Fork: 0
0xRoM / DirtyScripts
Transfer to URL with SHA Find file
Newer
Older
DirtyScripts / htb_client.py
0xRoM on 4 Oct 5 KB HTB2Trilium fixed
Raw Blame History 
  1. import requests
  2. import warnings
  3.  
  4. warnings.filterwarnings("ignore")
  5.  
  6. class HTBClient:
  7.     def __init__(self, password):
  8.         self.password = password
  9.         self.base_url = 'https://labs.hackthebox.com/api/v4'
  10.         self.proxies = {
  11.             #"http": "http://127.0.0.1:8080",  # Burp proxy for HTTP traffic
  12.             #"https": "http://127.0.0.1:8080"  # Burp proxy for HTTPS traffic
  13.         }
  14.         # Fetch user info
  15.         self.user = self.get_user_info()
  16.         
  17.         # Fetch user stats and store them in self.user
  18.         user_owns, root_owns, respects = self.get_user_stats(self.user['id'])
  19.         self.user['user_owns'] = user_owns
  20.         self.user['root_owns'] = root_owns
  21.         self.user['respects'] = respects
  22.  
  23.     def get_user_info(self):
  24.         headers = {
  25.             "Authorization": f"Bearer {self.password}",
  26.             "User-Agent": None  # Explicitly remove User-Agent
  27.         }
  28.         response = requests.get(
  29.             f'{self.base_url}/user/info', 
  30.             headers=headers, 
  31.             proxies=self.proxies,
  32.             verify=False  # Disable SSL verification
  33.         )
  34.         if response.status_code != 200:
  35.             raise Exception(f"Error fetching {self.base_url}/user/info user info: {response.status_code}, {response.text}")
  36.         
  37.         # Return the user info as a dictionary
  38.         data = response.json().get('info')
  39.         return {'id': data['id'], 'name': data['name'], 'email': data['email']}
  40.  
  41.     def get_user_stats(self, user_id):
  42.         headers = {
  43.             "Authorization": f"Bearer {self.password}",
  44.             "User-Agent": None  # Explicitly remove User-Agent
  45.         }
  46.         response = requests.get(
  47.             f'{self.base_url}/user/profile/basic/{user_id}', 
  48.             headers=headers, 
  49.             proxies=self.proxies,
  50.             verify=False  # Disable SSL verification
  51.         )
  52.         if response.status_code != 200:
  53.             raise Exception(f"Error fetching user stats: {response.status_code}, {response.text}")
  54.         
  55.         # Extract user statistics from the response
  56.         data = response.json().get('profile')
  57.         user_owns = data['user_owns']
  58.         root_owns = data['system_owns']
  59.         respects = data['respects']
  60.         return user_owns, root_owns, respects
  61.  
  62.     def get_active_machines(self):
  63.         machines = []
  64.         seen_ids = set()  # Track unique machine IDs
  65.         seen_names = set()  # Track unique machine names
  66.         page = 1
  67.  
  68.         while True:
  69.             response = requests.get(
  70.                 f'{self.base_url}/machine/paginated?per_page=100&page={page}',
  71.                 headers={
  72.                     "Authorization": f"Bearer {self.password}",
  73.                     "User-Agent": None  # Explicitly remove User-Agent
  74.                 },
  75.                 proxies=self.proxies,
  76.                 verify=False  # Disable SSL verification
  77.             )
  78.  
  79.             if response.status_code != 200:
  80.                 raise Exception(f"Error fetching active machines: {response.status_code}, {response.text}")
  81.  
  82.             data = response.json()
  83.             for machine in data['data']:
  84.                 if machine['id'] not in seen_ids and machine['name'] not in seen_names:
  85.                     machines.append(machine)
  86.                     seen_ids.add(machine['id'])
  87.                     seen_names.add(machine['name'])
  88.  
  89.             # Check for pagination
  90.             if page >= data['meta']['last_page']:
  91.                 break
  92.             page += 1
  93.         
  94.         return machines
  95.  
  96.     def get_retired_machines(self):
  97.         machines = []
  98.         seen_ids = set()  # Track unique machine IDs
  99.         seen_names = set()  # Track unique machine names
  100.         page = 1
  101.  
  102.         while True:
  103.             response = requests.get(
  104.                 f'{self.base_url}/machine/list/retired/paginated?per_page=100&page={page}',
  105.                 headers={
  106.                     "Authorization": f"Bearer {self.password}",
  107.                     "User-Agent": None  # Explicitly remove User-Agent
  108.                 },
  109.                 proxies=self.proxies,
  110.                 verify=False  # Disable SSL verification
  111.             )
  112.  
  113.             if response.status_code != 200:
  114.                 raise Exception(f"Error fetching retired machines: {response.status_code}, {response.text}")
  115.  
  116.             data = response.json()
  117.             for machine in data['data']:
  118.                 if machine['id'] not in seen_ids and machine['name'] not in seen_names:
  119.                     machines.append(machine)
  120.                     seen_ids.add(machine['id'])
  121.                     seen_names.add(machine['name'])
  122.  
  123.             # Check for pagination
  124.             if page >= data['meta']['last_page']:
  125.                 break
  126.             page += 1
  127.         
  128.         return machines
  129.  
  130.     def get_all_machines(self):
  131.         # Combine active and retired machines, ensuring no duplicates
  132.         active_machines = self.get_active_machines()
  133.         retired_machines = self.get_retired_machines()
  134.  
  135.         all_machines = active_machines + retired_machines
  136.         seen_ids = set()  # Track unique machine IDs
  137.         seen_names = set()  # Track unique machine names
  138.         unique_machines = []
  139.  
  140.         for machine in all_machines:
  141.             if machine['id'] not in seen_ids and machine['name'] not in seen_names:
  142.                 unique_machines.append(machine)
  143.                 seen_ids.add(machine['id'])
  144.                 seen_names.add(machine['name'])
  145.  
  146.         return unique_machines
Buy Me A Coffee