Pep8 & python3 for html

src/html/fasttrack_http_server.py

@@ -1,7 +1,10 @@
 #!/usr/bin/env python
+# coding=utf-8
 import os
 import sys
+
 definepath = os.getcwd()
 sys.path.append(definepath)
-from src.core.setcore import *
-start_web_server_unthreaded(setdir + "/web_clone/")
+import src.core.setcore as core
+
+core.start_web_server_unthreaded(os.path.join(core.setdir, "web_clone"))

src/html/templates/__init__.py

@@ -0,0 +1 @@
+# coding=utf-8

src/html/templates/template.py

@@ -1,72 +1,85 @@
 #!/usr/bin/env python
-import subprocess
+# coding=utf-8
 import os
 import shutil
-import glob
-from src.core.setcore import *
 
-me = mod_name()
+import src.core.setcore as core
+
+# Py2/3 compatibility
+# Python3 renamed raw_input to input
+try:
+    input = raw_input
+except NameError:
+    pass
+
 dest = "src/html/"
+url = ""
 
-debug_msg(me,"entering src.html.templates.template'",1)
+core.debug_msg(core.mod_name(), "entering src.html.templates.template'", 1)
 
 #
 # used for pre-defined templates
 #
-print """
+print("""
   1. Java Required
   2. Google
   3. Facebook
   4. Twitter
   5. Yahoo
-"""
-choice=raw_input(setprompt(["2"],"Select a template"))
+""")
+choice = raw_input(core.setprompt(["2"], "Select a template"))
 
 if choice == "exit":
-    exit_set()
+    core.exit_set()
 
 # file used for nextpage in java applet attack
-filewrite=file(setdir + "/site.template", "w")
 
 # if nothing is selected
-if choice == "": choice = "1"
+if choice == "":
+    choice = "1"
 
 # if java required
 if choice == "1":
-    if os.path.isfile("src/html/index.template"): os.remove("src/html/index.template")
+    if os.path.isfile("src/html/index.template"):
+        os.remove("src/html/index.template")
     shutil.copyfile("src/html/templates/java/index.template", "src/html/index.template")
-    URL=""
+    url = ""
 
 # if google
 if choice == "2":
-    if os.path.isfile("src/html/index.template"): os.remove("src/html/index.template")
+    if os.path.isfile("src/html/index.template"):
+        os.remove("src/html/index.template")
     shutil.copyfile("src/html/templates/google/index.template", "src/html/index.template")
-    URL="http://www.google.com"
+    url = "http://www.google.com"
 
 # if facebook
 if choice == "3":
-    if os.path.isfile("src/html/index.template"): os.remove("src/html/index.template")
-    for files in glob.glob('src/html/templates/facebook/*.*'): shutil.copy(files, "src/html/")
-    URL="http://www.facebook.com"
+    if os.path.isfile("src/html/index.template"):
+        os.remove("src/html/index.template")
+    shutil.copyfile("src/html/templates/facebook/index.template", "src/html/index.template")
+    url = "http://www.facebook.com"
 
 # if twitter
 if choice == "4":
-    if os.path.isfile("src/html/index.template"): 
-      os.remove("src/html/index.template")
+    if os.path.isfile("src/html/index.template"):
+        os.remove("src/html/index.template")
     shutil.copyfile("src/html/templates/twitter/index.template", "src/html/index.template")
-    URL="http://www.twitter.com"
+    url = "http://www.twitter.com"
 
 # if yahoo
-if choice =="5":
-    if os.path.isfile("src/html/index.template"): os.remove("src/html/index.template")
+if choice == "5":
+    if os.path.isfile("src/html/index.template"):
+        os.remove("src/html/index.template")
     shutil.copyfile("src/html/templates/yahoo/index.template", "src/html/index.template")
-    URL="http://mail.yahoo.com"
+    url = "http://mail.yahoo.com"
 
-if not os.path.isdir(setdir + "/web_clone"):
-    os.makedirs(setdir + "/web_clone/")
-if os.path.isfile(setdir + "/web_clone/index.html"): os.remove(setdir + "/web_clone/index.html")
-shutil.copyfile("src/html/index.template", setdir + "/web_clone/index.html")
-filewrite.write("TEMPLATE=SELF" + "\n"+"URL=%s" % (URL))
-filewrite.close()
+if not os.path.isdir(os.path.join(core.setdir, "web_clone")):
+    os.makedirs(os.path.join(core.setdir, "web_clone/"))
+if os.path.isfile(os.path.join(core.setdir, "web_clone/index.html")):
+    os.remove(os.path.join(core.setdir, "web_clone/index.html"))
+shutil.copyfile("src/html/index.template", os.path.join(core.setdir, "/web_clone/index.html"))
 
-debug_msg(me,"exiting src.html.templates.template'",1)
+with open(os.path.join(core.setdir, "site.template"), 'w') as filewrite:
+    filewrite.write("TEMPLATE=SELF\nURL={0}".format(url))
+
+core.debug_msg(core.mod_name(), "exiting src.html.templates.template'", 1)

src/html/unsigned/__init__.py

@@ -0,0 +1 @@
+# coding=utf-8

src/html/unsigned/self_sign.py

@@ -1,9 +1,10 @@
 #!/usr/bin/env python
+# coding=utf-8
 
-import subprocess
 import os
-import sys
-from src.core.setcore import *
+import subprocess
+
+import src.core.setcore as core
 
 #########################
 # Simple signer for signing the java applet attack
@@ -27,25 +28,29 @@ print("""
  Is this correct: yes
 """)
 
-print_error("*** WARNING ***")
-print_error("IN ORDER FOR THIS TO WORK YOU MUST INSTALL sun-java6-jdk or openjdk-6-jdk, so apt-get install openjdk-6-jdk")
-print_error("*** WARNING ***")
+core.print_error("*** WARNING ***")
+core.print_error("IN ORDER FOR THIS TO WORK YOU MUST INSTALL sun-java6-jdk or openjdk-6-jdk, so apt-get install openjdk-6-jdk")
+core.print_error("*** WARNING ***")
 
 # random string used to generate signature of java applet
-random_string = generate_random_string(10, 30)
+random_string = core.generate_random_string(10, 30)
 
 # grab keystore to use later
-subprocess.Popen("keytool -genkey -alias %s -keystore mykeystore -keypass mykeypass -storepass mystorepass" %
-                 (random_string), shell=True).wait()
+subprocess.Popen("keytool -genkey -alias {0} "
+                 "-keystore mykeystore "
+                 "-keypass mykeypass "
+                 "-storepass mystorepass".format(random_string), shell=True).wait()
 
 # self-sign the applet
-subprocess.Popen("jarsigner -keystore mykeystore -storepass mystorepass -keypass mykeypass -signedjar Signed_Update.jar unsigned.jar %s" %
-                 (random_string), shell=True).wait()
+subprocess.Popen("jarsigner -keystore mykeystore "
+                 "-storepass mystorepass "
+                 "-keypass mykeypass "
+                 "-signedjar Signed_Update.jar unsigned.jar {0}".format(random_string), shell=True).wait()
 
 # move it into our html directory
 subprocess.Popen("cp Signed_Update.jar ../", shell=True).wait()
-subprocess.Popen("mv Signed_Update.jar " + setdir, shell=True)
+subprocess.Popen("mv Signed_Update.jar {0}".format(core.setdir), shell=True)
 
 # move back to original directory
 os.chdir("../../../")
-print_status("Java Applet is now signed and will be imported into the website")
+core.print_status("Java Applet is now signed and will be imported into the website")

src/html/unsigned/verified_sign.py

@@ -1,11 +1,18 @@
 #!/usr/bin/env python
+# coding=utf-8
 
-import subprocess
 import os
-import sys
 import shutil
-from src.core.setcore import *
+import subprocess
 
+import src.core.setcore as core
+
+# Py2/3 compatibility
+# Python3 renamed raw_input to input
+try:
+    input = raw_input
+except NameError:
+    pass
 # keytool -import -storepass pw -alias MyCert -file mycert.spc
 # jarsigner -verbose -storepass <pw> -keypass <pw> unsigned.jar MyCert
 
@@ -20,7 +27,7 @@ from src.core.setcore import *
 # verisign/thawte
 
 # grab current path
-definepath = definepath()
+definepath = core.definepath()
 
 # print warning message that we need to install sun-java or openjdk
 print("""
@@ -38,9 +45,9 @@ print("""
  business as which is also much easier to use.
 """)
 
-print_error("*** WARNING ***")
-print_error("IN ORDER FOR THIS TO WORK YOU MUST INSTALL sun-java6-jdk or openjdk-6-jdk, so apt-get install openjdk-6-jdk")
-print_error("*** WARNING ***")
+core.print_error("*** WARNING ***")
+core.print_error("IN ORDER FOR THIS TO WORK YOU MUST INSTALL sun-java6-jdk or openjdk-6-jdk, so apt-get install openjdk-6-jdk")
+core.print_error("*** WARNING ***")
 
 # use flag is in case someone already has a code signing certificate, in
 # that case it bypasses the "no" answer
@@ -60,53 +67,50 @@ Option 2 will go through the process of either creating the code signing certifi
 2. Either create a code-signing csr or use a code-signing certificate you already own.
 """)
 firstprompt = input("Enter your choice [1-2]: ")
-if firstprompt == "":
-    firstprompt == "2"
+if not firstprompt:
+    firstprompt = "2"
 
 # if we want to import our own java applet
 if firstprompt == "1":
     newpath = input("Enter the path to the .jar file: ")
     if not os.path.isfile(newpath):
-        while 1:
-            print_error("Unable to locate the file. Please try again.")
+        while True:
+            core.print_error("Unable to locate the file. Please try again.")
             newpath = input("Enter the path to the .jar file: ")
             if os.path.isfile(newpath):
                 break
 
     # import into SET
-    print_status("Importing the applet into SET for weaponization...")
-    shutil.copyfile(newpath, setdir + "/Signed_Update.jar.orig")
-    shutil.copyfile(newpath, setdir + "/Signed_Update.jar")
-    print_status("The applet has been successfully imported into SET.")
+    core.print_status("Importing the applet into SET for weaponization...")
+    shutil.copyfile(newpath, os.path.join(core.setdir, "Signed_Update.jar.orig"))
+    shutil.copyfile(newpath, os.path.join(core.setdir, "Signed_Update.jar"))
+    core.print_status("The applet has been successfully imported into SET.")
 
 # if we want to either generate a certificate or use our own certificate
 # this is it
 if firstprompt == "2":
+    cert_path = ""
     # prompt for a different certificate
-    prompt = input(setprompt(
-        "0", "Have you already generated a code signing-certificate? [yes|no]")).lower()
+    prompt = input(core.setprompt("0", "Have you already generated a code signing-certificate? [yes|no]")).lower()
     # if we selected yes if we generated a code signing certificate
     if prompt == "yes" or prompt == "y":
         # prompt the user to import the code signing certificate
-        cert_path = input(
-            setprompt("0", "Path to the code signing certificate file (provided by CA)"))
+        cert_path = input(core.setprompt("0", "Path to the code signing certificate file (provided by CA)"))
         if not os.path.isfile(cert_path):
             # loop forever
-            while 1 == 1:
-                print_error("ERROR:Filename not found. Try again.")
+            while True:
+                core.print_error("ERROR:Filename not found. Try again.")
                 # re-prompt if we didn't file the filename
-                cert_path = input(
-                    setprompt("0", "Path to the .cer certificate file"))
+                cert_path = input(core.setprompt("0", "Path to the .cer certificate file"))
                 # if we find the filename then break out of loop
                 if os.path.isfile(cert_path):
                     break
 
         # here is where we import the certificate
         try:
-            print_info("Importing the certificate into SET...")
+            core.print_info("Importing the certificate into SET...")
 
-            subprocess.Popen("keytool -import -alias MyCert -file %s" %
-                             (cert_path), shell=True).wait()
+            subprocess.Popen("keytool -import -alias MyCert -file {}".format(cert_path), shell=True).wait()
             # trigger that we have our certificate already and bypass the
             # request process below
             use_flag = 1
@@ -126,63 +130,61 @@ if firstprompt == "2":
         # if we selected no we need to create one
         if prompt == "no" or prompt == "n":
             # get the stuff ready to do it
-            print_info("Generating the initial request for Verisign...")
+            core.print_info("Generating the initial request for Verisign...")
             # grab input from user, fqdn
-            answer1 = input(
-                setprompt("0", "FQDN (ex. www.thisisafakecert.com)"))
+            answer1 = input(core.setprompt("0", "FQDN (ex. www.thisisafakecert.com)"))
             # grab name of organizaton
-            answer2 = input(setprompt("0", "Name of the organization"))
+            answer2 = input(core.setprompt("0", "Name of the organization"))
             # grab two letter country code
-            answer3 = input(
-                setprompt("0", "Two letter country code (ex. US)"))
+            answer3 = input(core.setprompt("0", "Two letter country code (ex. US)"))
             # if blank, default to US
-            if answer3 == "":
+            if not answer3:
                 answer3 = "US"
             # grab state
-            answer4 = input(setprompt("0", "State"))
+            answer4 = input(core.setprompt("0", "State"))
             # grab city
-            answer5 = input(setprompt("0", "City"))
+            answer5 = input(core.setprompt("0", "City"))
             # generate the request crl
-            subprocess.Popen('keytool -genkey -alias MyCert -keyalg RSA -keysize 2048 -dname "CN=%s,O=%s,C=%s,ST=%s,L=%s"' %
-                             (answer1, answer2, answer3, answer4, answer5), shell=True).wait()
-            print_info("Exporting the cert request to text file...")
+            subprocess.Popen('keytool '
+                             '-genkey '
+                             '-alias MyCert '
+                             '-keyalg RSA '
+                             '-keysize 2048 '
+                             '-dname "CN={a1},O={a2},C={a3},ST={a4},L={a5}"'.format(a1=answer1,
+                                                                                    a2=answer2,
+                                                                                    a3=answer3,
+                                                                                    a4=answer4,
+                                                                                    a5=answer5),
+                             shell=True).wait()
+
+            core.print_info("Exporting the cert request to text file...")
             # generate the request and export to certreq
-            subprocess.Popen(
-                "keytool -certreq -alias MyCert > %s/certreq.txt" % (definepath), shell=True).wait()
-            print_status(
-                "Export successful. Exported certificate under the SET root under certreq.txt")
-            print_warning(
-                "You will now need to pay for a code signing certificate through Verisign/Thawte/GoDaddy/etc.")
-            print_warning(
-                "Be sure to purchase a code signing certificate, not a normal website SSL certificate.")
-            print_info("When finished, enter the path to the .cer file below")
+            subprocess.Popen("keytool -certreq -alias MyCert > {}".format(os.path.join(definepath, "certreq.txt")), shell=True).wait()
+            core.print_status("Export successful. Exported certificate under the SET root under certreq.txt")
+            core.print_warning("You will now need to pay for a code signing certificate through Verisign/Thawte/GoDaddy/etc.")
+            core.print_warning("Be sure to purchase a code signing certificate, not a normal website SSL certificate.")
+            core.print_info("When finished, enter the path to the .cer file below")
             # cert_path is used for the certificate path when generating
 
-            cert_path = input(
-                setprompt("0", "Path for the code signing certificate file (.spc file)"))
+            cert_path = input(core.setprompt("0", "Path for the code signing certificate file (.spc file)"))
             # if we can't find the filename
             if not os.path.isfile(cert_path):
-                while 1 == 1:
-                    print_error("ERROR:Filename not found. Please try again.")
+                while True:
+                    core.print_error("ERROR:Filename not found. Please try again.")
                     # re-prompt if file name doesn't exist
-                    cert_path = input(
-                        setprompt("0", "Path to the .cer certificate file from Verisign"))
+                    cert_path = input(core.setprompt("0", "Path to the .cer certificate file from Verisign"))
                     # if we detect file, then break out of loop
                     if os.path.isfile(cert_path):
                         break
 
             # import the certificate
-            subprocess.Popen("keytool -import -alias MyCert -file %s" %
-                             (cert_path), shell=True).wait()
+            subprocess.Popen("keytool -import -alias MyCert -file {0}".format(cert_path), shell=True).wait()
 
     # if our certificate is in the data store
     if os.path.isfile(cert_path):
         # sign the applet with the imported certificate
-        subprocess.Popen("jarsigner -signedjar Signed_Update.jar %s/src/html/unsigned/unsigned.jar MyCert" %
-                         (definepath), shell=True).wait()
+        subprocess.Popen("jarsigner -signedjar Signed_Update.jar {0} MyCert".format(os.path.join(definepath, "src/html/unsigned/unsigned.jar")), shell=True).wait()
         # move it into our html directory
-        subprocess.Popen(
-            "mv Signed_Update.jar %s/Signed_Update.jar.orig" % (setdir), shell=True).wait()
+        subprocess.Popen("mv Signed_Update.jar {0}".format(os.path.join(core.setdir, "Signed_Update.jar.orig")), shell=True).wait()
         # move back to original directory
-        print_status(
-            "Java Applet is now signed and will be imported into the java applet website attack from now on...")
+        core.print_status("Java Applet is now signed and will be imported into the java applet website attack from now on...")

src/html/web_start.py

@@ -1,11 +1,13 @@
 #!/usr/bin/env python
+# coding=utf-8
 # This is just a simple import for web_start
 import sys
-from src.core.setcore import *
-me = mod_name()
-debug_msg(me, "importing 'src.html.spawn'", 1)
+
+import src.core.setcore as core
+
+core.debug_msg(core.mod_name(), "importing 'src.html.spawn'", 1)
 sys.path.append("src/html")
 try:
-    module_reload(spawn)
+    import src.html.spawn
 except:
     pass