github/bettercap
1
0
Fork 0
mirror of https://github.com/bettercap/bettercap synced 2025-07-14 09:03:39 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

new: new /api/file route for api.rest to read and write files

Browse source
This commit is contained in:
evilsocket 2019-03-19 13:29:23 +01:00
parent e1558413b2
commit 3b4432f072
No known key found for this signature in database
GPG key ID: 1564D7F30393A456
2 changed files with 62 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
modules/api_rest/api_rest.go
View file

@ -191,6 +191,7 @@ func (mod *RestAPI) Configure() error {
router.HandleFunc("/api/session/started-at", mod.sessionRoute) router.HandleFunc("/api/session/started-at", mod.sessionRoute)
router.HandleFunc("/api/session/wifi", mod.sessionRoute) router.HandleFunc("/api/session/wifi", mod.sessionRoute)
router.HandleFunc("/api/session/wifi/{mac}", mod.sessionRoute) router.HandleFunc("/api/session/wifi/{mac}", mod.sessionRoute)
router.HandleFunc("/api/file", mod.fileRoute)
mod.server.Handler = router mod.server.Handler = router

61
modules/api_rest/api_rest_controller.go
View file

@ -3,7 +3,11 @@ package api_rest
import ( import (
"crypto/subtle" "crypto/subtle"
"encoding/json" "encoding/json"
"fmt"
"io"
"io/ioutil"
"net/http" "net/http"
"os"
"strconv" "strconv"
"strings" "strings"
@ -258,6 +262,44 @@ func (mod *RestAPI) sessionRoute(w http.ResponseWriter, r *http.Request) {
} }
} }
func (mod *RestAPI) readFile(fileName string, w http.ResponseWriter, r *http.Request) {
fp, err := os.Open(fileName)
if err != nil {
msg := fmt.Sprintf("could not open %s for reading: %s", fileName, err)
mod.Debug(msg)
http.Error(w, msg, 404)
return
}
defer fp.Close()
w.Header().Set("Content-type", "application/octet-stream")
io.Copy(w, fp)
}
func (mod *RestAPI) writeFile(fileName string, w http.ResponseWriter, r *http.Request) {
data, err := ioutil.ReadAll(r.Body)
if err != nil {
msg := fmt.Sprintf("invalid file upload: %s", err)
mod.Warning(msg)
http.Error(w, msg, 404)
return
}
err = ioutil.WriteFile(fileName, data, 0666)
if err != nil {
msg := fmt.Sprintf("can't write to %s: %s", fileName, err)
mod.Warning(msg)
http.Error(w, msg, 404)
return
}
mod.toJSON(w, APIResponse{
Success: true,
Message: fmt.Sprintf("%s created", fileName),
})
}
func (mod *RestAPI) eventsRoute(w http.ResponseWriter, r *http.Request) { func (mod *RestAPI) eventsRoute(w http.ResponseWriter, r *http.Request) {
mod.setSecurityHeaders(w) mod.setSecurityHeaders(w)
@ -274,3 +316,22 @@ func (mod *RestAPI) eventsRoute(w http.ResponseWriter, r *http.Request) {
http.Error(w, "Bad Request", 400) http.Error(w, "Bad Request", 400)
} }
} }
func (mod *RestAPI) fileRoute(w http.ResponseWriter, r *http.Request) {
mod.setSecurityHeaders(w)
if !mod.checkAuth(r) {
mod.setAuthFailed(w, r)
return
}
fileName := r.URL.Query().Get("name")
if fileName != "" && r.Method == "GET" {
mod.readFile(fileName, w, r)
} else if fileName != "" && r.Method == "POST" {
mod.writeFile(fileName, w, r)
} else {
http.Error(w, "Bad Request", 400)
}
}