new changes

This commit is contained in:
root 2025-01-05 17:01:37 +01:00
parent 8fb883aa40
commit e27d8f9dce
11 changed files with 374 additions and 136 deletions

View file

@ -1,20 +1,31 @@
import os, pwd
import os, pwd, re, pandas as pd
def main():
rootpath='/srv/darknet-onion-webring/'
urlpath=pwd.getpwuid(os.getuid()).pw_dir+"/.darknet_participant_url"
print(urlpath)
isitvalid="n"
#print(urlpath)
#check if ~/.darknet_participant_url exists,
# check if ~/.darknet_participant_url exists,
# if exists, instance= the content of ~/.darknet_participant_url (which is the url: such as uptime.nowherejez...onion)
isitvalid="n"
while isitvalid != "y":
if os.path.isfile(urlpath):
with open(urlpath) as f:
instance = f.read()
# TODO check if the instance URL domain is valid
instance = f.read().rstrip()
# check if the instance URL domain is valid
#print(urlpath,instance)
if IsOnionValid(instance):
print("[+] Instance Name: ",instance,IsOnionValid(instance))
else:
print('[-] Invalid instance name in ~/.darknet_participant_url:', instance)
return False
instancepath=rootpath+'www/participants/'+instance
verifiedcsvfile=instancepath+'/verified.csv'
vdf = pd.read_csv(verifiedcsvfile)
unverifiedcsvfile=instancepath+'/unverified.csv'
uvdf = pd.read_csv(unverifiedcsvfile)
#df = pd.read_csv(csvfile)
print("[+] file exists, your Webring URL is ", instance)
isitvalid = "y"
else:
@ -23,112 +34,207 @@ def main():
instance = input("What is your Instance domain ? (ex: uptime.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion):")
instancepath=rootpath+'www/participants/'+instance
# TODO check if the instance URL domain is valid
if IsOnionValid(instance):
print("[+] Instance Name: ",instance,IsUrlValid(instance))
else:
print('[-] Invalid instance name in ~/.darknet_participant_url:', instance)
return False
# ask the user if the instance URL is valid ?
print()
print(instance)
isitvalid=input("Is your this your instance domain ?")
isitvalid=input("Is this your this your instance domain ? (y/n)")
# if yes, then write it into ~/.darknet_participant_url
if isitvalid != "y" :
if isitvalid == "y" :
print("OK writing the instance url to ~/.darknet_participants_url")
with open(urlpath, "w") as file:
file.write(instance)
print("[+] file written, let's read it")
f = open(urlpath,"r")
print(f.read())
print("[+] Initial Setup Completed!")
print("[+] Welcome to the Darknet Onion Webring, where you are exploring the Darknet and helping others do the same.")
print("""
1) Add a new entry (into unverified.csv)
2) Verify an entry (move an entry from unverified to verified.csv)
3) Add a new webring participant (and download their files into their directory (without trusting them yet!))
4) Trust a webring participant (Potentially dangerous)
5) Add/Remove words in the sensitive list (ex: drug)
6) Add/Remove words in the blacklist (ex: porn)
""")
option = input("Select Option? (1-4)")
print(option)
match option:
case "1":
print("[+] Add a new Entry (into unverified.csv)")
# ask for the following:
unverifiedpath=instancepath+'/unverified.csv'
# the name of the website (required) + check if its valid
entry_name = input("What is the Website name ?")
# the url of the website (required) + check if its valid
entry_url = input("What is URL of the Website ? (ex: https://torproject.org or http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion")
# a quick description (optional) + check if its valid
entry_url = input("(Optional) Description of the website ? (max 256 characters) (press enter to skip)"
# sensitive ? (y/n) + check if its valid
entry_url = input("is it a sensitive website ? (ex: website related to drugs)"
print("[+] file written, let's read it")
f = open(urlpath,"r")
print(f.read())
print("[+] Initial Setup Completed!")
while True:
print("[+] Welcome to the Darknet Onion Webring, where you are exploring the Darknet and helping others do the same.")
print("""
Websites:
1) Add a new Website entry (into unverified.csv)
2) Trust a Website entry (move an entry from unverified to verified.csv)
3) Untrust a Website entry (move an entry from unverified to verified.csv)
Webring Participants:
4) Add a new webring participant (and download their files into their directory (without trusting them yet!))
5) Trust a webring participant (Potentially dangerous)
6) Untrust a webring participant
7) Remove a webring participant
Wordlists:
8) Add/Remove words in the sensitive list (ex: drug)
9) Add/Remove words in the blacklist (ex: porn)
0) Exit
""")
option = input("Select Option? (0-6)")
print(option)
match option:
########## MANAGING WEBSITE ENTRIES #################
case "1":
print("\n[+] Add a new Website entry (into unverified.csv)")
name=''
while(IsNameValid(name) is not True):
name = input("What is the Website name ? ")
category=''
while(IsCategoryValid(category) is not True):
category = input("What is the website Category ? ")
# the url of the website (required) + check if its valid
#entry_url = input("What is URL of the Website ? (ex: https://torproject.org or http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion)")
url=''
while(IsUrlValid(url) is not True):
url=input("What is the website URL ? ")
# a quick description (optional) + check if its valid
#entry_desc = input("(Optional) Description of the website ? (max 256 characters) (press enter to skip)")
#desc="This is a new website that we add, it has this description"
desc='DEFAULT'
while(IsDescriptionValid(desc) is not True):
desc=input("Description for the website ? (Optional)")
# sensitive ? (y/n) + check if its valid
#entry_sensi = input("is it a sensitive website ? (ex: website related to drugs) (y/n)")
sensi = ''
while(IsStatusValid(sensi) is not True):
sensi=input("Is this website sensitive (ex: related to drugs) ? (y/n)")
newrow=[instance,category,name,url,sensi,desc,'','']
print("[+] NEWROW=",newrow)
# (rest is automatic: status, score, instance is = '' because it is your own instance)
# check if the entry doesn't already exist in verified.csv and in unverified.csv
# if it doesnt exist, add it into unverified.csv
uvdf.loc[-1] = newrow # adding a row
uvdf.index = uvdf.index + 1 # shifting index
uvdf = uvdf.sort_index() # sorting by index
print("[+] New row added! now writing the csv file:")
uvdf.to_csv(unverifiedcsvfile, index=False)
case "2":
print("[+] Verify an entry (move an entry from unverified.csv to verified.csv)")
# search for a word
searchterm = input("What is the Website name ?")
# and display only the matching entries in an array format (display it in CLI).
# Each of the rows must have an index,
# prompt the user to ask for with row they want to move to verified.csv
searchterm = input("What is the index of the entry that you want to move to verified.csv ?")
# once selected, it must be able to print that row, and:
# append it into verified.csv
# remove it from unverified.csv
# print("[+] completed! You are now listing [name] (url) (sensitive)")
case "3":
print("[+] Add a new webring participant (and download their files into their directory (without trusting them yet!))")
# ask for the url to the other webring participant
webring_participant_url = input("What is URL of the new webring participant? (ex: https://torproject.org or http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion")
# check if the (onion only) url is valid or not: at http://URL.onion/participants/URL.onion/{verified.csv,unverified.csv,sensitive.csv,blacklist.csv,webring-participants.csv}
case "4":
print("[+] Trust a webring participant (Potentially dangerous)")
# list the existing webring participants from webring-participants.csv and
# ask the user to pick the index (0-9?) of the instance to trust
# if index is valid, then mark the instance as trusted in webring-participants.csv
searchterm = input("What is the index of the entry that you want to trust ?")
case "5":
print("[+] Add/Remove words in the sensitive list (ex: drug)")
print("do you want to 1) add words or 2) remove words ?")
option="0"
done = False
while(done == False):
while option not any((1,2,"exit")):
option=input("do you want to 1) add words or 2) remove words ? (type exit to exit)")
# display the contents of sensitive.csv file
if option == 1:
word=input("which word do you want to add? (write 0 to exit")
if word == "0":
done = True
#True to get out of the while loop
else
print("checking if word is valid")
#check if word is valid in a while loop (dont check if
# if invalid! remove word at index
case "2":
print("[+] Trust a Website entry (move an entry from unverified to verified.csv)")
# search for a word
name=''
while(IsNameValid(name) is not True):
name = input("What is the Website name you want to verify ? (ex: Nowhere)")
filter_uvdf = uvdf[uvdf.Name.str.contains(name)]
# and display only the matching entries in unverified.csv in an array format (display it in CLI).
print(filter_uvdf[['Name','URL']])
# check if there are no results, dont proceed if there are none!
if filter_uvdf.size == 0:
print("ERROR no results, skipping.")
else:
index=input("which word do you want to remove? (index 0 to (max index) (write exit to exit)")
if index == "exit":
done = True
#True to get out of the while loop
else
print("checking if index is valid")
#check if index is valid or not
# if valid! remove word at index
# if invalid! just pass to ask for another word
# Each of the rows has an index,
index=-1
while (index not in filter_uvdf.index):
# prompt the user to ask for with row they want to move to verified.csv
index = int(input("What is the index of the entry that you want to move to verified.csv ? (ex: 3) "))
# once selected, it must be able to SAVE and print that row:
print(uvdf.iloc[index].values)
newrow=uvdf.iloc[index].values
case "6":
print("[+] Add/Remove words in the blacklist list (ex: porn)")
# copy option 5
# print("do you want to 1) add words or 2) remove words ?")
# display the contents of blacklist.csv file
# append it into verified.csv
vdf.loc[-1] = newrow # adding a row
vdf.index = vdf.index + 1 # shifting index
vdf = vdf.sort_index() # sorting by index
vdf.to_csv(verifiedcsvfile, index=False)
print("[+] New row added to verified.csv! now writing to the csv")
# remove it from unverified.csv
uvdf.drop(index, inplace= True)
uvdf.to_csv(unverifiedcsvfile, index=False)
print("[+] Link is now moved to verified.csv!")
case "3":
# TODO
print("[+] Untrust a Website entry (move an entry from verified to unverified.csv)")
####### MANAGING WEBRING PARTICIPANTS ###########
# 4) Add a new webring participant (and download their files into their directory (without trusting them yet!))
# 5) Trust a webring participant (Potentially dangerous)
# 6) Untrust a webring participant
# 7) Remove a webring participant
#####################################################
case "4":
print("[+] Add a new webring participant (and download their files into their directory (without trusting them yet!))")
# TODO ask for the url to the other webring participant
webring_participant_url = input("What is URL of the new webring participant? (ex: https://torproject.org or http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion")
# TODO check if the (onion only) url is valid or not: at http://URL.onion/participants/URL.onion/{verified.csv,unverified.csv,sensitive.csv,blacklist.csv,webring-participants.csv}
# TODO if OK then add it to the webring-participants.csv file
case _:
print("[-] ERROR, incorrect input")
case "5":
print("[+] Trust a webring participant (Potentially dangerous)")
# TODO list the existing webring participants from webring-participants.csv and
# TODO ask the user to pick the index (0-9?) of the instance to trust
# TODO if index is valid, then mark the instance as trusted in webring-participants.csv
searchterm = input("What is the index of the entry that you want to trust ?")
case "6":
# TODO
print("[+] Untrust a webring participant")
case "7":
# TODO
print("[+] Remove a webring participant")
################### MANAGING WORDLISTS #################
#Wordlists:
# 8) Add/Remove words in the sensitive list (ex: drug)
# 9) Add/Remove words in the blacklist (ex: porn)
# 0) Exit
#########################################################
case "8":
print("[+] Add/Remove words in the sensitive list (ex: drug)")
print("do you want to 1) add words or 2) remove words ?")
option="0"
done = False
while(done == False):
while option != "1" and option != "2" and option != "exit":
option=input("do you want to 1) add words or 2) remove words ? (type exit to exit)")
# TODO display the contents of sensitive.csv file
if option == 1:
word=input("which word do you want to add? (write 0 to exit")
if word == "0":
done = True
#True to get out of the while loop
else:
print("checking if word is valid")
# TODO check if word is valid in a while loop (dont check if
# TODO if invalid! remove word at index
else:
index=input("which word do you want to remove? (index 0 to (max index) (write exit to exit)")
if index == "exit":
done = True
#True to get out of the while loop
else:
print("checking if index is valid")
# TODO check if index is valid or not
# TODO if valid! remove word at index
# TODO if invalid! just pass to ask for another word
case "9":
print("[+] Add/Remove words in the blacklist list (ex: porn)")
# TODO copy option 5
# TODO print("do you want to 1) add words or 2) remove words ?")
# TODO display the contents of blacklist.csv file
case _:
print("[-] Exiting")
return True
#### PROTECTIONS AGAINST MALICIOUS CSV INPUTS ####
@ -168,7 +274,7 @@ def IsOnionValid(url: str)-> bool:
print("Domain not valid")
return False
else:
print("URL doesn't start http")
#print("URL doesn't start http")
if pattern.fullmatch(url) is not None:
if len(url.split('.')) > 3:
n_subdomians = len(url.split('.'))
@ -205,11 +311,11 @@ def IsUrlValid(url:str)->bool:
return IsOnionValid(url)
else:
if not url.__contains__('.'):
print("No (DOT) in url")
print("No (DOT) in clearnet url")
return False
if pattern.fullmatch(url) is None:
print('Url contains invalid chars')
return False
if pattern.fullmatch(url) is None:
print('Url contains invalid chars')
return False
return True
def IsStatusValid(status: str)-> bool:
@ -219,13 +325,14 @@ def IsStatusValid(status: str)-> bool:
# check if the characters are only [vx] with maximum 1 chars max
# if OK return True
#if not : return False
pattern = ['v','x']
pattern = ['y','n']
if len(status) != 1:
print("Got more than one character or nothing.")
return False
elif (status not in pattern):
print("Got an invalid character")
print("Got an invalid character it must be either y or n")
return False
return True
def IsDescriptionValid(desc:str)->bool:
@ -238,8 +345,8 @@ def IsDescriptionValid(desc:str)->bool:
#if not : return False
pattern = re.compile("^[A-Za-z0-9-.,' ]+$")
desc.strip()
if pattern.fullmatch(desc) is None:
print('Got an empty desc or invalid chars')
# empty description is fine as it's optional
if desc == "DEFAULT":
return False
elif len(desc) > 256:
print("desc is greater than 256 chars")
@ -258,7 +365,7 @@ def IsCategoryValid(categories: list)-> bool:
for category in categories:
category.strip()
if pattern.fullmatch(category) is None:
print('Got an empty list or invalid chars')
#print('Got an empty list or invalid chars')
return False
elif len(category) > 64:
print('Category is too long')
@ -276,7 +383,7 @@ def IsNameValid(name: str)->bool:
pattern = re.compile("^[A-Za-z0-9 ]+$")
name = name.strip()
if (pattern.fullmatch(name) is None):
print("Got an invalid character or nothing")
#print("Got an invalid character or nothing")
return False
elif len(name) > 64:
print(f'Got a name lenght greater than 64. {len(name)}')