Fork: 0
0xRoM / htb2trilium
Transfer to URL with SHA Find file
Newer
Older
htb2trilium / htb_client.py
0xRoM on 6 Oct 7 KB initial commit
Raw Blame History 
  1. import requests
  2. import warnings
  3.  
  4. warnings.filterwarnings("ignore")
  5.  
  6. class HTBClient:
  7.     def __init__(self, password):
  8.         self.password = password
  9.         self.base_url = 'https://labs.hackthebox.com/api/v4'
  10.         self.proxies = {
  11.             #"http": "http://127.0.0.1:8080",  # Burp proxy for HTTP traffic
  12.             #"https": "http://127.0.0.1:8080"  # Burp proxy for HTTPS traffic
  13.         }
  14.         # Fetch user info
  15.         self.user = self.get_user_info()
  16.         
  17.         # Fetch user stats and store them in self.user
  18.         user_owns, root_owns, respects = self.get_user_stats(self.user['id'])
  19.         self.user['user_owns'] = user_owns
  20.         self.user['root_owns'] = root_owns
  21.         self.user['respects'] = respects
  22.  
  23.     def get_user_info(self):
  24.         headers = {
  25.             "Authorization": f"Bearer {self.password}",
  26.             "User-Agent": None  # Explicitly remove User-Agent
  27.         }
  28.         response = requests.get(
  29.             f'{self.base_url}/user/info', 
  30.             headers=headers, 
  31.             proxies=self.proxies,
  32.             verify=False  # Disable SSL verification
  33.         )
  34.         if response.status_code != 200:
  35.             raise Exception(f"Error fetching {self.base_url}/user/info user info: {response.status_code}, {response.text}")
  36.         
  37.         # Return the user info as a dictionary
  38.         data = response.json().get('info')
  39.         return {'id': data['id'], 'name': data['name'], 'email': data['email']}
  40.  
  41.     def get_user_stats(self, user_id):
  42.         headers = {
  43.             "Authorization": f"Bearer {self.password}",
  44.             "User-Agent": None  # Explicitly remove User-Agent
  45.         }
  46.         response = requests.get(
  47.             f'{self.base_url}/user/profile/basic/{user_id}', 
  48.             headers=headers, 
  49.             proxies=self.proxies,
  50.             verify=False  # Disable SSL verification
  51.         )
  52.         if response.status_code != 200:
  53.             raise Exception(f"Error fetching user stats: {response.status_code}, {response.text}")
  54.         
  55.         # Extract user statistics from the response
  56.         data = response.json().get('profile')
  57.         user_owns = data['user_owns']
  58.         root_owns = data['system_owns']
  59.         respects = data['respects']
  60.         return user_owns, root_owns, respects
  61.  
  62.     def get_active_machines(self):
  63.         machines = []
  64.         seen_ids = set()  # Track unique machine IDs
  65.         seen_names = set()  # Track unique machine names
  66.         page = 1
  67.  
  68.         while True:
  69.             response = requests.get(
  70.                 f'{self.base_url}/machine/paginated?per_page=100&page={page}',
  71.                 headers={
  72.                     "Authorization": f"Bearer {self.password}",
  73.                     "User-Agent": None  # Explicitly remove User-Agent
  74.                 },
  75.                 proxies=self.proxies,
  76.                 verify=False  # Disable SSL verification
  77.             )
  78.  
  79.             if response.status_code != 200:
  80.                 raise Exception(f"Error fetching active machines: {response.status_code}, {response.text}")
  81.  
  82.             data = response.json()
  83.             for machine in data['data']:
  84.                 if machine['id'] not in seen_ids and machine['name'] not in seen_names:
  85.                     machines.append(machine)
  86.                     seen_ids.add(machine['id'])
  87.                     seen_names.add(machine['name'])
  88.  
  89.             # Check for pagination
  90.             if page >= data['meta']['last_page']:
  91.                 break
  92.             page += 1
  93.         
  94.         return machines
  95.  
  96.     def get_retired_machines(self):
  97.         machines = []
  98.         seen_ids = set()  # Track unique machine IDs
  99.         seen_names = set()  # Track unique machine names
  100.         page = 1
  101.  
  102.         while True:
  103.             response = requests.get(
  104.                 f'{self.base_url}/machine/list/retired/paginated?per_page=100&page={page}',
  105.                 headers={
  106.                     "Authorization": f"Bearer {self.password}",
  107.                     "User-Agent": None  # Explicitly remove User-Agent
  108.                 },
  109.                 proxies=self.proxies,
  110.                 verify=False  # Disable SSL verification
  111.             )
  112.  
  113.             if response.status_code != 200:
  114.                 raise Exception(f"Error fetching retired machines: {response.status_code}, {response.text}")
  115.  
  116.             data = response.json()
  117.             for machine in data['data']:
  118.                 if machine['id'] not in seen_ids and machine['name'] not in seen_names:
  119.                     machines.append(machine)
  120.                     seen_ids.add(machine['id'])
  121.                     seen_names.add(machine['name'])
  122.  
  123.             # Check for pagination
  124.             if page >= data['meta']['last_page']:
  125.                 break
  126.             page += 1
  127.         
  128.         return machines
  129.  
  130.     def get_all_machines(self):
  131.         # Combine active and retired machines, ensuring no duplicates
  132.         active_machines = self.get_active_machines()
  133.         retired_machines = self.get_retired_machines()
  134.  
  135.         all_machines = active_machines + retired_machines
  136.         seen_ids = set()  # Track unique machine IDs
  137.         seen_names = set()  # Track unique machine names
  138.         unique_machines = []
  139.  
  140.         for machine in all_machines:
  141.             if machine['id'] not in seen_ids and machine['name'] not in seen_names:
  142.                 unique_machines.append(machine)
  143.                 seen_ids.add(machine['id'])
  144.                 seen_names.add(machine['name'])
  145.  
  146.         return unique_machines
  147.  
  148.     def get_all_challenges(self):
  149.         challenges = []
  150.         seen_ids = set()  # Track unique machine IDs
  151.         seen_names = set()  # Track unique machine names
  152.         page = 1
  153.  
  154.         while True:
  155.             response = requests.get(
  156.                 f'{self.base_url}/challenges?per_page=100&page={page}',
  157.                 headers={
  158.                     "Authorization": f"Bearer {self.password}",
  159.                     "User-Agent": None  # Explicitly remove User-Agent
  160.                 },
  161.                 proxies=self.proxies,
  162.                 verify=False  # Disable SSL verification
  163.             )
  164.  
  165.             if response.status_code != 200:
  166.                 raise Exception(f"Error fetching challenges: {response.status_code}, {response.text}")
  167.  
  168.             data = response.json()
  169.             for challenge in data['data']:
  170.                 if challenge['id'] not in seen_ids and challenge['name'] not in seen_names:
  171.                     challenges.append(challenge)
  172.                     seen_ids.add(challenge['id'])
  173.                     seen_names.add(challenge['name'])
  174.  
  175.             # Check for pagination
  176.             if page >= data['meta']['last_page']:
  177.                 break
  178.             page += 1
  179.         
  180.         return challenges
  181.  
  182.     def get_all_sherlocks(self):
  183.         sherlocks = []
  184.         seen_ids = set()  # Track unique machine IDs
  185.         seen_names = set()  # Track unique machine names
  186.         page = 1
  187.  
  188.         while True:
  189.             response = requests.get(
  190.                 f'{self.base_url}/sherlocks?per_page=100&page={page}',
  191.                 headers={
  192.                     "Authorization": f"Bearer {self.password}",
  193.                     "User-Agent": None  # Explicitly remove User-Agent
  194.                 },
  195.                 proxies=self.proxies,
  196.                 verify=False  # Disable SSL verification
  197.             )
  198.  
  199.             if response.status_code != 200:
  200.                 raise Exception(f"Error fetching sherlocks: {response.status_code}, {response.text}")
  201.  
  202.             data = response.json()
  203.             for sherlock in data['data']:
  204.                 if sherlock['id'] not in seen_ids and sherlock['name'] not in seen_names:
  205.                     sherlocks.append(sherlock)
  206.                     seen_ids.add(sherlock['id'])
  207.                     seen_names.add(sherlock['name'])
  208.  
  209.             # Check for pagination
  210.             if page >= data['meta']['last_page']:
  211.                 break
  212.             page += 1
  213.         
  214.         return sherlocks
Buy Me A Coffee