.
• attachment (bool) – Whether to serve the file as a download by setting the Content-Disposition header.

respond_not_found()

Respond to the client with a default 404 message.

respond_redirect(location='/')

Respond to the client with a 301 message and redirect them with a Location header.

Parameters:location (str) – The new location to redirect the client to.

send_response(code, message=None)

Add the response header to the headers buffer and log the response code.

Also send two standard headers with the server software version and the current date.

vhost

The value of the Host HTTP header.

visit_id

The visit id that is associated with the current request’s visitor. This is retrieved by looking for the King Phisher cookie. If no cookie is set, this value is None.

class KingPhisherServer(config, plugin_manager, handler_klass, *args, **kwargs)

Bases: advancedhttpserver.AdvancedHTTPServer

The main HTTP and RPC server for King Phisher.

__init__(config, plugin_manager, handler_klass, *args, **kwargs)

Parameters:config (smoke_zephyr.configuration.Configuration) – Configuration to retrieve settings from.

add_sni_cert(hostname, ssl_certfile=None, ssl_keyfile=None, ssl_version=None)

Add an SSL certificate for a specific hostname as supported by SSL’s Server Name Indicator (SNI) extension. See RFC 3546 for more details on SSL extensions. In order to use this method, the server instance must have been initialized with at least one address configured for SSL.

Warning

This method will raise a RuntimeError if either the SNI extension is not available in the ssl module or if SSL was not enabled at initialization time through the use of arguments to __init__().

New in version 2.0.0.

Parameters:

• hostname (str) – The hostname for this configuration.
• ssl_certfile (str) – An SSL certificate file to use, setting this enables SSL.
• ssl_keyfile (str) – An SSL certificate file to use.
• ssl_version – The SSL protocol version to use.

config = None

A Configuration instance used as the main King Phisher server configuration.

headers = None

A OrderedDict containing additional headers specified from the server configuration to include in responses.

job_manager = None

A JobManager instance for scheduling tasks.

remove_sni_cert(hostname)

Remove the SSL Server Name Indicator (SNI) certificate configuration for the specified hostname.

Warning

This method will raise a RuntimeError if either the SNI extension is not available in the ssl module or if SSL was not enabled at initialization time through the use of arguments to __init__().

New in version 2.2.0.

Parameters:hostname (str) – The hostname to delete the SNI configuration for.

shutdown(*args, **kwargs)

Request that the server perform any cleanup necessary and then shut down. This will wait for the server to stop before it returns.