File Manager

Hackfut Security File Manager

Current Path: /usr/lib/python2.6/site-packages/supervisor/medusa

usr / lib / python2.6 / site-packages / supervisor / medusa /

📁 ..
📄 __init__.py(128 B)
📄 __init__.pyc(277 B)
📄 __init__.pyo(277 B)
📄 auth_handler.py(4.63 KB)
📄 auth_handler.pyc(4.41 KB)
📄 auth_handler.pyo(4.41 KB)
📄 chat_server.py(4.43 KB)
📄 chat_server.pyc(6.28 KB)
📄 chat_server.pyo(6.28 KB)
📄 counter.py(1.41 KB)
📄 counter.pyc(1.99 KB)
📄 counter.pyo(1.99 KB)
📄 default_handler.py(6.18 KB)
📄 default_handler.pyc(4.92 KB)
📄 default_handler.pyo(4.92 KB)
📄 event_loop.py(2.91 KB)
📄 event_loop.pyc(3.43 KB)
📄 event_loop.pyo(3.43 KB)
📄 filesys.py(10.94 KB)
📄 filesys.pyc(13.28 KB)
📄 filesys.pyo(13.28 KB)
📄 ftp_server.py(39.6 KB)
📄 ftp_server.pyc(33.91 KB)
📄 ftp_server.pyo(33.91 KB)
📄 http_date.py(3.33 KB)
📄 http_date.pyc(3.39 KB)
📄 http_date.pyo(3.39 KB)
📄 http_server.py(24.63 KB)
📄 http_server.pyc(20.96 KB)
📄 http_server.pyo(20.96 KB)
📄 logger.py(7.81 KB)
📄 logger.pyc(10.73 KB)
📄 logger.pyo(10.73 KB)
📄 m_syslog.py(7.18 KB)
📄 m_syslog.pyc(3.91 KB)
📄 m_syslog.pyo(3.91 KB)
📄 medusa_gif.py(2.71 KB)
📄 medusa_gif.pyc(1.13 KB)
📄 medusa_gif.pyo(1.13 KB)
📄 monitor.py(10.79 KB)
📄 monitor.pyc(12 KB)
📄 monitor.pyo(12 KB)
📄 monitor_client.py(3.2 KB)
📄 monitor_client.pyc(5.26 KB)
📄 monitor_client.pyo(5.26 KB)
📄 monitor_client_win32.py(1.3 KB)
📄 monitor_client_win32.pyc(2.04 KB)
📄 monitor_client_win32.pyo(2.04 KB)
📄 producers.py(9.22 KB)
📄 producers.pyc(11.36 KB)
📄 producers.pyo(11.36 KB)
📄 put_handler.py(3.25 KB)
📄 put_handler.pyc(3.43 KB)
📄 put_handler.pyo(3.43 KB)
📄 redirecting_handler.py(1.37 KB)
📄 redirecting_handler.pyc(2.11 KB)
📄 redirecting_handler.pyo(2.11 KB)
📄 resolver.py(15.19 KB)
📄 resolver.pyc(12.11 KB)
📄 resolver.pyo(12.11 KB)
📄 rpc_client.py(9.45 KB)
📄 rpc_client.pyc(10.1 KB)
📄 rpc_client.pyo(10.1 KB)
📄 rpc_server.py(9.72 KB)
📄 rpc_server.pyc(9.31 KB)
📄 rpc_server.pyo(9.31 KB)
📄 script_handler.py(6.4 KB)
📄 script_handler.pyc(6.5 KB)
📄 script_handler.pyo(6.5 KB)
📄 setup.py(496 B)
📄 setup.pyc(729 B)
📄 setup.pyo(729 B)
📄 status_handler.py(9.13 KB)
📄 status_handler.pyc(9.45 KB)
📄 status_handler.pyo(9.45 KB)
📄 unix_user_handler.py(2.26 KB)
📄 unix_user_handler.pyc(2.31 KB)
📄 unix_user_handler.pyo(2.31 KB)
📄 virtual_handler.py(1.68 KB)
📄 virtual_handler.pyc(3.09 KB)
📄 virtual_handler.pyo(3.09 KB)
📄 xmlrpc_handler.py(2.88 KB)
📄 xmlrpc_handler.pyc(3.7 KB)
📄 xmlrpc_handler.pyo(3.7 KB)

Editing: auth_handler.py

# -*- Mode: Python -*-
#
#       Author: Sam Rushing <rushing@nightmare.com>
#       Copyright 1996-2000 by Sam Rushing
#                                                All Rights Reserved.
#

RCS_ID =  '$Id: auth_handler.py,v 1.1.1.1 2006/06/26 06:36:05 chrism Exp $'

# support for 'basic' authenticaion.

import base64
import md5
import re
import string
import time
import counter

import default_handler

get_header = default_handler.get_header

import producers

# This is a 'handler' that wraps an authorization method
# around access to the resources normally served up by
# another handler.

# does anyone support digest authentication? (rfc2069)

class auth_handler:
    def __init__ (self, dict, handler, realm='default'):
        self.authorizer = dictionary_authorizer (dict)
        self.handler = handler
        self.realm = realm
        self.pass_count = counter.counter()
        self.fail_count = counter.counter()

def match (self, request):
        # by default, use the given handler's matcher
        return self.handler.match (request)

def handle_request (self, request):
        # authorize a request before handling it...
        scheme = get_header (AUTHORIZATION, request.header)

if scheme:
            scheme = string.lower (scheme)
            if scheme == 'basic':
                cookie = get_header (AUTHORIZATION, request.header, 2)
                try:
                    decoded = base64.decodestring (cookie)
                except:
                    print 'malformed authorization info <%s>' % cookie
                    request.error (400)
                    return
                auth_info = string.split (decoded, ':')
                if self.authorizer.authorize (auth_info):
                    self.pass_count.increment()
                    request.auth_info = auth_info
                    self.handler.handle_request (request)
                else:
                    self.handle_unauthorized (request)
            #elif scheme == 'digest':
            #       print 'digest: ',AUTHORIZATION.group(2)
            else:
                print 'unknown/unsupported auth method: %s' % scheme
                self.handle_unauthorized(request)
        else:
            # list both?  prefer one or the other?
            # you could also use a 'nonce' here. [see below]
            #auth = 'Basic realm="%s" Digest realm="%s"' % (self.realm, self.realm)
            #nonce = self.make_nonce (request)
            #auth = 'Digest realm="%s" nonce="%s"' % (self.realm, nonce)
            #request['WWW-Authenticate'] = auth
            #print 'sending header: %s' % request['WWW-Authenticate']
            self.handle_unauthorized (request)

def handle_unauthorized (self, request):
        # We are now going to receive data that we want to ignore.
        # to ignore the file data we're not interested in.
        self.fail_count.increment()
        request.channel.set_terminator (None)
        request['Connection'] = 'close'
        request['WWW-Authenticate'] = 'Basic realm="%s"' % self.realm
        request.error (401)

def make_nonce (self, request):
        "A digest-authentication <nonce>, constructed as suggested in RFC 2069"
        ip = request.channel.server.ip
        now = str(long(time.time()))
        if now[-1:] == 'L':
            now = now[:-1]
        private_key = str (id (self))
        nonce = string.join ([ip, now, private_key], ':')
        return self.apply_hash (nonce)

def apply_hash (self, s):
        "Apply MD5 to a string <s>, then wrap it in base64 encoding."
        m = md5.new()
        m.update (s)
        d = m.digest()
        # base64.encodestring tacks on an extra linefeed.
        return base64.encodestring (d)[:-1]

def status (self):
        # Thanks to mwm@contessa.phone.net (Mike Meyer)
        r = [
                producers.simple_producer (
                        '<li>Authorization Extension : '
                        '<b>Unauthorized requests:</b> %s<ul>' % self.fail_count
                        )
                ]
        if hasattr (self.handler, 'status'):
            r.append (self.handler.status())
        r.append (
                producers.simple_producer ('</ul>')
                )
        return producers.composite_producer(r)

class dictionary_authorizer:
    def __init__ (self, dict):
        self.dict = dict

def authorize (self, auth_info):
        [username, password] = auth_info
        if (self.dict.has_key (username)) and (self.dict[username] == password):
            return 1
        else:
            return 0

AUTHORIZATION = re.compile (
        #               scheme  challenge
        'Authorization: ([^ ]+) (.*)',
        re.IGNORECASE
        )

Hackfut Security File Manager

Editing: auth_handler.py

Upload File

Create Folder