def get_transfer_handler(self, inbound_port=None): ''' Perform an extrusion scan and return a handler that will know how to upload files to the remote end. If the caller sends an inbound_port, don't perform an extrusion scan, just trust him and use that port. :param inbound_port: The port that we should use for reverse connections :return: An object with a "transfer" method, which can be called by the user in order to upload files. ''' os = os_detection_exec(self._exec_method) if os == 'windows': echo_transfer = EchoWindows(self._exec_method, os) elif os == 'linux': echo_transfer = EchoLinux(self._exec_method, os) to_test = [] to_test.append(echo_transfer) try: if not inbound_port: inbound_port = self._es.get_inbound_port() except w3afException, w3: msg = 'The extrusion scan failed, no reverse connect transfer methods' msg += ' can be used. Trying inband echo transfer method. Error: "%s"' om.out.error(msg % w3)
def get_delayed_execution_handler(self): os = os_detection_exec(self._exec_method) if os == 'windows': return atHandler(self._exec_method) elif os == 'linux': return crontabHandler(self._exec_method) else: raise w3afException( 'Failed to create a delayed execution handler.')
def get_virtual_daemon(exec_method): ''' Uses the exec_method to run remote commands and determine what's the remote OS is, and based on that info, it returns the corresponding virtual daemon. ''' try: os = os_detection_exec(exec_method) except w3afException, w3: raise w3
def _identify_os(self): ''' Identify the remote operating system and get some remote variables to show to the user. ''' self._rOS = os_detection_exec(self.execute) if self._rOS == 'linux': self._rUser = self.execute('whoami').strip() self._rSystem = self.execute('uname -o -r -n -m -s').strip() self._rSystemName = self.execute('uname -n').strip() elif self._rOS == 'windows': self._rUser = self.execute('echo %USERDOMAIN%\%USERNAME%').strip() self._rSystem = self.execute( 'echo %COMPUTERNAME% - %OS% - %PROCESSOR_IDENTIFIER%').strip() self._rSystemName = self.execute('echo %COMPUTERNAME%').strip()
def _identify_os(self): ''' Identify the remote operating system and get some remote variables to show to the user. ''' self._rOS = os_detection_exec(self.execute) if self._rOS == 'linux': self._rUser = self.execute('whoami').strip() self._rSystem = self.execute('uname -o -r -n -m -s').strip() self._rSystemName = self.execute('uname -n').strip() elif self._rOS == 'windows': self._rUser = self.execute('echo %USERDOMAIN%\%USERNAME%').strip() self._rSystem = self.execute( 'echo %COMPUTERNAME% - %OS% - %PROCESSOR_IDENTIFIER%').strip() self._rSystemName = self.execute('echo %COMPUTERNAME%').strip()
def __init__( self, exec_method, forceReRun=False, tcpPortList=[25, 80, 53, 1433, 8080], udpPortList=[53, 69, 139, 1025] ): """ :param exec_method: The exec_method used to execute commands on the remote host :param forceReRun: If forceReRun is True, the extrusion scanner won't fetch the results from the KB """ self._exec_method = exec_method self._forceReRun = forceReRun self._tcp_port_list = tcpPortList self._udp_port_list = udpPortList os = os_detection_exec(exec_method) if os == "windows": self._transferHandler = EchoWindows(exec_method, os) elif os == "linux": self._transferHandler = EchoLinux(exec_method, os)
def __init__(self, exec_method, forceReRun=False, tcpPortList=[25, 80, 53, 1433, 8080], udpPortList=[53, 69, 139, 1025]): ''' :param exec_method: The exec_method used to execute commands on the remote host :param forceReRun: If forceReRun is True, the extrusion scanner won't fetch the results from the KB ''' self._exec_method = exec_method self._forceReRun = forceReRun self._tcp_port_list = tcpPortList self._udp_port_list = udpPortList os = os_detection_exec(exec_method) if os == 'windows': self._transferHandler = EchoWindows(exec_method, os) elif os == 'linux': self._transferHandler = EchoLinux(exec_method, os)
def test_os_detection_exec_windows(self): exec_method = MagicMock( side_effect=['Command not found', 'Command not found', '[fonts]', 'ECHO']) os = os_detection_exec(exec_method) self.assertEqual(os, 'windows')
def test_os_detection_exec_linux(self): exec_method = commands.getoutput os = os_detection_exec(exec_method) self.assertEqual(os, 'linux')
def test_os_detection_exec_windows(self): exec_method = MagicMock(side_effect=[ 'Command not found', 'Command not found', '[fonts]', 'ECHO' ]) os = os_detection_exec(exec_method) self.assertEqual(os, 'windows')
def test_os_detection_exec_linux(self): exec_method = commands.getoutput os = os_detection_exec(exec_method) self.assertEqual(os, 'linux')