onionsite-bottle.py

# !/usr/bin/python
# -*- coding: UTF-8 -*-
#
##################################################################################
#
#    Copyright 2016 Félix Brezo and Yaiza Rubio (i3visio, [email protected])
#
#    This program is free software. You can redistribute it and/or modify
#    it under the terms of the GNU Affero General Public License as published by
#    the Free Software Foundation, either version 3 of the License, or
#    (at your option) any later version.
#
#    This program is distributed in the hope that it will be useful,
#    but WITHOUT ANY WARRANTY; without even the implied warranty of
#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#    GNU Affero General Public License for more details.
#
#    You should have received a copy of the GNU Affero General Public License
#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
#
##################################################################################

import os
import shutil
import json

import urllib

from stem.control import Controller
from bottle import route, run, template

# To enable response content
from bottle import response

from bottle import redirect

# To handle API
from bottle import post, get, put, delete

# Defining bottle port
BOTTLE_PORT = 5000

@route('/')
def index():
    return '''
        <script>alert("Soy un javascript... Y soy malévolo... ¡MUAHAHA!");</script>
        <h1>This! Is! Sparta!</h1>
        Pues nada, que esto es un <i>hidden service</i> de prueba.
        <small>Como siempre, este software es software libre bajo licencia <a href="https://www.gnu.org/licenses/agpl.txt">AGPLv3</a>.</small>
    '''

@route('/hola')
def sayHello():
    return '<b>¡Hola hackers!</b>Quizás quieras probar nuestra web accediendo <a href="/">aquí</a> o hablar con nosotros para que te saludemos. Si te llamas Paco, prueba <a href="/hola/paco">esto</a>.'

@route('/hola/<name>')
def sayHelloToName(name):
    return template('<b>¡Hola {{name}}</b>!', name=name)

# Defining errors:
from bottle import error

@error(404)
def error404(error):
    return template('¿Pero qué buscas? ¡Aquí no hay ná-de-ná! <br> <pre>{{error}}</pre>', error=error)

@error(500)
def error500(error):
    return template('Error interno... <br> <pre>{{error}}</pre>', error=error)

print(' * Connecting to tor')

with Controller.from_port(port=9051) as controller:
  controller.authenticate()

  # All hidden services have a directory on disk. Lets put ours in tor's data
  # directory.

  hidden_service_dir = os.path.join(controller.get_conf('DataDirectory', '/tmp'), 'hello_world')

  # Create a hidden service where visitors of port 80 get redirected to local
  # port where Bottle will be listening.

  print(" * Creating our hidden service in %s" % hidden_service_dir)
  try:
    result = controller.create_hidden_service(hidden_service_dir, 80, target_port = BOTTLE_PORT)
    # The hostname is only available when we can read the hidden service
    # directory. This requires us to be running with the same user as tor.

    if result.hostname:
        print(" * Our service is available at %s, press ctrl+c to quit" % result.hostname)
    else:
        print(" * Unable to determine our service's hostname, probably due to being unable to read the hidden service directory")

  except:
    print("Something happpened... Does it exist?")
    pass

  try:
    run(host='localhost', port=BOTTLE_PORT, debug=True)
  finally:
    # Shut down the hidden service and clean it off disk. Note that you *don't*
    # want to delete the hidden service directory if you'd like to have this
    # same *.onion address in the future.

    print(" * Shutting down our hidden service")
    controller.remove_hidden_service(hidden_service_dir)
    shutil.rmtree(hidden_service_dir)