Flask server which handles commands using API calls

Dockerfile

@@ -0,0 +1,19 @@
+FROM ubuntu:latest
+
+# Install necessary dependencies
+RUN apt-get update && apt-get install -y python3 python3-pip
+RUN apt-get install -y git && apt-get install -y libmagic1
+
+RUN git clone https://github.com/snehith57624/toucanstrike.git
+
+# Expose the port
+EXPOSE 5000
+
+# Install Python dependencies
+RUN pip install flask colorama && pip install tqdm && pip install -U "ipython>=7.20"
+
+RUN cd toucanstrike && git pull && pip install -r requirements.txt
+
+
+# Set the entrypoint command
+CMD ["python3", "toucanstrike/app.py"]

app.py

@@ -0,0 +1,48 @@
+from flask import Flask, render_template, request, jsonify
+from colorama import Fore, Style
+
+from constants import banner
+from interface import ToucanStrikeInterface
+import os
+
+app = Flask(__name__)
+terminal = ToucanStrikeInterface()
+
+
+@app.route('/')
+def index():
+    return "working"
+
+
+@app.route('/command', methods=['POST'])
+def execute_command():
+    command = request.form.get('command')
+    print("input ", command)
+    output = terminal.onecmd(command)
+    print("output ", output)
+    return output
+
+
+@app.route('/upload', methods=['POST'])
+def upload_file():
+    if 'file' not in request.files:
+        return jsonify({'error': 'No file uploaded'})
+
+    file = request.files['file']
+
+    if file.filename == '':
+        return jsonify({'error': 'No selected file'})
+
+    # Save the file to the static folder
+    file.save(os.path.join(app.static_folder, file.filename))
+    command = "data " + str(os.path.join(app.static_folder, file.filename))
+    output = terminal.onecmd(command)
+    print("file ", output)
+
+    output = terminal.onecmd("run")
+    print("output ", output)
+    return output
+
+
+if __name__ == '__main__':
+    app.run(debug=True)

curl_commands.txt

@@ -0,0 +1,14 @@
+curl -X POST -d "command=target malconv" http://localhost:5000/command
+
+curl -X POST -d "command=whitebox --type partial_dos" http://localhost:5000/command
+
+curl --location 'http://localhost:5000/upload' \
+--form 'file=@"/toucanstrike/malware-samples/Rbot/Rbot-O.7z"' \
+--form 'target="\"malconv\""'
+
+
+docker build -t flask-app . --no-cache --network=host
+
+docker run -d -p 8000:5000 --name webserver flask-app
+
+docker exec -it webserver bash

interface.py

@@ -1,5 +1,7 @@
 import cmd2
 from cmd2 import Cmd
+import sys
+from io import StringIO
 
 from commands.blackbox import get_black_box_parser, blackbox
 from commands.clear import clear
@@ -15,65 +17,74 @@
 
 
 class ToucanStrikeInterface(Cmd):
-	def __init__(self):
-		super().__init__(use_ipython=True)
-		self.prompt = get_default_prompt()
+    def __init__(self):
+        super().__init__()
+        self.prompt = get_default_prompt()
 
-	# setattr(Cmd, "do_set_meta", Cmd.do_set)
-	# delattr(Cmd, "do_set")
+    # Override the onecmd method to capture the output
+    def onecmd(self, line):
+        stdout_saved = sys.stdout
+        sys.stdout = StringIO()  # Create a StringIO object to capture the output
+        try:
+            return super().onecmd(line)
+        finally:
+            output = sys.stdout.getvalue()  # Get the captured output
+            sys.stdout.close()
+            sys.stdout = stdout_saved
+            return output
 
-	@cmd2.with_argparser(get_white_box_parser())
-	@cmd2.with_category(TOUCAN_STRIKE_COMMANDS)
-	def do_whitebox(self, args):
-		"""
-		Setup a white-box attack.
-		"""
-		whitebox(args)
+    @cmd2.with_argparser(get_white_box_parser())
+    @cmd2.with_category(TOUCAN_STRIKE_COMMANDS)
+    def do_whitebox(self, args):
+        """
+        Setup a white-box attack.
+        """
+        whitebox(args)
 
-	@cmd2.with_argparser(get_black_box_parser())
-	@cmd2.with_category(TOUCAN_STRIKE_COMMANDS)
-	def do_blackbox(self, args):
-		"""
-		Setup a black-box attack.
-		"""
-		blackbox(args)
+    @cmd2.with_argparser(get_black_box_parser())
+    @cmd2.with_category(TOUCAN_STRIKE_COMMANDS)
+    def do_blackbox(self, args):
+        """
+        Setup a black-box attack.
+        """
+        blackbox(args)
 
-	@cmd2.with_argparser(get_target_parser())
-	@cmd2.with_category(TOUCAN_STRIKE_COMMANDS)
-	def do_target(self, args):
-		"""Set attack target"""
-		target(args)
+    @cmd2.with_argparser(get_target_parser())
+    @cmd2.with_category(TOUCAN_STRIKE_COMMANDS)
+    def do_target(self, args):
+        """Set attack target"""
+        target(args)
 
-	@cmd2.with_category(TOUCAN_STRIKE_COMMANDS)
-	def do_status(self, args):
-		"""Print current set up of the attack"""
-		status()
+    @cmd2.with_category(TOUCAN_STRIKE_COMMANDS)
+    def do_status(self, args):
+        """Print current set up of the attack"""
+        status()
 
-	@cmd2.with_argparser(get_run_parser())
-	@cmd2.with_category(TOUCAN_STRIKE_COMMANDS)
-	def do_run(self, args):
-		"""Run the specified attack against the target, using the specified data"""
-		run(args)
+    @cmd2.with_argparser(get_run_parser())
+    @cmd2.with_category(TOUCAN_STRIKE_COMMANDS)
+    def do_run(self, args):
+        """Run the specified attack against the target, using the specified data"""
+        run(args)
 
-	@cmd2.with_argparser(get_predict_parser())
-	@cmd2.with_category(TOUCAN_STRIKE_COMMANDS)
-	def do_predict(self, args):
-		"""Compute prediction of a sample, using the already set target"""
-		predict(args)
+    @cmd2.with_argparser(get_predict_parser())
+    @cmd2.with_category(TOUCAN_STRIKE_COMMANDS)
+    def do_predict(self, args):
+        """Compute prediction of a sample, using the already set target"""
+        predict(args)
 
-	@cmd2.with_argparser(get_data_parser())
-	@cmd2.with_category(TOUCAN_STRIKE_COMMANDS)
-	def do_data(self, args):
-		"""Set the data for attack and prediction"""
-		data(args)
+    @cmd2.with_argparser(get_data_parser())
+    @cmd2.with_category(TOUCAN_STRIKE_COMMANDS)
+    def do_data(self, args):
+        """Set the data for attack and prediction"""
+        data(args)
 
-	@cmd2.with_category(TOUCAN_STRIKE_COMMANDS)
-	def do_clear(self, args):
-		"""Clear all the information stored for the attack"""
-		clear()
+    @cmd2.with_category(TOUCAN_STRIKE_COMMANDS)
+    def do_clear(self, args):
+        """Clear all the information stored for the attack"""
+        clear()
 
-	@cmd2.with_argparser(get_set_atk_parser())
-	@cmd2.with_category(TOUCAN_STRIKE_COMMANDS)
-	def do_setatk(self, args):
-		"""Set the parameters for the attack"""
-		do_set_atk(args)
+    @cmd2.with_argparser(get_set_atk_parser())
+    @cmd2.with_category(TOUCAN_STRIKE_COMMANDS)
+    def do_setatk(self, args):
+        """Set the parameters for the attack"""
+        do_set_atk(args)

static/index.html

@@ -0,0 +1,11 @@
+<!DOCTYPE html>
+<html>
+	<head>
+		<title>
+			First Web Page
+		</title>
+	</head>
+	<body>
+		Hello World!
+	</body>
+</html>