xml rpc library for sending signed data
Project description
signed_xmlrpc - Send signed XML RPC Requests
signed_xmlrpc is a python library send signed xml rpc requests.
This library can be used in cyber defense exercises when communication with a compromised server and using credentials like usernames and passwords is not possible, because an attacker can use those to compromise more services and servers.
:warning: do not use this library in proiduction environments!
Installation
pip install signed_xmlrpc
Create Key Pair
At this time, the ecdsa library (https://pypi.org/project/ecdsa/) is used to handle signature verification.
from ecdsa import SigningKey
sk = SigningKey.generate()
# private_key
print(base64.b64encode(sk.to_string()))
# public_key
print(base64.b64encode(sk.verifying_key.to_string()))
Example Server
import base64
from ecdsa import VerifyingKey
from signed_xmlrpc.server import SignedXMLRPCServer, SignedRequestHandler
public_key = b'dmTk8IGtxQBC4lPuk9tXUIJqbiz4G01qLEzmt5Fmh9AkpqOWwcSyyVeDczrhGWe7'
# if the signature is not required, the standard python xmlrpc library can be used as client
SignedRequestHandler.REQUIRE_SIGNATURE = True
SignedXMLRPCServer(
VerifyingKey.from_string(base64.b64decode(public_key)),
('0.0.0.0', 8081)
).serve_forever()
Example Client
import base64
from ecdsa import SigningKey
from signed_xmlrpc.client import SigningTransport
import xmlrpc
private_key = b'BxbHQpNKpwKmYOs1RDSMg1vkIYsTTP3o'
server = xmlrpc.client.ServerProxy(
'http://127.0.0.1:8081',
transport=SigningTransport(
private_key=SigningKey.from_string(
base64.b64decode(private_key)
)
)
)
print(server.ping())
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file signed_xmlrpc-0.0.1.tar.gz.
File metadata
- Download URL: signed_xmlrpc-0.0.1.tar.gz
- Upload date:
- Size: 4.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.23.0 setuptools/40.8.0 requests-toolbelt/0.9.1 tqdm/4.46.0 CPython/3.7.5
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
d867bc5ae940586339d802314729cba7b9e34252e6e199c88a2709efdcc9b9da
|
|
| MD5 |
7a3748a3d9cd62222cff7d3b07814b44
|
|
| BLAKE2b-256 |
7ebc2a8e759033b911c3a2716996d780712e757a50b45fc4c03026cd9c78bd79
|
File details
Details for the file signed_xmlrpc-0.0.1-py3-none-any.whl.
File metadata
- Download URL: signed_xmlrpc-0.0.1-py3-none-any.whl
- Upload date:
- Size: 17.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.23.0 setuptools/40.8.0 requests-toolbelt/0.9.1 tqdm/4.46.0 CPython/3.7.5
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
8e2ea3515080e6b2523385b5c014818ddd4d4254280d85f5366bb66aa6b3fe29
|
|
| MD5 |
c28ad3bdc4bdc8b2cfe5bc8f1909453c
|
|
| BLAKE2b-256 |
962f506da6ef97c8e62eb9e60e96b1eca9f8b9e379dcd07042c7abc65f27024a
|
