diff --git a/pbincli/actions.py b/pbincli/actions.py index 8a02dc0..8240e4c 100644 --- a/pbincli/actions.py +++ b/pbincli/actions.py @@ -1,4 +1,3 @@ -from sys import exit from pbincli.format import Paste def send(args, api_client): @@ -77,7 +76,7 @@ def get(args, api_client): try: pasteid, passphrase = args.pasteinfo.split("#") - except ValueError as err: + except: print("PBinCLI error: provided info hasn't contain valid PasteID#Passphrase string") exit(1) @@ -123,7 +122,7 @@ def get(args, api_client): check_writable(filename) with open(filename, "wb") as f: f.write(text) - f.close + f.close() attachment, attachment_name = paste.getAttachment() @@ -133,7 +132,7 @@ def get(args, api_client): check_writable(attachment_name) with open(attachment_name, "wb") as f: f.write(attachment) - f.close + f.close() if version == 1 and 'meta' in result and 'burnafterreading' in result['meta'] and result['meta']['burnafterreading']: print("Burn afrer reading flag found. Deleting paste...") diff --git a/pbincli/api.py b/pbincli/api.py index 19846d9..666dfeb 100644 --- a/pbincli/api.py +++ b/pbincli/api.py @@ -19,8 +19,8 @@ class PrivateBin: try: return result.json() - except ValueError as e: - print("ERROR: Unable parse response as json. Received (size = {}):\n".format(len(result.text), result.text)) + except: + print("ERROR: Unable parse response as json. Received (size = {}):\n{}".format(len(result.text), result.text)) exit(1) @@ -40,8 +40,9 @@ class PrivateBin: headers = self.headers, proxies = self.proxy, data = request).json() - except ValueError as e: + except: # unable parse response as json because it can be empty (1.2), so simulate correct answer + print("NOTICE: Received empty response. We interpret that as our paste has already been deleted.") from json import loads as json_loads result = json_loads('{"status":0}') diff --git a/pbincli/format.py b/pbincli/format.py index e5c508b..f076282 100644 --- a/pbincli/format.py +++ b/pbincli/format.py @@ -31,7 +31,7 @@ class Paste: def setPassword(self, password): self._password = password - + def setText(self, text): self._text = text @@ -89,17 +89,18 @@ class Paste: return b64encode(self._key).decode() - def setHash(self, hash): + def setHash(self, passphrase): if self._version == 2: from base58 import b58decode - self._key = b58decode(hash) + self._key = b58decode(passphrase) else: - self._key = b64decode(hash) + self._key = b64decode(passphrase) def __deriveKey(self, salt): from Crypto.Protocol.KDF import PBKDF2 from Crypto.Hash import HMAC, SHA256 + # Key derivation, using PBKDF2 and SHA256 HMAC return PBKDF2( self._key + self._password.encode(), @@ -116,12 +117,15 @@ class Paste: @classmethod def __initializeCipher(self, key, iv, adata): from pbincli.utils import json_encode + cipher = AES.new(key, AES.MODE_GCM, nonce=iv, mac_len=CIPHER_TAG_BYTES) cipher.update(json_encode(adata)) return cipher def __preparePassKey(self): + from hashlib import sha256 + if self._password: digest = sha256(self._password.encode("UTF-8")).hexdigest() return b64encode(self._key) + digest.encode("UTF-8") @@ -243,7 +247,6 @@ class Paste: self._data = {'v':2,'adata':adata,'ct':b64encode(ciphertext + tag).decode(),'meta':{'expire':expiration}} else: - from hashlib import sha256 from sjcl import SJCL self._data = {'expire':expiration,'formatter':formatter,'burnafterreading':int(burnafterreading),'opendiscussion':int(discussion)} diff --git a/pbincli/utils.py b/pbincli/utils.py index 4c36664..5f80ee2 100644 --- a/pbincli/utils.py +++ b/pbincli/utils.py @@ -1,5 +1,4 @@ import json, ntpath, os -from base64 import b64encode, b64decode class PBinCLIException(Exception): pass